Login
Farewell, summer. Hello, back-to-school season! While the chill may not be in the air yet, parents may be feeling the slight shiver of unease as their kids, tweens, teens, and young adults return to school and become re-entangled with the technology they use for their education and budding social lives.
Before they hop on the bus or zoom off to college, alert your children to the following 10 online cybersecurity best practices to ensure a safe school year online.
It sounds obvious but impart the importance to your kids of keeping their eyes on their devices at all times. Lost cellphones and laptops are not only expensive to replace but you lose control of the valuable personally identifiable information (PII) they contain. Protect all devices with unique, hard-to-guess passwords. Even better, enable biometric passwords, such as fingerprint or face ID. These are the hardest passwords to crack and can keep the information inside lost or stolen devices safe.
Streaming services host the most buzzworthy shows. All their friends may be raving about the latest episodes of a zombie thriller or sci-fi visual masterpiece, but alas: Your family doesn’t have a subscription to the streaming service. Cash-conscious college students especially may attempt to save money on streaming by sharing passwords to various platforms. Alert your children to the dangers of doing so. Sharing a password with a trusted best friend might not seem like a cyberthreat, but if they share it with a friend who then shares it with someone else who may not be so trustworthy, you just handed the keys to a criminal to walk right in and help themselves to your PII stored on the streaming service’s dashboard.
Once the cybercriminal has your streaming service password, they may then attempt to use it to break into other sensitive online accounts. Criminals bank on people reusing the same passwords across various accounts. So, make sure that your children always keep their passwords to themselves and have unique passwords for every account. If they’re having a difficult time remembering dozens of passwords, sign them up for a password manager that can store passwords securely.
Walk down any city or suburban street, and you’re likely to see at least one Gen Zer filming themselves doing the latest dance trend or taking carefully posed pictures with their friends to share on social media. According to one survey, 76% of Gen Zers use Instagram and 71% are on social media for three hours or more every day.1 And while they’re on social media, your children are likely posting details about their day. Some details – like what they ate for breakfast – are innocent. But when kids start posting pictures or details about where they go to school, where they practice sports, and geotagging their home addresses, this opens them up to identity fraud or stalking.
Encourage your children to keep some personal details to themselves, especially their full names, full birthdates, address, and where they go to school. For their social media handles, suggest they go by a nickname and omit their birthyear. Also, it’s best practice to keep social media accounts set to private. If they have aspirations to become the internet’s next biggest influencer or video star, they can create a public account that’s sparse on the personal details.
Cyberbullying is a major concern for school-age children and their parents. According to McAfee’s “Life Behind the Screens of Parents, Tweens, and Teens,” 57% of parents worry about cyberbullying and 47% of children are similarly uneasy about it. Globally, children as young as 10 years old have experienced cyberbullying.
Remind your children that they should report any online interaction that makes them uncomfortable to an adult, whether that’s a teacher, a guidance counsellor, or a family member. Breaks from social media platforms are healthy, so consider having the whole family join in on a family-wide social media vacation. Instead of everyone scrolling on their phones on a weeknight, replace that time with a game night instead.
ChatGPT is all the rage, and procrastinators are rejoicing. Now, instead of spending hours writing essays, students can ask artificial intelligence to compose it for them. ChatGPT is just the latest tool corner-cutters are adding to their toolbelt. Now that most kids, tweens, and teens have cellphones in their pockets, that means they also basically have cheating devices under their desks.
To deter cheating, parents should consider lessening the pressure upon their kids to receive a good grade at any cost. School is all about learning, and the more a student cheats, the less they learn. Lessons often build off previous units, so if a student cheats on one test, future learning is built upon a shaky foundation of previous knowledge. Also, students should be careful about using AI as a background research tool, as it isn’t always accurate.
Phishing happens to just about everyone with an email address, social media account, or mobile phone. Cybercriminals impersonate businesses, authority figures, or people in dire straits to gain financially from unsuspecting targets. While an adult who carefully reads their online correspondences can often pick out a phisher from a legitimate sender, tweens and teens who rush through messages and don’t notice the tell-tale signs could fall for a phisher and give up their valuable PII.
Pass these rules onto your students to help them avoid falling for phishing scams:
Social engineering is similar to phishing in that it is a scheme where a cybercriminal ekes valuable PII from people on social media and uses it to impersonate them elsewhere or gain financially. Social engineers peruse public profiles and create scams targeted specifically to their target’s interests and background. For instance, if they see a person loves their dog, the criminal may fabricate a dog rescue fundraiser to steal their credit card information.
It’s important to alert your children (and remind your college-age young adults) to be on the lookout for people online who do not have pure intentions. It’s safest to deal with any stranger online with a hefty dose of skepticism. If their heartstrings are truly tugged by a story they see online, they should consider researching and donating their money or time to a well-known organization that does similar work.
