The US Is Considering a TP-Link Router Ban—Should You Worry?

Several government departments are investigating TP-Link routers over Chinese cyberattack fears, but the company denies links.

Poker Cheaters Allegedly Use Tiny Hidden Cameras to Spot Dealt Cards

Several recent schemes were uncovered involving poker players at casinos allegedly using miniature cameras, concealed in personal electronics, to spot cards. Should players everywhere be concerned?

Emergency Vehicle Lights Can Screw Up a Car's Automated Driving System

Newly published research finds that the flashing lights on police cruisers and ambulances can cause “digital epileptic seizures” in image-based automated driving systems, potentially risking wrecks.

These Guys Hacked AirPods to Give Their Grandmas Hearing Aids

Three technologists in India used a homemade Faraday cage and a microwave oven to get around Apple’s location blocks.

How to Protect Your Smartphone from SIM Swapping

You consider yourself a responsible person when it comes to taking care of your physical possessions. You’ve never left your wallet in a taxi or lost an expensive ring down the drain. You never let your smartphone out of your sight, yet one day you notice it’s acting oddly.  

Did you know that your device can fall into cybercriminals’ hands without ever leaving yours? SIM swapping is a method that allows criminals to take control of your smartphone and break into your online accounts. 

Don’t worry: there are a few easy steps you can take to safeguard your smartphone from prying eyes and get back to using your devices confidently. 

What Is a SIM Card? 

First off, what exactly is a SIM card? SIM stands for subscriber identity module, and it is a memory chip that makes your phone truly yours. It stores your phone plan and phone number, as well as all your photos, texts, contacts, and apps. In most cases, you can pop your SIM card out of an old phone and into a new one to transfer your photos, apps, etc. 

What Is SIM Swapping? 

Unlike what the name suggests, SIM swapping doesn’t require a cybercriminal to get access to your physical phone and steal your SIM card. SIM swapping can happen remotely. A hacker, with a few important details about your life in hand, can answer security questions correctly, impersonate you, and convince your mobile carrier to reassign your phone number to a new SIM card. At that point, the criminal can get access to your phone’s data and start changing your account passwords to lock you out of your online banking profile, email, and more. 

SIM swapping was especially relevant right after the AT&T data leak. Cybercriminals stole millions of phone numbers and the users’ associated personal details. They could later use these details to SIM swap, allowing them to receive users’ text or email two-factor authentication codes and gain access to their personal accounts. 

How Can You Tell If You’ve Been SIM Swapped? 

The most glaring sign that your phone number was reassigned to a new SIM card is that your current phone no longer connects to the cell network. That means you won’t be able to make calls, send texts, or surf the internet when you’re not connected to Wi-Fi. Since most people use their smartphones every day, you’ll likely find out quickly that your phone isn’t functioning as it should.  

Additionally, when a SIM card is no longer active, the carrier will often send a notification text. If you receive one of these texts but didn’t deactivate your SIM card, use someone else’s phone or landline to contact your wireless provider. 

How to Prevent SIM Swapping 

Check out these tips to keep your device and personal information safe from SIM swapping.  

1. Set up two-factor authentication using authentication apps. Two-factor authentication is always a great idea; however, in the case of SIM swapping, the most secure way to access authentication codes is through authentication apps, versus emailed or texted codes. It’s also a great idea to add additional security measures to authentication apps, such as protecting them with a PIN code, fingerprint, or face ID. Choose pin codes that are not associated with birthdays, anniversaries, or addresses. Opt for a random assortment of numbers.  
2. Watch out for phishing attempts. Cybercriminals often gain fodder for their identity-thieving attempts through phishing. Phishing is a method cybercriminals use to fish for sensitive personal information that they can use to impersonate you or gain access to your financial accounts. Phishing emails, texts, and phone calls often use fear, excitement, or urgency to trick people into giving up valuable details, such as social security numbers, birthdays, passwords, and PINs. Be wary of messages from people and organizations you don’t know. Even if the sender looks familiar, there could be typos in the sender’s name, logo, and throughout the message that are a good tipoff that you should delete the message immediately. Never click on links in suspicious messages. 
3. Use a password manager. Your internet browser likely asks you if you’d like the sites you visit to remember your password. Always say no! While password best practices can make it difficult to remember all your unique, long, and complex passwords and passphrases, do not set up autofill as a shortcut. Instead, entrust your passwords and phrases to a secure password manager, which is included in McAfee+. A secure password manager makes it so you only have to remember one password. The rest of them are encrypted and protected by two-factor authentication. A password manager makes it very difficult for a cybercriminal to gain entry to your accounts, thus keeping them safe. 

