How To Tell If Your Smartphone Has Been Hacked

It takes a bit of effort, but iPhones can wind up with viruses and malware. And that can indeed lead to all kinds of snooping. 

Whether through malware or a bad app, hackers can skim personal info while you browse, bank, and shop. They can also infect your phone with ransomware that locks up your personal info or that locks up the phone itself. 

Those are some worst-case scenarios. However, good for you and unfortunate hackers is the way iPhones run apps. It makes it tough for viruses and malware to get a toehold. Apple designed the iOS operating system to run apps in what’s called a “virtual environment.” This limits the access apps have to other apps, which helps prevent viruses and malware from spreading. 

Still, malware can end up on an iPhone in a couple of ways: 

The owner “jailbreaks” the iPhone

This practice gives people more control over their iPhones. By jailbreaking, they gain “root control” of the phone. With that, they can do things like remove pre-installed apps and download third-party apps from places other than the App Store. And that’s where the trouble can start.  

Jailbreaking removes several of those barriers that keep viruses and malware from spreading. Further, downloading apps outside of the App Store exposes the phone to viruses and malware. Apple doesn’t review the apps in those stores. That way, a hacker with malicious intent can post a bad app with relative ease. 

A malicious app sneaks into the App Store

Apple has a strict review policy before apps are approved for posting in the App Store. Per Apple, “Apple’s App Review team of over 500 experts evaluates every single app submission — from developers around the world — before any app ever reaches users. On average, the team reviews approximately 132,500 apps a week.”

However, bad actors find ways to sneak malware into the store. Sometimes they upload an app that’s initially innocent and then push malware to users as part of an update. Other times, they’ll embed malicious code such that it only triggers after it’s run in certain countries. They will also encrypt malicious code in the app that they submit, which can make it difficult for reviewers to sniff out.   

So, barring a jailbroken phone, the chances of getting a virus or malware on your iPhone remain low. Still, it can happen.  

How to know if your smartphone has been hacked

Because we spend so much time on our phones, it’s fairly easy to tell when something isn’t working quite like it is supposed to. While you can chalk up some strange behavior to technical issues, sometimes those issues are symptoms of an infection. Malware can eat up system resources or conflict with other apps on your phone, causing it to act in odd ways.  

Some possible signs that your device has been hacked include:  

Performance issues  

A slower device, webpages taking way too long to load, or a battery that never keeps a charge are all things that can be attributed to a device reaching its retirement. However, these things might also be signs that malware has compromised your phone.  

Your phone feels like it’s running hot

Malware running in the background of a device might burn extra computing power, causing your phone to feel hot and overheated. If your device is quick to heat up, it might be due to malicious activity.  

Mysterious calls, texts, or apps appear

If apps you haven’t downloaded suddenly appear on your screen, or if outgoing calls you don’t remember making pop up on your phone bill, that is a definite red flag and a potential sign that your device has been hacked.  

Changes or pop-ups crowd your screen  

Malware might also be the cause of odd or frequent pop-ups, as well as changes made to your home screen. If you are getting an influx of spammy ads or your app organization is suddenly out of order, there is a big possibility that your phone has been hacked.  

Three tips to prevent your phone from being hacked

To avoid the hassle of having a hacked phone in the first place, here are some tips that can help.  

1. Update your phone and its apps.

Promptly updating your phone and apps is a primary way to keep your device safer. Updates often fix bugs and vulnerabilities that hackers rely on to download malware for their attacks.  

2. Avoid downloading from third-party app stores.

Apple’s App Store has those protections in place that we mentioned before. That’s unlike those third-party sites, which might not have those same protections. Further, some purposely host malicious apps. Avoiding these sites altogether can prevent these apps from allowing hackers into your device.  

3. Don’t use a jailbroken phone.

As we’ve seen, jailbreaking a phone introduces all kinds of security issues. Your best bet as an everyday internet user is to rely on iOS and the protections that come with it. 

Has my iPhone been hacked? 

If you are worried that your device has been hacked, follow these steps: 

Completely power down your phone. Powering down and then giving your phone a fresh start can put a halt to any malicious activity. 

Remove any apps you didn’t download. From there, power down your phone and restart it as before. 