With an election on the horizon, there will probably be an uptick in false new reports. Fake news spreaders are likely to employ AI art, deepfake, and ChatGPT-written “news” articles to support their sensationalist claims. Alert your students – especially teens and young adults who may be interested in politics – to be on the lookout for fake news. Impart the importance of not sharing fake news with their online followings, even if they’re poking fun at how ridiculous the report is. All it takes is for one person to believe it, spread it to their network, and the fake news proponents slowly gather their own following. Fake news turns dangerous when it incites a mob mentality.
To identify fake news, first, read the report. Does it sound completely outlandish? Are the accompanying images hard to believe? Then, see if any other news outlet has reported a similar story. Genuine news is rarely isolated to one outlet.
Parents with students who have a budding interest in current events should share a few vetted online news sources that are well-established and revered for their trustworthiness.
In a quest for free shows, movies, video games, and knockoff software, students are likely to land on at least one risky website. Downloading free media onto a device from a risky site can turn costly very quickly, as malware often lurks on files. Once the malware infects a device, it can hijack the device’s computing power for the cybercriminal’s other endeavors or the malware could log keystrokes and steal passwords and other sensitive information.
With the threat of malware swirling, it’s key to share safe downloading best practices with your student. A safe browsing extension, like McAfee Web Advisor, alerts you when you’re entering a risky site where malware and other shifty online schemes may be hiding.
Dorms, university libraries, campus cafes, and class buildings all likely have their own Wi-Fi networks. While school networks may include some protection from outside cybercriminals, networks that you share with hundreds or thousands of people are susceptible to digital eavesdropping.
To protect connected devices and the important information they house, connect to a virtual private network (VPN) whenever you’re not 100% certain of a Wi-Fi’s safety. VPNs are quick and easy to connect to, and they don’t slow down your device.
Dealing with technology is an issue that parents have always faced. While it used to be as simple as limiting TV time, they now deal with monitoring many forms of technology. From eyes glued to smartphones all day to hours spent playing video games, kids are immersed in technology.
Safe technology use doesn’t come as second nature — it needs to be taught. As a parent, the issues of when to get your child a phone, too much screen time and online harassment are top of mind. To address these concerns, it’s important to set boundaries and teach safe technology use. One way to do this is by creating a family media agreement or contract.
Family device agreements help teach proper technology use and set expectations. They allow you to start an open conversation with your kids and encourage them to be part of the decision making. By creating a family device agreement, your kids will know their boundaries and have concrete consequences for breaking them.
In today’s parenting, you may want to consider creating a McAfee Family Device Agreement. The most important thing is to have an agreement that is suitable for your kids’ ages and maturity and one that works for your family’s schedule. There’s no point making your kids sign an agreement that limits their time on Instagram when they’re probably quite happy visiting only the online sites that you have ‘bookmarked’ for them.
While diligence and good cyber habits can lessen the impact of many of these 10 threats, a cybersecurity protection service gives parents and their students valuable peace of mind that their devices and online privacy are safe. McAfee+ Ultimate Family Plan is the all-in-one device, privacy, and identity protection service that allows the whole family to live confidently online.
1Morning Consult, “Gen Z Is Extremely Online”
The post 10 Back-to-School Tech Tips for Kids, Teens and College Students appeared first on McAfee Blog.
The first of August marks the celebration of World Wide Web Day – a day dedicated to the global network that powers our online activity, creating a wealth of knowledge at our fingertips. The World Wide Web (WWW) has revolutionized the way we communicate, learn, and explore, becoming an integral part of our daily lives. With the importance of the internet only growing stronger, it’s only fitting to honor the World Wide Web with a special day of commemoration. But with the internet comes risks, and it’s important to make sure your family is protected from potential threats. Here are some tips and tricks to keep your family safe online.
Phishing scams are a type of fraud that involves sending emails or other messages that appear to be from a legitimate source. The goal of these messages is to trick users into providing personal information such as passwords, credit card numbers, and bank account details. To protect against phishing scams, teach your family to:
Identity theft is a crime in which someone uses another person’s personal information to commit fraud or other crimes. Teach your family to protect against identity theft by:
A virtual private network (VPN) is a type of technology that provides a secure connection to a private network over the internet. A VPN can help protect your family’s online activity by encrypting the data and hiding your online activity from others. To ensure your family’s online safety, teach them to:
Strong passwords are an important part of online security. Teach your family to create strong passwords and to never share them with anyone. Additionally, use a password manager to store and manage your family’s passwords. A password manager can help by:
To conclude, celebrations on World Wide Web Day allow us to give thanks for the incredible world of knowledge, commerce, entertainment, communication, and innovation that the internet has provided, and continues to provide for us all. By following these tips and tricks, your family can stay safe online and enjoy all the benefits of the internet. Happy World Wide Web Day!