Boost Your Smartphone Confidence 

With just a few simple steps, you can feel better about the security of your smartphone, cellphone number, and online accounts. If you’d like extra peace of mind, consider signing up for an identity theft protection service like McAfee+. McAfee, on average, detects suspicious activity ten months earlier than similar monitoring services. Time is of the essence in cases of SIM swapping and other identity theft schemes. An identity protection partner can restore your confidence in your online activities. 

 

The post How to Protect Your Smartphone from SIM Swapping appeared first on McAfee Blog.

How to Spot Dating Scams

For years now, the popularity of online dating has been on the rise—and so have the number of online romance scams that leave people with broken hearts and empty wallets.

In a recent CBS News story, one Texan woman was scammed out of $3,200 by a scammer claiming to be a German Cardiologist.  After months of exchanging messages and claiming to be in love with her, he said that he’d been robbed while on a business trip in Nigeria and needed her help.

According to the U.S. Federal Trade Commission (FTC), the reported cost of online romance scams was $1.14 billion in 2023. 

How do online dating and romance scams get started? 

Dating and romance scams aren’t limited to online dating apps and sites, they’ll happen on social media and in online games as well. However, the FTC reports that the scam usually starts the same way, typically through an unexpected friend request or a message that comes out of the blue. 

With that initial introduction made, a chat begins, and a friendship (or more) blossoms from there. Along the way, the scammer will often rely on a mix of somewhat exotic yet believable storytelling to lure the victim in, often involving their job and where they’re working. Reports say that scammers will talk of being workers on an offshore oil rig, members of the military stationed overseas, doctors working with an international organization or working in the sort of jobs that would prevent them from otherwise easily meeting up in person. 

With the phony relationship established, the scammer starts asking for money. The FTC reports that they’ll ask for money for several bogus reasons, usually revolving around some sort of hardship where they need a “little help” so that they can pay: 

• For a plane ticket or other travel expenses. 
• For medical expenses. 
• Customs fees to retrieve something. 
• Gambling debts. 
• A visa or other official travel documents. 

The list goes on, yet that’s the general gist. Scammers often employ a story with an intriguing complication that seems just reasonable enough, one where the romance scammer makes it sound like they could really use the victim’s financial help. 

Common types of online dating scams 

People who have filed fraud reports say they’ve paid their scammer in a few typical ways.  

One is by wiring money, often through a wire transfer company. The benefit of this route, for the scammer anyway, is that this is as good as forking over cash. Once it’s gone, it’s gone. The victim lacks the protections they have with other payment forms, such as a credit card that allows the holder to cancel or contest a charge. 

Another way is through gift cards. Scammers of all stripes, not just romance scammers, like these because they effectively work like cash, whether it’s a gift card for a major online retailer or a chain of brick-and-mortar stores. Like a wire transfer, once that gift card is handed over, the money on it is highly difficult to recover, if at all. 

One more common payment is through reloadable debit cards. A scammer may make an initial request for such a card and then make several follow-on requests to load it up again.  

In all, a romance scammer will typically look for the easiest payment method that’s the most difficult to contest or reimburse, leaving the victim in a financial lurch once the scam ends. 

How Do You Avoid Getting Tangled Up in an Online Dating or Romance Scam? 