If you still have issues, wiping and restoring your phone is an option. Provided you have your photos, contacts, and other vital info backed up in the cloud, it’s a relatively straightforward process. A quick search online can show how to wipe and restore your model of phone.  

Check your accounts and credit for any unauthorized purchases. Several features in our McAfee+ plans can help. Identity Monitoring can alert you if your info winds up on the dark web. Our Credit Monitoring along with our transaction monitoring can also alert you of unusual activity across your accounts. 

Lastly, if you spot an issue, get some help from a pro. Our Identity Theft Coverage & Restoration service offers $2 million that covers travel, losses, and legal fees associated with identity theft. It also offers the services of a licensed recovery pro who can repair your credit and your identity in the wake of an attack. 

The last word: Does my iPhone need antivirus? 

On a non-jailbroken phone, no. You don’t need antivirus. Yet your phone should certainly get extra protection. Phones face far more threats than viruses and malware alone. 

Comprehensive online protection software like ours can keep you and your phone safer. It can: 

• Block sketchy links in texts, emails, and messages. 

• Block yet more sketchy links in search, while surfing, and on social media. 

• Protect your identity in the ways mentioned above by keeping tabs on your credit and accounts. 

• Protect your privacy by removing your personal info from shady data broker sites. 

• Make you more private still by locking down your privacy settings on social media. 

Those are only a handful of the many features that protect more than your phone. You’ll find yet more that protect you — namely, your identity and your privacy. 

So while iPhones don’t need antivirus, they certainly benefit from extra online protection. 

The post How To Tell If Your Smartphone Has Been Hacked appeared first on McAfee Blog.

How to Know If Your Phone Has Been Hacked

“My phone’s been hacked!” Words you probably don’t want to hear or say. Ever.  

Yes, a smartphone can get hacked just like any other device. And they make prize targets as well. Loaded as they are with personal and financial information, access to payment apps, files, photos, and contacts, bad actors have plenty to gain by tapping into your smartphone.   

How do bad actors pull it off? They have several attack vectors they can choose from.  

• They can hide malware in bogus apps that they post as free downloads in app stores. Spyware, ransomware, and adware are typical types of malware that get distributed this way. 
• They can also install it themselves by getting physical access to your phone.  
• Sometimes, bad actors along the smartphone supply chain have loaded malware onto entirely new smartphones so that they come with malware preinstalled, right out of the box.  
• And as always, phishing attacks by email, text, and other messaging apps remain popular as well. 

Today’s attackers have gotten cagier as well. It used to be that a hacked phone would run sluggishly or hot after it got infected by malware. The battery might have drained quickly as well. That was because the malware ate up system resources, created conflicts with other apps, and used your data or internet connection to pass along your personal information—all of which could make your smartphone feel a little off. That still might be the case with some mobile malware today, yet much of it works far more efficiently. The old telltale physical signs of a hacked phone might not present themselves at all. 

However, you can spot several indications that might indicate your phone has been hacked. 

How do I know if my phone has been hacked?  

A few examples follow. Note that these might be signs of a hacked phone, yet not always.  

• Popups suddenly appear on your phone: If you’re seeing more popup ads than usual or seeing them for the first time, it might be a sign that your phone has been hit with adware—a type of malicious app that hackers use to generate revenue by distributing ads without the consent of the user. Furthermore, those ads might be malicious in nature as well. They might take you to pages designed to steal personal information (which is a good reminder to never tap or click on them).   
• Mysterious apps, calls, or texts appear: A potential telltale sign that your phone has been hacked is the appearance of new apps that you didn’t download, along with spikes in data usage that you can’t account for. Likewise, if you see calls in your phone’s call log that you didn’t make, that’s a warning as well.  
• You run out of data or see unknown charges pop up: Big red flag here. This is a possible sign that a hacker has hijacked your phone and is using it to transfer data, make purchases, send messages, or make calls via your phone.  
• You have issues with your online accounts: Phones infected with spyware can skim account credentials and then transmit them to the hacker behind the attack. This could lead to credit and debit fraud. In some cases, hackers will hijack an account altogether by changing the password and locking out the original owner. If you spot unusual charges or can no longer log into your accounts with your password, a hacked phone might be the cause—among others.  

What do I do if my phone is hacked?  