The WWW has enabled us to achieve so many things that were simply impossible before. From the ability to catch up with friends and family across the globe to finding information about virtually any topic, the power of the internet is remarkable. In fact, the World Wide Web has significantly enriched our lives in countless ways.
Did you know that the first-ever image posted on the World Wide Web was a photo of Les Horribles Cernettes, a parody pop band founded by employees at CERN? It was uploaded in 1992 by Sir Tim Berners-Lee, who used a NeXT computer as the first-ever web server. And although we use the term “surfing the net” regularly, do you know who actually coined the phrase? A librarian by the name of Jean Armour Polly wrote an article titled “Surfing the Internet” in the Wilson Library Bulletin at the University of Minnesota in 1992.
There are many other remarkable facts about the World Wide Web, including its growth over the years. By the start of the year 1993, there were only 50 servers worldwide, but that number had grown to over 500 by October of the same year. Advances in data compression enabled media streaming to happen over the web, which was previously impractical due to high bandwidth requirements for uncompressed media. Although the number of websites online was still small in comparison to today’s figure, notable sites such as Yahoo! Directory and Yahoo! Search were launched in 1994 and 1995, respectively, marking the beginning of web commerce.
On World Wide Web Day, you can celebrate by exploring the capabilities of the internet and discovering how it has changed over the years. Many organizations worldwide host events featuring conversations and interviews with technology leaders, entrepreneurs, and creators. There are also different talks, activities, and discussions online that you can join, allowing you to delve deeper into the history and potential of the World Wide Web. You could even consider running an event at your local business to market the day and celebrate what WWW has done for us all!
The post World Wide Web Day: How to Protect Your Family Online appeared first on McAfee Blog.
With the number of cyber threats and breaches dominating the headlines, it can seem like a Herculean task to cover all your cybersecurity bases. We’re aware that there are ten sections on this cybersecurity awareness checklist, but it won’t take hours and hours to tick every box. In fact, some of these areas only require you to check a box on your device or invest in the cybersecurity tools that will handle the rest for you. Also, you may already be doing some of these things!
It’s easy to be cyber smart. Here are the cybersecurity awareness basics to instantly boost your safety and confidence in your online presence.
Software update notifications always seem to ping on the outskirts of your desktop and mobile device at the most inconvenient times. What’s more inconvenient though is having your device hacked. One easy tip to improve your cybersecurity is to update your device software whenever upgrades are available. Most software updates include security patches that smart teams have created to foil cybercriminals. The more outdated your apps or operating system is, the more time criminals have had to work out ways to infiltrate them.
Enabling automatic updates on all your devices only takes a few clicks or taps. Many major updates occur in the early hours of the morning, meaning that you’ll never know your devices were offline. You’ll just wake up to new, secure software!
Just because social media personalities document their entire days literally from the moment they wake up, doesn’t mean you should do the same. It’s best to leave some details about your life a mystery from the internet for various reasons.
The best way to avoid all of the above is to set your online profiles to private and edit your list of followers to only people you have met in real life and trust. Also, you may want to consider revising what you post about and how often.
If you genuinely love sharing moments from your daily life, consider sending a newsletter to a curated group of close friends and family. Aspiring influencers who still wants to capture and publish every aspect of their daily lives should be extremely careful about keeping sensitive details about themselves private, such as blurring their house number, not revealing their hometown, turning off location services, and going by a nickname instead of their full legal name.
Most sites won’t even let you proceed with creating an account if you don’t have a strong enough password. A strong password is one with a mix of capital and lowercase letters, numbers, and special characters. What also makes for an excellent password is one that’s unique. Reusing passwords can be just as risky as using “password123” or your pet’s name plus your birthday as a password. A reused password can put all your online accounts at risk, due to a practice called credential stuffing. Credential stuffing is a tactic where a cybercriminal attempts to input a stolen username and password combination in dozens of random websites to see which doors it opens.
Remembering a different password for each of your online accounts is almost an impossible task. Luckily, password managers make it so you only have to remember one password ever again! Password managers safeguard all your passwords in one secure desktop extension or smartphone app that you can use anywhere.
It’s best to create passwords or passphrases that have a secret meaning that only you know. Stay away from using significant dates, names, or places, because those are easier to guess. You can also leave it up to your password manager to randomly generate a password for you. The resulting unintelligible jumble of numbers, letters, and symbols is virtually impossible for anyone to guess.
Not all corners of the internet are safe to visit. Some dark crevices hide malware that can then sneak onto your device without you knowing. There are various types of malware, but the motive behind all of them is the same: To steal your personally identifiable information (PII) or your device’s power for a cybercriminal’s own financial gain.