When it comes to meeting new people online, the FTC suggests the following: 

• Never send money or gifts to someone you haven’t met in person—even if they send you money first. 
• Talk to someone you trust about this new love interest. It can be easy to miss things that don’t add up. So pay attention if your friends or family are concerned. 
• Take the relationship slowly. Ask questions and look for inconsistent answers. 
• Try a reverse-image search of any profile pictures the person uses. If they’re associated with another name or with details that don’t match up, it’s a scam. 

Scammers, although arguably heartless, are still human. They make mistakes. The stories they concoct are just that. Stories. They may jumble their details, get their times and dates all wrong, or simply get caught in an apparent lie. Also, keep in mind that some scammers may be working with several victims at once, which is yet another opportunity for them to get confused and slip up. 

Protecting Yourself Further From Scams on Your Social Media Accounts 

As mentioned above, some romance scammers troll social media and reach out through direct messages or friend requests. With that, there are three things you can do to cut down your chances of getting caught up with a scammer: 

1. Go private

Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy and give a romance scammer less information to exploit. 

2. Say “no” to strangers bearing friend requests

Be critical of the invitations you receive. Out-and-out strangers could be more than a romance scammer, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q4 of 2023 alone, Facebook took action on 693 million fake accounts. Reject such requests. 

3. Protect yourself and your devices

Online protection software like ours can help you spot fakes and scams. Features like Text Scam Detector use advanced AI to detect scam links in texts, email, and social media messages before you click. Our Personal Data Cleanup can keep you safer still by removing your personal info from sketchy data broker sites — places where scammers go to harvest useful info on their victims. And if the unfortunate happens, we offer $2 million in identity theft coverage and identity restoration support.​

Put an End to it 

If you suspect that you’re being scammed, put an end to the relationship and report it, as difficult as that may feel. 

Notify the FTC at ReportFraud.ftc.gov for support and next steps to help you recover financially as much as possible. Likewise, notify the social media site, app, or service where the scam occurred as well. In some cases, you may want to file a police report, which we cover in our broader article on identity theft and fraud.  

If you sent funds via a gift card, the FTC suggests filing a claim with the company as soon as possible. They offer further advice on filing a claim here, along with a list of contact numbers for gift card brands that scammers commonly use.  

Lastly, go easy on yourself. If you find yourself a victim of online dating or romance fraud, know that you won’t be the first or last person to be taken advantage of this way. By reporting your case, you in fact may help others from falling victim too. 

The post How to Spot Dating Scams appeared first on McAfee Blog.

Recover from Ransomware in 5 Minutes—We will Teach You How!

Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible. The most valuable thing about CDP is that it does not use

Detecting Windows-based Malware Through Better Visibility

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk. But if that wasn’t enough – North Korea appears to be using revenue from cyber

3 Things CISOs Achieve with Cato

Being a CISO is a balancing act: ensuring organizations are secure without compromising users’ productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud platform to balance these factors without compromise. This article details how CISOs are

Demystifying a Common Cybersecurity Myth

One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the

From Alert to Action: How to Speed Up Your SOC Investigations

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do so. Let's find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.

Applying the Tyson Principle to Cybersecurity: Why Attack Simulation is Key to Avoiding a KO

Picture a cybersecurity landscape where defenses are impenetrable, and threats are nothing more than mere disturbances deflected by a strong shield. Sadly, this image of fortitude remains a pipe dream despite its comforting nature. In the security world, preparedness is not just a luxury but a necessity. In this context, Mike Tyson's famous adage, "Everyone has a plan until they get punched in

Are We Ready to Give Up on Security Awareness Training?

Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in insecure behaviors at the workplace. Besides, social engineering remains one of the most prevalent attacks

Reimagining Network Pentesting With Automation

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in

Reimagining Network Pentesting With Automation

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a quick guide on network penetration testing, explaining what it is, debunking common myths and reimagining its role in

Discover Why Proactive Web Security Outsmarts Traditional Antivirus Solutions

In a rapidly evolving digital landscape, it's crucial to reevaluate how we secure web environments. Traditional antivirus-approach solutions have their merits, but they're reactive. A new report delves into the reasons for embracing proactive web security solutions, ensuring you stay ahead of emerging threats.  To learn more, download the full report here. The New Paradigm If you’ve

How Hackers Phish for Your Users' Credentials and Sell Them

Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization’s entire network at risk. According to the 2023 Verizon Data Breach Investigation Report, external parties were responsible for 83 percent of breaches that occurred between November 2021 and October 2022.&

6 Steps to Accelerate Cybersecurity Incident Response

Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security teams must be able to stop threats and restore normal operations as quickly as possible. That’s why it’s essential that these teams not only have the right tools but also understand how to effectively

Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware

The popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for "WhatsApp web" on search engines. "The

Parent’s Guide: 8 Ways to Help Your Teen Combat Distracted Driving

Read this statement, then read it again: Just five distracted seconds at 55 mph is equivalent to driving the length of a football field with your eyes closed. This alarming truth from the National Highway Traffic Safety Administration (NHTSA), highlights the need for parents to address the issue of distracted driving with their teens.  

Additional distracted driving statistics are mind-blowing. According to the NHSTA, 77 percent of drivers admitted to using their phones while driving, 74 percent used their map app, 56 percent read emails or texts, 27 percent updated or checked their social media accounts, and shockingly, 19 percent of drivers—equivalent to one in five—engaged in online shopping while driving. 

In the United States, distracted driving has become a leading cause of fatal crashes, accounting for 25 to 30 percent of all fatal crashes. Furthermore, overall highway fatalities have increased by 22 percent, as reported recently by The Los Angeles Times, which attributed this rise to the allure of technology turning our cars into “candy stores of distraction.” 

Passenger/Peer Distractions 

While technology plays a significant role in distracted driving, other everyday choices and factors can also contribute to accidents. Eating while driving, managing a lively pet in the car, navigating unfamiliar streets, and even talking with peer passengers can distract young drivers. Studies have shown that crash risk doubles when teens drive with one peer passenger and quadruples with three or more teen passengers.  

In the throes of summer, it’s a great time for parents to have a conversation with their teen drivers about the dangers of distracted driving and texting while driving. Here are some important topics to discuss and tips to help keep your kids safe on the road: 

Safe Driving Tips for Teens 

1. Put the phone away: Encourage every family member, including parents, to put their phones out of reach while driving. Setting this example will demonstrate the importance of focusing on the road and minimizing distractions. 
2. Lead by example: Parents are the most influential role models for young drivers. Turn off phone notifications, stow your phone away, and prioritize safe driving habits. Your actions speak louder than words, so make sure to set clear guidelines and follow them consistently.  
3. No selfies or videos: Everyone’s crazy for TikTok videos and Insta reels, which is why this point is so important. Discuss the risks of taking selfies or recording videos while driving. Encourage your teen to resist the urge to engage in any social posting or activities that may distract them from driving. This also applies to passengers who might distract the driver. 
4. Establish clear rules: Every family is unique, so establish clear rules that make sense for your family regarding device use and driving. Discuss expectations and consequences, such as losing phone or car privileges, if the rules are broken. 
5. Use tech to limit tech: Consider utilizing apps or devices that monitor your teen’s driving behavior. These tools can track speed, location, hard braking, and sudden acceleration. Using these tools together allows you to address concerns and areas for improvement. Most smartphones offer built-in Drive Safe modes, and there are also apps available that block incoming texts or track phone activity. Some parents have even opted for dash cams to for monitoring teen driving behavior. McAfee’s Parental Controls, McAfee+ Ultimate allows you view your kids’ device activity, locate them on a live map, and receive automated notifications when they enter or leave familiar places. Tracking can also help parents avoid calling while kids are driving.  
6. Be proactive: Engage your teen in conversations about real-life driving scenarios, such as dealing with aggressive or angry drivers, navigating dicey weather conditions, or handling peer pressure while in a vehicle. Help them understand the risks involved and some appropriate responses in different situations. 
7. Keep on talking: Communication is crucial. Regularly discuss safe driving habits with your teen and maintain an open line of communication about their driving experiences. By building trust, you can make a significant impact on their driving behavior. 
8. Speak up as a passenger: Teach your teen how to advocate for safe driving when they are passengers in other vehicles. Encourage them to ask friends (or any age of driver—even a parent) to put away their devices while driving. Helping them find their voice in these situations can save lives. 