Install and run online protection software on your smartphone if you haven’t already. From there, delete any apps you didn’t download, delete risky texts, and then run your mobile security software again.  

If you still have issues, wiping and restoring your phone is an option. Provided you have your photos, contacts, and other vital info backed up in the cloud, it’s a relatively straightforward process. A quick search online can show how to wipe and restore your model of phone.  

Lastly, check your accounts and your credit card statements to see if any unauthorized purchases have been made. If so, you can go through the process of freezing those accounts and getting new cards and credentials issued. Further, update your passwords for your accounts with a password that is strong and unique to prevent further theft.   

Tips to keep your phone from getting hacked   

To help keep your phone from getting hacked in the first place, there are a few relatively easy steps you can take. Inside of a few minutes, you can find yourself much safer than you were before.   

1. Use comprehensive security software on your phone. Over the years, we’ve gotten into the good habit of using this on our computers and laptops. Our phones? Not so much. Installing online protection software gives you the first line of defense against attacks, plus several of the additional security features mentioned below. 
2. Stay safer on the go with a VPN. One way that crooks can hack their way into your phone is via public Wi-Fi, such as at airports, hotels, and even libraries. These networks are public, meaning that your activities are exposed to others on the network—your banking, your password usage, all of it. One way to make a public network private is with a VPN, which can keep you and all you do protected from others on that Wi-Fi hotspot.  
3. Use a password manager. Strong, unique passwords offer another primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive online protection software like ours will include one.
4. Avoid public charging stations. Charging up at a public station seems so simple and safe. However, some hackers have been known to “juice jack” by installing malware into the charging station. While you “juice up,” they “jack” your passwords and personal info. So what to do about power on the road? You can look into a portable power pack that you can charge up ahead of time or run on AA batteries. They’re pretty inexpensive and can prevent malware from a public charging station.  
5. Keep your eyes on your phone. Preventing the actual theft of your phone is important too, as some hacks happen because a phone falls into the wrong hands. This is a good case for password or PIN protecting your phone, as well as turning on device tracking so that you can locate your phone or wipe it remotely if you need to. Apple provides iOS users with a step-by-step guide for remotely wiping devices, and Google offers up a guide for Android users as well.  
6. Stick with trusted app stores. Stick with legitimate apps stores like Google Play and Apple’s App Store, which have measures in place to review and vet apps to help ensure that they are safe and secure. And for the malicious apps that sneak past these processes, Google and Apple are quick to remove malicious apps when discovered, making their stores that much safer.
7. Keep an eye on app permissions. Another way hackers weasel their way into your device is by getting permissions to access things like your location, contacts, and photos—and they’ll use sketchy apps to do it. So check and see what permissions the app is asking for. If it’s asking for way more than you bargained for, like a simple game wanting access to your camera or microphone, it might be a scam. Delete the app and find a legitimate one that doesn’t ask for invasive permissions like that. If you’re curious about permissions for apps that are already on your phone, iPhone users can learn how to allow or revoke app permission here, and Android can do the same here.
8. Update your phone’s operating system. Together with installing security software is keeping your phone’s operating system up to date. Updates can fix vulnerabilities that hackers rely on to pull off their malware-based attacks—it’s another tried and true method of keeping yourself safe and your phone running great too.

The post How to Know If Your Phone Has Been Hacked appeared first on McAfee Blog.

AI & Your Family: The Wows and Potential Risks

When we come across the term Artificial Intelligence (AI), our mind often ventures into the realm of sci-fi movies like I, Robot, Matrix, and Ex Machina. We’ve always perceived AI as a futuristic concept, something that’s happening in a galaxy far, far away. However, AI is not only here in our present but has also been a part of our lives for several years in the form of various technological devices and applications.

In our day-to-day lives, we use AI in many instances without even realizing it. AI has permeated into our homes, our workplaces, and is at our fingertips through our smartphones. From cell phones with built-in smart assistants to home assistants that carry out voice commands, from social networks that determine what content we see to music apps that curate playlists based on our preferences, AI has its footprints everywhere. Therefore, it’s integral to not only embrace the wows of this impressive technology but also understand and discuss the potential risks associated with it.