Sites that claim to have free downloads of TV shows, movies, and games are notorious for harboring malware. Practice safe downloading habits, such as ensuring the site is secure, checking to see that it looks professional, and inspecting the URLs for suspicious file extensions.
Additionally, not all internet connections are free from prying eyes. Public Wi-Fi networks – like those in cafes, libraries, hotels, and transportation hubs – are especially prone. Because anyone can connect to a public network without needing a password, cybercriminals can digitally eavesdrop on other people on the same network. It’s unsafe to do your online banking, shopping, and other activities that deal with your financial or sensitive personal information while on public Wi-Fi.
However, there is one way to do so safely, and that’s with a virtual private network (VPN). A VPN is a type of software you can use on your smartphone, tablet, laptop, or desktop. It encrypts all your outgoing data, making it nearly impossible for a cybercriminal to snoop on your internet session.
You’ve likely already experienced a phishing attempt, whether you were aware of it or not. Phishing is a common tactic used to eke personal details from unsuspecting or trusting people. Phishers often initiate contact through texts, emails, or social media direct messages, and they aim to get enough information to break into your online accounts or to impersonate you.
AI text generator tools are making it more difficult to pinpoint a phisher, as messages can seem very humanlike. Typos and nonsensical sentences used to be the main indicator of a phishing attempt, but text generators generally use correct spelling and grammar. Here are a few tell-tale signs of a phishing attempt:
Never engage with a phishing attempt. Do not forward the message or respond to them and never click on any links included in their message. The links could direct to malicious sites that could infect your device with malware or spyware.
Before you delete the message, block the sender, mark the message as junk, and report the phisher. Reporting can go a long way toward hopefully preventing the phisher from targeting someone else.
When a security breach occurs, you can be sure that the news will report it. Plus, it’s the law for companies to notify the Federal Trade Commission of a breach. Keep a keen eye on the news and your inbox for notifications about recent breaches. Quick action is necessary to protect your personal and financial information, which is why you should be aware of current events.
The moment you hear about a breach on the news or see an email from a company to its customers about an incident, change your account’s password and double check your account’s recent activity to ensure nothing is amiss. Then await further action communicated through official company correspondences and official channels.
Cybercriminals aren’t above adding insult to injury and further scamming customers affected in breaches. Phishers may spam inboxes impersonating the company and sending malware-laden links they claim will reset your password. Continue to scrutinize your messages and keep an eye on the company’s official company website and verified social media accounts to ensure you’re getting company-approved advice.
One great mantra to guide your cybersecurity habits is: If you connect it, protect it. This means that any device that links to the internet should have security measures in place to shield it from cybercriminals. Yes, this includes your smart TV, smart refrigerator, smart thermostat, and smart lightbulbs!
Compose a list of the smart home devices you own. (You probably have more than you thought!) Then, make sure that every device is using a password you created, instead of the default password the device came with. Default passwords can be reused across an entire line of appliances. So, if a cybercriminal cracks the code on someone else’s smart washing machine, that could mean they could weasel their way into yours with the same password.
Another way to secure your connected home devices is by enabling two-factor authentication (2FA). This usually means enrolling your phone number or email address with the device and inputting one-time codes periodically to log into the connected device. 2FA is an excellent way to frustrate a cybercriminal, as it’s extremely difficult for them to bypass this security measure. It may add an extra 15 seconds to your login process, but the peace of mind is worth the minor inconvenience.
Finally, encase your entire home network with a secure router, or the device that connects your home Wi-Fi network to the internet. Again, change the password from the factory setting. And if you decide to rename the network, have fun with it but leave your name and address out of the new name.
When flip phones arrived on the scene in the 1990s and early 2000s, the worst that happened when they went missing was that you lost a cache of your stored text messages and call history. Now, when you misplace or have your smartphone stolen, it can seem like your whole online life vanished. Mobile devices store a lot of our sensitive information, so that’s why it’s key to not only safeguard your accounts but the devices that house them.
The best way to lock your device against anyone but yourself is to set up face or fingerprint ID. This makes it virtually impossible for a criminal to open your device. Also, passcode- or password-protect all your devices. It may seem like an inconvenience now, but your fingers will soon be able to glide across the keyboard or number pad fluently in just a few days, adding maybe an extra second to opening your device.
Another way to safeguard your device and the important information within it is to disable your favorite internet browser from auto-filling your passwords and credit card information. In the hands of a criminal, these details could lead to significant losses. A password manager here comes in handy for quick and secure password and username inputting.
Credit experts recommend checking your credit at least once yearly, but there’s no harm in checking your credit score more often. It’s only hard inquiries (or credit checks initiated by lenders) that may lower your credit score. Consider making it a habit to check your credit once every quarter. The first signs of identity theft often appear in a drastically lower credit score, which means that someone may be opening lines of credit in your name.