Remember, developing good (or better) habits takes time, effort, consistency, and parental involvement in teen driving. Preventing distracted driving with positive behavior change won’t happen overnight. Repeat yourself when it comes to road safety without apologies. Giving your child rules and expectations demonstrates love. By making some of these shifts, hopefully, you will worry less, raise wiser drivers, and improve safety for everyone on the roads.   

The post Parent’s Guide: 8 Ways to Help Your Teen Combat Distracted Driving appeared first on McAfee Blog.

S3 Ep114: Preventing cyberthreats – stop them before they stop you! [Audio + Text]

Join world-renowned expert Fraser Howard, Director of Research at SophosLabs, for this fascinating episode on how to fight cybercrime.

Pwn2Own Toronto: 54 hacks, 63 new bugs, $1 million in bounties

That's a mean average of $15,710 per bug... and 63 fewer bugs out there for crooks and rogues to find.

Interested in cybersecurity? Join us for Security SOS Week 2022!

Four one-on-one interviews with experts who are passionate about sharing their expertise with the community.

Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (Part 1)

Welcome to the new normal. We’re all now living in a post-COVID-19 world characterized by uncertainty, mass home working and remote learning. The lines demarcating normal life have shifted abruptly – perhaps never to return. That’s not the worst that can happen, as we all know, but it does mean we all need to get used to new ways of living, working and studying from home. This has major implications for the online safety, security and privacy of our families.

To help you adapt to these new conditions while protecting what matters most, Trend Micro has developed a two-part blog series on “The New Normal.” Part 1 identifies the scope and specific cyber-threats of the new normal. Part 2 provides security tips and products to help address those threats.

What’s going on?

In April, nearly 300 million Americans were estimated to be in government-mandated lockdown. Even as some businesses, municipalities and states begin to relax these rules, experts have warned of subsequent waves of the virus, which could result in new localized lockdowns. In short, a lot of people will continue to work from home, while their children, also at home, attempt to study remotely from their mobile devices.

This has considerable implications for how we spend our time. Without that morning commute to work or school, more of it than ever will involve sitting in front of a desktop, laptop, tablet or smartphone screen. Even the smart TV is enlisted. Dangers include

Use of potentially insecure video conferencing applications. The number of daily meeting participants on Zoom surged from 10 million in December 2019 to roughly 200 million in March. Visits to P2P/torrent sites or platforms for adult content. In search of entertainment, bored kids or teens in your household may have more time and inclination to do this. Downloads of potentially malicious applications disguised as legitimate entertainment or gaming content. More online shopping and banking. June alone generated $73.2 billion in online spend, up 76.2% year-on-year. Whenever you shop or bank online, financial data is potentially exposed. Use of potentially insecure remote learning platforms. Educational mobile app downloads increased by a massive 1087% between March 2 and 16. The trend continues. Logging on to corporate cloud-based services. This includes Office 365, to do your job remotely, or using a VPN to connect directly into the office. For recreation, streaming and browsing on your smart TV. But even your smart TV is vulnerable to threats, as the FBI has warned.