→ Dig Deeper: Artificial Imposters—Cybercriminals Turn to AI Voice Cloning for a New Breed of Scam

AI in Daily Life: A Blend of Convenience and Intrusion

AI, a term that might sound intimidating to many, is not so when we understand it. It is essentially technology that can be programmed to achieve certain goals without assistance. In simple words, it’s a computer’s ability to predict, process data, evaluate it, and take necessary action. This smart way of performing tasks is being implemented in education, business, manufacturing, retail, transportation, and almost every other industry and cultural sector you can think of.

AI has been doing a lot of good too. For instance, Instagram, the second most popular social network, is now deploying AI technology to detect and combat cyberbullying in both comments and photos. No doubt, AI is having a significant impact on everyday life and is poised to metamorphose the future landscape. However, alongside its benefits, AI has brought forward a set of new challenges and risks. From self-driving cars malfunctioning to potential jobs lost to AI robots, from fake videos and images to privacy breaches, the concerns are real and need timely discussions and preventive measures.

Navigating the Wows and Risks of AI

AI has made it easier for people to face-swap within images and videos, leading to “deep fake” videos that appear remarkably realistic and often go viral. A desktop application called FakeApp allows users to seamlessly swap faces and share fake videos and images. While this displays the power of AI technology, it also brings to light the responsibility and critical thinking required when consuming and sharing online content.

→ Dig Deeper: The Future of Technology: AI, Deepfake, & Connected Devices

Yet another concern raised by AI is privacy breaches. The Cambridge Analytica/Facebook scandal of 2018, alleged to have used AI technology unethically to collect Facebook user data, serves as a reminder that our private (and public) information can be exploited for financial or political gain. Thus, it becomes crucial to discuss and take necessary steps like locking down privacy settings on social networks and being mindful of the information shared in the public feed, including reactions and comments on other content.

McAfee Pro Tip: Cybercriminals employ advanced methods to deceive individuals, propagating sensationalized fake news, creating deceptive catfish dating profiles, and orchestrating harmful impersonations. Recognizing sophisticated AI-generated content can pose a challenge, but certain indicators may signal that you’re encountering a dubious image or interacting with a perpetrator operating behind an AI-generated profile. Know the indicators. 

AI and Cybercrime

With the advent of AI, cybercrime has found a new ally. As per McAfee’s Threats Prediction Report, AI technology might enable hackers to bypass security measures on networks undetected. This can lead to data breaches, malware attacks, ransomware, and other criminal activities. Moreover, AI-generated phishing emails are scamming people into unknowingly handing over sensitive data.

→ Dig Deeper: How to Keep Your Data Safe From the Latest Phishing Scam

Bogus emails are becoming highly personalized and can trick intelligent users into clicking malicious links. Given the sophistication of these AI-related scams, it is vital to constantly remind ourselves and our families to be cautious with every click, even those from known sources. The need to be alert and informed cannot be overstressed, especially in times when AI and cybercrime often seem to be two sides of the same coin.

IoT Security Concerns in an AI-Powered World

As homes evolve to be smarter and synced with AI-powered Internet of Things (IoT) products, potential threats have proliferated. These threats are not limited to computers and smartphones but extend to AI-enabled devices such as voice-activated assistants. According to McAfee’s Threat Prediction Report, these IoT devices are particularly susceptible as points of entry for cybercriminals. Other devices at risk, as highlighted by security experts, include routers, and tablets.

This means we need to secure all our connected devices and home internet at its source – the network. Routers provided by your ISP (Internet Security Provider) are often less secure, so consider purchasing your own. As a primary step, ensure that all your devices are updated regularly. More importantly, change the default password on these devices and secure your primary network along with your guest network with strong passwords.

How to Discuss AI with Your Family

Having an open dialogue about AI and its implications is key to navigating through the intricacies of this technology. Parents need to have open discussions with kids about the positives and negatives of AI technology. When discussing fake videos and images, emphasize the importance of critical thinking before sharing any content online. Possibly, even introduce them to the desktop application FakeApp, which allows users to swap faces within images and videos seamlessly, leading to the production of deep fake photos and videos. These can appear remarkably realistic and often go viral.

Privacy is another critical area for discussion. After the Cambridge Analytica/Facebook scandal of 2018, the conversation about privacy breaches has become more significant. These incidents remind us how our private (and public) information can be misused for financial or political gain. Locking down privacy settings, being mindful of the information shared, and understanding the implications of reactions and comments are all topics worth discussing. 