Also, if you’re not planning to apply for a new credit card or a loan anytime soon, why not lock your credit so no one can access it? A credit freeze makes it so that no one (yourself included) can touch it, thus keeping it out of the hands of thieves.
Picking up the pieces after a thief steals your identity is expensive, tedious, and time-consuming. Identity remediation includes reaching out to all three credit bureaus, filing reports, and spending hours tracking down your PII that’s now strewn across the internet.
Identity protection services can guard your identity so you hopefully avoid this entire scenario altogether. McAfee identity monitoring tracks the dark web for you and alerts you, on average, ten months sooner that something is amiss when compared to similar services. And if something does happen to your identity, McAfee identity restoration services offers $1 million in identity restoration and lends its support to help you get your identity and credit back in order.
The best complement to your newfound excellent cyber habits is a toolbelt of excellent services to patch any holes in your defense. McAfee+ includes all the services you need to boost your peace of mind about your online identity and privacy. You can surf public Wi-Fi safely with its secure VPN, protect your device with antivirus software, freeze your credit with security freeze, keep tabs on your identity, and more!
The post 10 Easy Things You Can Do Today to Improve Your Cybersecurity appeared first on McAfee Blog.
If you’ve got teens, then no doubt you’ve received the SOS texts. ‘Mum, I need a haircut, can you just spot me $30?’ or ‘I’ve just finished footy and I’m starving, can you transfer me some money?’. Where would the modern parent be without online banking? How did our non-digital forefathers ever cope??
Online banking is just so convenient and basically a necessity of modern life. If you’ve recently tried to conduct a transaction at a branch, then you’ll know exactly what I mean. One of my boys recently tried to set up a new account at a local banking branch and they were told to come back the following day. Instead, we went home and did it online in less than 20 minutes!
Aussie banks are world class at implementing a range of security measures to keep our banking safe however there are still things we can do to avoid our banking details getting into the hands of hackers. But many of us just assume that ‘all is well’ – our banking apps work seamlessly, so why do we need to worry? And that’s where many come unstuck. If it doesn’t appear to be broken, why do we need to fix it? Well, being ahead of the risks is how you keep yourself safe, my friends. So, here are my top tips to ensure all your family members are banking online in the securest way possible.
If you’re changing banks or helping your child set up their online banking, it’s essential that you download your bank’s official app. Imitations do exist! Ideally, download the app from the bank’s website however if this isn’t an option use a genuine app store like Apple’s AppStore or Google Play for Android devices. And always verify the app is legitimate by checking the developer details and reading the reviews.
Budgeting or financial management apps are an incredibly popular way to help manage finances, but you need to be cautious here too as many will require you to share your banking logins. Always check the app’s reviews, its history of data breaches and its security policies before you download.
Using the name of your puppy, your kids or worse still, your birthday, is one of the fastest ways of getting your banking details into the hands of hackers. Passwords need to have no connection to any part of your life, should never be stored in your banking app or anywhere on your phone and NEVER, EVER written on the back of your debit card!! Here are my top tips:
Make them long – choose a phrase instead of just 1 word. I love a nonsensical sentence with at least 10 characters.
Always include lower and uppercase letters, a number or 2 and a few symbols.
Every online account needs its own unique password – no exceptions.
Put a reminder in your calendar to update your passwords regularly – at least every 3-6 months.
All sounds too hard? Try a password manager that will not only create complex passwords that no human could ever think of, but it will also remember then for you. Check out McAfee +, complete no brainer!
Geez, public Wi-Fi is convenient, particularly if you are travelling. But, using it to undertake any banking or financial dealings is just too risky in, my opinion. Why? I hear you ask. Well, there are many ways hackers can hack public Wi-Fi, let me share a few:
‘Evil twin’ attack. This is when hackers set up malicious hotspots with seemingly logical and trustworthy names eg ‘Free Café Wi-Fi’. But as soon as you connect, they can easily get their hands on your data.
Man-in-the-middle attack (MitM). This is when hackers break into a network and eavesdrop on data as it travels between connected devices and the Wi-Fi router. For example, your online banking password!
Password cracking attack. Scammers use software that automatically tries a huge volume of usernames and passwords so they can control the router. And once they’ve gained control, they can dupe you into downloading malicious software (that could steal your identity) or redirects you to a webpage that phishes for your personal information.
If you don’t think you can possibly survive without public Wi-fi then you need to invest in a VPN that will ensure everything you share is protected.
If your bank offers two-factor authentication to its customers, then your answer needs to be ‘yes please’! Two-factor authentication or multi factor authentication adds another layer of verification to your banking which minimises the chances of hacker causing you harm. If you’ve activated it, you’ll be asked to provide another piece of information after you’ve entered your login details. Usually a special code, this may be delivered to you via an app, text message or even an automated phone call.