Risky behavior

Unfortunately, the increase in working from home (WFH), especially for those not used to it, may lead to an increase in risky behavior, such as: using non-approved apps for work; visiting non work-related sites on work devices; and using personal devices to access work resources. Recent global Trend Micro research found that:

	80% have used their work laptop for personal browsing, with only 36% fully restricting the sites they visit. 56% of employees have used a non-work app on a corporate device, and 66% have uploaded corporate data to it. 39% often or always access corporate data from a personal device. 8% admit to watching adult content on their work laptop, and 7% access the dark web.

This is not about restricting your freedom to visit the sites you want to visit while at home. It’s about reducing the risk of exposing corporate data and systems to possible malware.

What are the bad guys doing?

Unsurprisingly, there has also been a major uptick in the volume of cyber-threats targeting home users. With a captive audience to aim at, it’s a huge opportunity for cyber-criminals to steal your log-ins and personal data to sell to fraudsters, or even to steal corporate passwords and information for a potentially bigger pay-off. They are helped by the fact that many home workers may be more distracted than they usually would be at the office, especially if they have young children. Your kids may even share the same laptops or PCs as you, potentially visiting risky sites and/or downloading unapproved apps.

There’s also a chance that, unless you have a corporate machine at home, your personal computing equipment is less secure than the kit you had in the office. Add to that the fact that support from the IT department may be less forthcoming than usual, given that stretched teams are overwhelmed with requests, while themselves struggling to WFH. One recent report claimed that nearly half (47%) of IT security pros have been taken off some or all of their typical security tasks to support other IT-related jobs. In another, only 59% of respondents said they believe their cybersecurity team has the right tools and resources at home to perform their job effectively.

It’s time to step up and take security into your own hands. Stay on the lookout for the following threats.

Unsecured home routers and smart devices might be hijacked in more sophisticated attacks designed to steal data from corporate networks via the home worker. Phishing attacks spoofing well-known brands or using COVID-19 information/news as a lure. Google is blocking 18 million malicious pandemic-themed emails every day. The end goal may be to hijack your online consumer accounts (Netflix, banking, email, online shopping) or work accounts. Other phishing emails are designed to install data-stealing malware, ransomware and other threats. Attackers may target vulnerabilities in your home PCs and the apps you’re using (video conferencing etc) to gain remote access. Business Email Compromise (BEC) attackers may try to leverage the lack of internal communications between remote workers to impersonate senior execs via email, and trick finance team members into wiring corporate funds abroad. Kids exposing home networks and devices to malware on torrent sites, in mobile apps, on social media, and via phishing attacks potentially imitating remote learning/video conferencing platforms. Kids searching for adult/inappropriate content, and/or those that are bored and over-share on social media. Unicef has warned that millions of children are at increased of online harm as lockdown means they spend more of their days online. Mobile apps represent a potential source of malware, especially those found on unofficial app stores. There has also been a reported 51% rise in stalkerware – covert surveillance apps used by domestic abusers and stalkers to target victims. The pandemic has led to a surge in e-commerce fraud where consumers are tricked into buying non-existent products or counterfeit goods including medical items.

So what’s a remote worker/concerned parent to do to protect themselves and the family in the midst of the “new normal?”

Read Part 2 in this mini-series, which we’re publishing simultaneously with Part 1, where we share some best practice advice on how to keep your digital lives and work systems safe from online threats during lockdown—and where we provide tools to help you do just that.

The post Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (Part 1) appeared first on .

Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (Part 2)

The past few months have seen radical changes to our work and home life under the Coronavirus threat, upending norms and confining millions of American families within just four walls. In this context, it’s not surprising that more of us are spending an increasing portion of our lives online. But this brings with it some familiar cyber-risks. In Part 1 of this mini-series, we explained how cyber-criminals are looking to capitalize on these sweeping changes to society to further their own ends.

Now let’s take a look at what you can do to protect your family, your data, and access to your corporate accounts.