Being Proactive Against AI-Enabled Cybercrime

Awareness and knowledge are the best tools against AI-enabled cybercrime. Making families understand that bogus emails can now be highly personalized and can trick even the most tech-savvy users into clicking malicious links is essential. AI can generate phishing emails, scamming people into handing over sensitive data. In this context, constant reminders to be cautious with every click, even those from known sources, are necessary.

→ Dig Deeper: Malicious Websites – The Web is a Dangerous Place

The advent of AI has also likely allowed hackers to bypass security measures on networks undetected, leading to data breaches, malware attacks, and ransomware. Therefore, being alert and informed is more than just a precaution – it is a vital safety measure in the digital age.

Final Thoughts

Artificial Intelligence has indeed woven itself into our everyday lives, making things more convenient, efficient, and connected. However, with these advancements come potential risks and challenges. From privacy breaches, and fake content, to AI-enabled cybercrime, the concerns are real and need our full attention. By understanding AI better, having open discussions, and taking appropriate security measures, we can leverage this technology’s immense potential without falling prey to its risks. In our AI-driven world, being informed, aware, and proactive is the key to staying safe and secure.

To safeguard and fortify your online identity, we strongly recommend that you delve into the extensive array of protective features offered by McAfee+. This comprehensive cybersecurity solution is designed to provide you with a robust defense against a wide spectrum of digital threats, ranging from malware and phishing attacks to data breaches and identity theft.

The post AI & Your Family: The Wows and Potential Risks appeared first on McAfee Blog.

How to Tell Whether a Website Is Safe or Unsafe

Something looks a little…sketchy. Is that website safe or unsafe?  

Nowadays, it can take a bit of work to tell. 

And that’s by design. Increasingly, hackers and scammers go to great pains when they create their malicious websites. They take extra steps to make their sites look legit, when in fact they’re anything but. Certainly, plenty of other hackers and scammers slap together malicious sites that still look a bit roughshod, which makes them easier to spot. 

So whether it’s a clever knockoff or a slapdash effort, unsafe websites of all kinds have several telltale signs you can spot. We’ll show you, and let’s start things off with what makes an unsafe website unsafe in the first place. 

What’s an unsafe website? 

Unsafe websites typically harbor one of two primary forms of attack—yet sometimes both: 

Malware: Hackers will use their sites to install malware on your device, often by tricking you into clicking or tapping on a download. They might tempt you with an offer, a prize, a show to stream—just about anything you might want to otherwise download. (Recently, we saw hackers installing malware on sites that offered to stream dubbed versions of the “Barbie” movie.) 

Phishing: Another classic attack. Phishing involves scammers who try to hoodwink you into providing account or financial information. Common ruses include links in emails, texts, and DMs that appear to be urgent messages from streaming services, banks, social media, and other accounts. Of course, those messages are phony.  

As a result, unsafe websites can lead to some not-so-good things. 

What can happen if you visit an unsafe website? 

On the malware side, attackers can install spyware and similar apps that siphon financial and personal information from your device while you’re using it. Other malware might steal files outright or maliciously delete them altogether. Ransomware remains a major concern today as well, where attackers hold devices and data hostage. And even if victims end up paying the ransom, they have no guarantee that the attacker will free their device or data. 

Phishing attacks often lead to financial headaches, sometimes large ones at that. It depends on the information scammers get their hands on. In some cases, the damage might lead to identity fraud and a few illicit charges on a debit or credit card. If scammers gather enough information, they can take that a step further and commit identity theft. That can include opening new credit or loans in your name. It could also give a scammer the info they need to get driver’s licenses or employment in your name.  

Above and beyond committing fraud or theft on their own, scammers might also sell stolen information to others on the dark web. 

Again, all not-so-good. Yet quite preventable. 

How to tell if a website is safe or unsafe

For some sites, it only takes one sign. For other sites, it takes a few signs—a series of red flags that warn you a site is unsafe. When you’re online, keep a sharp eye out for the following: 

The site uses HTTP rather than HTTPS

The “s” stands for “secure.” Specifically, it means that the website uses SSL (Secure Sockets Layer) that creates an encrypted link between a web server and a web browser. SSL helps prevent others from intercepting and reading your sensitive information as it’s transmitted, which is particularly important when you shop or bank online. Likewise, you can also look for a little lock symbol in the address bar of your web browser. That’s one more way you can spot a site that uses SSL. 