It will take just a few minutes to ring your bank and request to be notified when an activity occurs on your account. Every bank will manage this differently, however most banks can alert you on request via email or text if the following occur:
And if anything at all seems a little fishy, contact your bank immediately!
Unfortunately, few things are guaranteed in life and that includes your online safety. And whether you’re an online banking fan or not, opting out isn’t really an option. So, take some time to tighten up your online banking. Only use legit apps; change your passwords so they are long, strong and complex; invest in a VPN so you can use public Wi-Fi and say yes to two-factor authentication. You’ve got this!
Happy banking!!
Alex
The post Online Banking – The Safe Way appeared first on McAfee Blog.
Some of the strongest passwords you can use are the ones you don’t have to remember. Strange as that may sound, it’s true, if you use a password manager. A password manager creates and securely stores strong, unique passwords for each of your accounts—and does all the remembering for you. And remembering is the root of the problem when it comes to insecure passwords. Consider how many passwords you have across all your accounts. Then consider the old passwords for accounts and online forums you no longer use, along with all the times you created a password for an online store that you only shopped at once or twice. All those passwords, it’s too much to keep track of, let alone manage. And that leads to insecure passwords. Simple passwords. Or passwords that get used again and again across several accounts. Hackers count on that. They love it when people use simple passwords, reuse passwords, grab passwords out of the dictionary, or base their passwords on their pet names that a hacker can easily glean from a victim’s social media posts. They also love “brute force” tools that help them break into accounts by quickly feeding account logins with thousands of potential passwords in minutes. So when you make your life easier with simple or reused passwords, you make life easier for hackers too. That’s where a password manager comes in. It makes life easy for you to stay secure while still making it tough on hackers—particularly tough with strong, unique passwords for each of your accounts that can you update on a regular basis, which offers some of the strongest protection you have against hackers hijacking your accounts.
First up, let’s look at password practices in general while keeping a few things in mind. Hackers will look for the quickest payday. In some cases they’ll work with a long list of accounts that they’re trying to break into. If a password on that list proves difficult to crack they’ll move on to the next in the hope that it’ll have a poor password that they can easily crack. It’s a sort of hacker economics. There’s often little incentive for them to spend extra time on a strong password when there are plenty of weak ones in the mix. So what do poor passwords look like? Here are a few examples:
On the flip side, here’s what a strong password looks like:
Long, complex, unique, and updated, all described as above—how do you manage all that without creating a string of gobbledygook that you’ll never remember? You can do so with a passphrase. A phrase will give you those 12 or more characters mentioned above, and with a couple extra steps, can turn into something quite unique and complex. Here’s a three-step example:
Now you have a password that you can remember with a little practice, one that still challenges the tools that hackers use for cracking passwords.
When you consider the number of accounts you need to protect, creating strong, unique passwords for each of your accounts can get time consuming. Further, updating them regularly can get more time consuming still. That’s where a password manager comes in. A password manager does the work of creating strong, unique passwords for your accounts. These will take the form of a string of random numbers, letters, and characters. They will not be memorable, but the manager does the memorizing for you. You only need to remember a single password to access the tools of your manager. A strong password manager also stores your passwords securely. Ours protects your passwords by scrambling them with AES-256, one of the strongest encryption algorithms available. Only you can decrypt and access your information with the factors you choose. Additionally, our password manager uses MFA—you’ll be verified by at least two factors before being signed in.
Whether it’s the passwords you’ve created or the master password for your password manager, consider making an offline list of them. This will protect access to your accounts if you ever forget them. Be sure to store this list in a safe, offline place—recognizing that you want to protect it from physical theft. A locking file cabinet is one option and a small fireproof safe yet more secure. A password manager is just part of your password security solution. For example, you’ll also want to use comprehensive online protection software to prevent you from following links in phishing attacks designed to steal your account login information. The same goes for malicious links that can pop up in search. Online protection software can steer you clear of those too. In some cases, bad actors out there will simply shop on the dark web for username and password combos that were stolen from data breaches. An identity monitoring service such as our own can alert you if your information ends up there. It can monitor the dark web for your personal info, including email, government IDs, credit card and bank account info, and more. Ours provides early alerts and guidance for the next steps to take if your data is found on the dark web, an average of 10 months ahead of similar services.
A password manager takes the pain out of passwords. It creates strong, unique passwords for every account you have. That includes banking, social media, credit cards, online shopping, financial services, or what have you. The entire lot of it. And remember, remembering is the thing with passwords. Hackers hope you’ll get lazy with your passwords by creating simple ones, reusing others, or some combination of the two because that makes it easier to remember them. That’s the beauty of a password manager. It does the remembering for you, so you simply go on your way as you go online. Safely.