How you can stay safe online

The bad guys are laser-focused on stealing your personal data and log-ins and increasingly see the remote worker as an easy target for leapfrogging into corporate networks. That’s not to mention the potential internet safety risks inherent in bored kids spending more time in front of their screens. To respond, you’ll need to create an equally focused “home security plan” governed by sensible policies and best practices. Here are some of the key areas to consider.

Protect your smart home and router

Increasingly, unprotected smart home devices are being targeted by cyber-criminals to turn into botnets to attack others. They might also provide sophisticated attackers with a stepping-stone into your corporate systems, via the home network. The home router, with its known flaws, is (after the modem) the digital front door to the smart home and the basis for your networking, so it should be first in any security strategy. Consider the following when tackling home network security:

Regularly check for router firmware updates and apply as soon as they’re available. (If you’re using a home gateway (modem + router) firmware updates are done by your ISP, so you won’t have the option to do this.) Change factory default admin passwords and switch on two-factor authentication if available. Disable UPnP and any remote management features. Use WPA2 on your router for encrypted Wi-Fi. Pick passwords for access that aren’t easily guessed. Put the router in middle of house if possible, so the signal is not overly exposed to strangers outside. Likewise for extenders. Invest in security for the entire home network from a reputable provider like Trend Micro.

Secure your home office

Cyber-criminals are primed to take advantage of distracted home workers and potentially less secure PCs/devices. Secure this environment by doing the following:

Again, apply a home network security solution. This protects your work devices, while also protecting the devices you use for recreation. Apply any security updates to OS/software. Install/maintain endpoint security software on all machines/devices. Never use work laptops for personal use. Switch on 2FA for any work accounts. Use a VPN if applicable whenever connecting to the office. Stay alert to phishing/BEC attempts. Take advantage of any training courses to stay up-to-speed on the latest scams. Disable macros in Office files – these are often used by hackers to run malware.

Stay safe from phishing

Phishing is the number one tactic used by attackers to trick you into installing malware or handing over your log-ins. Emails, text messages, social media messages and more are spoofed to appear as if sent by a legitimate company or contact. In response:

Be cautious of any unsolicited emails/texts/messages even if they appear legitimate. Don’t click on any links/buttons in unsolicited messages, or download attachments. Check directly with the sender rather than clicking through links or buttons provided or entering any confidential details. Invest in cybersecurity tools from a trusted vendor like Trend Micro, to spot and block scam emails and malicious downloads/websites.

Use video conferencing safely

New videoconferencing platforms can introduce risk, especially if you’re not familiar with the default settings. Here’s how to stay safe when video conferencing:

Check first for end-to-end encryption. Only download videoconferencing apps from official iOS/Android stores and manufacturer websites. Get familiar with privacy settings. Switch off camera access if you don’t want to appear on-screen. Ensure you’re always on the latest software version. Never click on links/open attachments in messages from unknown contacts. Use a password manager to store long and strong log-ins, and switch on two-factor authentication (2FA) if available.

Stay safe shopping and banking

Next, protect your financial information and stay safe from e-commerce fraud by doing the following:

Install AV on all PCs and devices. Always use the latest browser versions and HTTPS sites. Never click through on sensational promos or ads on social media/in emails. Always visit the site directly. Always be cautious: if special offers seem too good to be true, they usually are. Use a secure browser, password manager, and 2FA in your online accounts. Use a VPN app on any device you use to shop or bank.

Think about online safety for kids

They may be under your roof for more hours of the day than usual, but your children are also likely to be spending more time online. That means you need to have a measured conversation with them about internet safety, backed up with parental controls. Consider the following:

Urge your kids to think before clicking, and before sharing on social media. Make sure you have installed anti-malware from a reputable vendor on all their devices. Look for security products that check/update their social media privacy settings. Discourage or block downloads from P2P sites. Set up parental controls to block inappropriate content and/or to regulate screen time and time on certain sites or with certain apps. Then set up admin protections, so they can’t change the settings. Share your concerns around sexting.