The site has a combination of typos and poor design

From spelling errors and grammatical mistakes, to stretched-out logos and cheap photography, some unsafe websites are designed poorly. Legitimate businesses pride themselves on error-free and professional-looking sites. If a website looks like it got cobbled together in a hurry or doesn’t seem to be well-designed, that’s usually a red flag. The site might be unsafe, created by attackers who don’t have strong attention to detail—or the creative capabilities to create a good-looking website in the first place. 

The web address looks altered or off

Plenty of unsafe sites are imposter sites. They’ll try to pass themselves off as a legitimate company, like the streaming services, banks, and so forth that we mentioned earlier—all to get a hold of your account information. With all these imposter sites in play, look at the site’s address. Scammers will gin up web addresses that are close to but different from legitimate sites, so close that you might miss it. If you’re uncertain about the address, leave the page. Also, note that many companies have web pages that provide lists of the official addresses that they use. Amazon provides an example, and we do the same here at McAfee. Reviewing these lists can help you spot an imposter site. 

The site says you have a security issue

A window or graphic pops up on your screen. The site you’re on says that it’s identified a security issue with your device. Or maybe it says that your system isn’t current. Either way, there’s a file the site wants you to download. “You can correct the issue with a click!” Don’t. It’s a classic trick. Instead of fixing your non-existent problem, the download will create one. Scammers use the security alert trick to install malware on the devices of unsuspecting victims. 

The site floods you with pop-ups or links to click

A screen full of links insisting you click ranks among the top signs of an unsafe site. So much so, it’s often the subject of sitcom bits. Needless to say, the attackers behind these sites want you to click for one of several reasons. It might be to get you to download malware. It might be to generate ad revenue with clicks. Or it might be to get you to click a link that redirects you to another malicious site. In all, if you encounter a site like this, close your browser. And then run a system scan with your online protection software. 

The site offers hard-to-get items at an outrageous discount

These unsafe sites sprout up around the holidays and gift-giving seasons. When stores run low on particularly popular or hot items, scammers will quickly launch sites that claim these items are in stock and ready to ship. Similarly, they might promote popular items at a deep discount. Of course, shopping at these sites will likely lead to one thing—a credit card charge and no item on your doorstep. Be wary when you see ads for stores in your social media feed, in search, and elsewhere. Stick with known, trusted retailers. (And for more on shopping safely online, give this article a quick read.) 

The site promises access to hot shows, movies, and sporting events

These sites bear similarities to malicious online shopping sites. When popular movies hit the big screen or major sporting events come around, so do scam sites that promise to stream them for free or at a low cost. Avoid them. Trusted streamers will only carry shows and events that they have the rights to. If you find an offer to stream something that’s heavily discounted, free, or not available on known media outlets, it’s likely a scam. At the very least, it might serve up pirated content, which could carry malware threats along with it. 

The site promotes prizes, coupons, or a quiz

Not every site that promotes some kind of giveaway or deal is a scam. Yet the ones that ask for personal or financial information likely are. Scammers prey on people’s love for saving money or even winning a buck or two. Enter the prize, coupon, and quiz sites. Malicious prize and coupon sites will often ask for credit or debit card information, often under the guise of a payout or a discount. Malicious quiz sites will likewise ask for all kinds of personal information, typically questions about the name of your pet, the first car you owned, or where you went to school. The questions share much in common with the security questions used by banks and credit card companies. Handing this information over could lead to a breached account. Give these sites a pass. 

Be extra confident—let online protection determine if that site is safe for you

Comprehensive online protection software like ours includes web protection that can spot malicious sites for you. It has further features that can prevent downloading malware by accident, not to mention strong antivirus protection if a hacker makes their way through to you. In all, it gives you extra confidence that wherever your travels take you online, you’re protected from sketchy and unsafe sites. 

However, another part of your best defense against unsafe websites is you. Knowing what the red flags are and the kinds of information hackers want to steal can help you avoid their attacks from the start.   

The post How to Tell Whether a Website Is Safe or Unsafe appeared first on McAfee Blog.