The post The Strongest Passwords and the Best Way to Create (and Remember) Them appeared first on McAfee Blog.
Imagine that you want to pull up a certain file on your computer. You click on the file and suddenly a notice flashes on your screen saying your computer is compromised and to get your files back, you need to pay up. This is known as ransomware, a nasty type of malware that is no longer reserved for multimillionaires and corporations. Cybercriminals are holding hostage computer files and sensitive personal documents of ordinary people for their own financial gain.
Here’s everything you need to know about how ransomware makes it on to your devices and seven digital safety habits you can start today to prevent it from happening to you.
Ransomware infects connected devices – smartphones, laptops, tablets, and desktops – when the device owners unknowingly click on links or popups that have malicious software embedded within them.
Phishing attempts are a common vehicle for spreading ransomware. The cybercriminal veils their malicious links in emails, texts, or social media direct messages that urge a quick response and threaten dire consequences. For example, a phisher may impersonate a bank and demand the innocent recipient click on a link to recover a large sum of money. Instead, the link directs not to an official bank website, but to a malware download page. From there, the ransomware software takes hold and allows the cybercriminal to stalk and lock your most important files.
If a cybercriminal reaches out to you and notifies you that they have your files hostage, do not engage with them and never pay the ransom. Even if you do pay the ransom, there’s no guarantee that the criminal will release your files. They’re a criminal after all, and you cannot trust them. Giving in and paying ransoms bolsters the confidence of cybercriminals that their schemes are successful, thus they’ll perpetuate the scam.
Remain calm and immediately disconnect your ransomware-infected device from the Wi-Fi. This will prevent the program from jumping from one device to another device connected to the same network. Then, on another device, visit the No More Ransom Project. This initiative, supported by McAfee, has a repository of advice and code that may rid your device of the malicious program. Additionally, report the event to the Cybersecurity & Infrastructure Security Agency. An agent may be able to help you unlock your device or advise you on how to proceed.
The best way to prepare for ransomware is to prevent it from happening in the first place. These seven online habits are a great way to keep your devices and the valuable personally identifiable information they store from falling into the hands of cybercriminals.
A cybercriminal has no leverage if your device doesn’t house anything of value. Back up your most important files every few months, either to the cloud or save them onto a hard drive. This way, if you do get a ransomware infection, you can wipe your device and reinstall your files from the backup. Backups protect your data, and you won’t be tempted to reward the malware authors by paying a ransom.
When updating your credentials, you should always ensure that your password is strong and unique. It’s dangerous to reuse the same password across accounts because all it takes to put your accounts at risk is for one data breach to leak your password onto the dark web. It’s nearly impossible to memorize all your different password and username combinations, so entrust a password manager to store them for you.
Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification to enter an online account. For instance, you’ll be asked to verify your identity through a one-time code sent to a cellphone or to answer a security question in tandem with a correct password. This additional step in the login process deters ransomware plots because if you store your important documents behind a multi-factor authentication-protected cloud program, the criminal has nothing of value to hold hostage.
Don’t click on links or respond to emails, social media direct messages, and texts from people you don’t know. This is important since phishers often trick people into downloading malware and ransomware software through disguised links.
Using a security extension on your web browser is one way to browse more safely. McAfee WebAdvisor, for instance, alerts you when you’ve ventured onto risky sites that could harbor malware. Websites that claim to have free TV shows, movies, and software are among the riskiest.
Public Wi-Fi networks – like those at libraries, coffee shops, hotels, and airports – are often not secure. Since anyone can log on, you can’t always trust that everyone on the network has good intentions. Cybercriminals often hop on public networks and digitally eavesdrop on the devices connected to it. So, you can either avoid public Wi-Fi altogether and only access the internet through 5G, or you can enable a virtual private network. A VPN is a truly private network that encrypts your internet traffic, making you completely anonymous online.
Don’t ignore your devices’ notifications to update your software. Keeping your software up to date is an excellent way to deter cybercriminals from forcing their way onto your device. Software updates usually include critical security patches that close any holes that a ransomware plot could squeeze through.
To boost your peace of mind, opt for an extra layer of security with a solution like McAfee+ Ultimate, which includes up to $25,000 in ransomware coverage. McAfee+ Ultimate also includes a VPN, password manager, and safe browsing extension to keep your online comings and goings private.
The post 7 Tips to Protect Your Devices and Private Information from Ransomware appeared first on McAfee Blog.
There are no ifs, ands, or buts about it: A stolen identity creates a mess. Once they have a few key pieces of personally identifiable information (PII), an identity thief can open new credit lines, create convincing new identities, and ruin an innocent person’s good credit.
If you suspect you’ve been affected by identity theft, acting quickly is key to stopping the thief and repairing the damage. Here are the definitive five steps of identity remediation, or the process of restoring and protecting the privacy of your identity.