Mobile security best practices
Finally, sheltering at home has limits, particularly for restless kids. When they go to the store or out to the park, facemasks notwithstanding, they’re likely going to use their mobile devices, just as they’ll continue to do at home. Of course, you’re not exempt either from mobile threats. Ensure mobile security by

Sticking to the official Google Play and App Store marketplaces. Enforce this through smart settings on your children’s phones. Running anti-malware on your mobile device, from a reputable company like Trend Micro. Ensuring your family’s devices are using the latest OS version. Ensuring your family devices have remote lock and wipe feature switched on, in case they’re lost or stolen. Never brick or jailbreak the device, as this can expose it to security risks.

How Trend Micro can help

When it comes to protecting the home from security and privacy threats during lockdown, leave no stone unturned. Cyber-criminals will always look for the weak link in the chain and focus their efforts there. Network security is important, but it doesn’t replace the need for protection on each individual device. You’ll need to cover your router, network, smart devices, and all endpoints (PCs, laptops, mobiles and other devices). Here’s how Trend Micro can help:

Trend Micro Home Network Security

Trend Micro Home Network Security provides industry-leading protection against any threats to internet-connected devices in the home. The solution

Blocks dangerous file downloads during web browsing to stop ransomware, data theft, phishing, and other malware. Blocks remote access applications. Protects all smart devices, such as smart TVs, thermostats, security cameras, etc., that don’t have their own security solutions. Parental Controls and Guardian allow parents to track and restrict their children’s internet usage at home and on-the-go, which could free-up bandwidth for important conference calls.

Trend Micro Security (PC and Mac)

Trend Micro Security, available in various editions (led by Trend Micro Maximum Security), is Trend’s flagship endpoint security product for consumers. Available for both PCs and Macs, it features AI learning to stop advanced threats. Among a wide range of protections, it includes:

Web Threat Protection when browsing the internet, defending you against bad websites that can steal your data or download malicious files. Machine Learning, to protect you from new and unknown threats. Ransomware protection via Folder Shield, to stop unauthorized changes and back-up files encrypted by suspicious programs. Anti-phishing and anti-spam protection for Outlook clients, as well as Gmail and Outlook webmail on the PC, and Gmail webmail on the Mac. Privacy Scanner (for Facebook and Twitter), Social Networking Protection for protection against malicious links in social networks, Pay Guard for protecting your online banking and buying. Parental Controls to limit which software and websites you kids may use.

Trend Micro Mobile Security:

Trend Micro Mobile Security provides endpoint security for all your mobile devices, whether Android or iOS-based.

	Blocks dangerous websites and app downloads. Helps protects your privacy on Twitter and Facebook. Protects your kids’ devices. Guards against identity theft. Optimizes your device’s performance.

Additional Trend Micro Tools:

Network and endpoint security should be supplemented with tools that accomplish specific tasks, such as protecting your internet connections, your passwords, and your identity data. Trend Micro provides

Wi-Fi Protection/VPN Proxy One Mac | iOS. VPNs with an emphasis on web threat protection or privacy, respectively. The first is available on all four platforms; the second is targeted for Apple devices. Password Manager. Manages and encrypts your passwords, and automates your logins, while ensuring you use unique, strong passwords across all of your online accounts. ID Security. Tracks your credentials, particularly the ones you use for buying and banking, to see if breaches of any of your identity data have led to their sale on the Dark Web. Notifies you when it has, so you can take steps to protect it. Premium Services. Parents working from home are not expected to be IT or Security experts, so now’s the time to ensure professional help is around when you need it by signing up for one of Trend Micro’s premium service packages for help configuring, troubleshooting, optimizing, and disinfecting your devices if they get infected.

Maintaining your family’s security and privacy on all their devices during the coronavirus lockdown above all means changing your mindset, to take into account the mix of work and play in the household during the “new normal.” Use these tips and tools during lockdown and you’ll be well on your way to ensuring you and your family’s safety from malicious viruses—both digital and natural.

The post Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (Part 2) appeared first on .