With a stolen identity in hand, thieves can open new lines of credit or apply for large loans using someone else’s excellent credit score for leverage. If undetected, fraudsters can run up huge bills, never pay them, and in turn, ruin the credit score that you spent years perfecting. When you suspect or confirm that your identity has been compromised and you’re in the United States, alert the three major credit bureaus: Equifax, TransUnion, and Experian.
Freezing your credit means that no one (not even you) can open a new credit card or bank account. This prevents criminals from misusing your identity. Initiating a credit freeze is free and it doesn’t affect your credit score.
Once you suspect a criminal has stolen your identity, file a report with the Federal Trade Commission. Its official identity theft website includes a form for you to detail the circumstances. From there, the FTC will investigate.
It’s important to file a report because law enforcement can get involved and hopefully stop the criminal from striking again. Also, an official document from law enforcement or the FTC may help your bank and the credit bureaus resolve the damage.
Whenever a company with which you have an account is breached, the first step you should take is to quickly change your password. The same goes for when your identity is compromised with the added step of getting in touch with your banks and asking their fraud department to issue you new credit and debit cards and put them on alert for possible suspicious charges.
Having unique passwords for all your accounts is crucial to keeping them secure. For instance, if one of your accounts is breached and a cybercriminal lifts that username and password combination, they may then attempt to use it on other sites. To ensure you have strong passwords and passphrases for every site, consider using password manager software. Password managers are incredibly secure and make it so you only have to remember one password ever again.
In addition to freezing your credit, you may have to sync up with each bureau to remedy any damage the identity thief may have done to your credit. Each bureau’s fraud department is very familiar with these scenarios, so their customer service department is experienced and more than willing to help you work through it.
Once you’ve cleaned up the immediate mess made by an identity thief, it’s important to continuously monitor your identity in case the thief is biding their time or pieces of your PII are still circulating on the dark web. Plus, the headache of one compromised identity incident is enough for someone to never want it to happen again. Identity monitoring is a very thorough process that will give you peace of mind that you’ll be protected and can enjoy your online life safely.
These five steps, while important, can be tedious. It may require a lot of patience to sit on hold and sift through all the relevant forms. Luckily, McAfee is an excellent partner who can help you with all your identity remediation needs with just one service: McAfee+ Ultimate. For example, security freeze is an easy way to put a halt on your credit. McAfee’s identity monitoring service monitors up to 60 unique types of personal details. If your PII appears on the dark web, Personal Data Cleanup can remove it.
Recover and move forward confidently after an identity theft with McAfee by your side.
The post Everything You Need to Know About Identity Remediation appeared first on McAfee Blog.
Password protection is one of the most common security protocols available. By creating a unique password, you are both proving your identity and keeping your personal information safer. However, when every account you have requires a separate password, it can be an overwhelming task. While you should be concerned about the safety of your data, you also want to avoid the frustration of forgetting your password and being blocked from the information you need. However, the benefits of using strong, unique passwords outweigh the occasional inconvenience.
The main benefit of a strong password is security. Hackers work quickly when they are trying to access accounts. They want to steal as much information as they can in as short a time as possible. This makes an account with a strong password less inviting because cracking the code is much more involved.
A strong password also limits the damage that hackers can do to your personal accounts. A common strategy involves cracking the passwords of less secure sites with limited personal information. The hackers hope that they can use the password from your gym membership app to access information in your online banking account. Strong password protection prevents this situation.
When someone is registering an online account, it can be tempting to blaze through the password process. In order to move quickly, there are several poor password practices that people employ.
A password is considered strong when it is difficult for a hacker to crack it quickly. Sophisticated algorithms can run through many password combinations in a short time. A password that is long, complex and unique will discourage attempts to break into your accounts.
If you want a password that is memorable but strong, you can easily turn a phrase into a layered, complex password. In this process, it is important to note that you should not use personal information that is available online as part of your phrase.
Now, you have a password that you can remember while challenging the algorithms hackers use.
When you consider the number of accounts you need to protect, coming up with a properly layered password is a time-consuming task. Even if you are able to decide on a memorable phrase, there are just too many accounts that need passwords. A password manager is a helpful tool to keep you safe while you are online. It acts as a database for all of your passwords. Each time you create a new code, it stores it so that you can automatically enter it later. You only need to remember a single password to access the tools of your manager.
Most managers can also do the work of creating complex, layered passwords for your accounts. These will be a string of random numbers, letters and characters. They will not be memorable, but you are relying on the manager to do the memorizing. These machine-generated passwords are especially helpful for accounts you rarely access or that do not hold significant information.
For critical accounts like your bank account or a work-related account, it can be helpful to keep an offline list of your passwords. Complex passwords are meant to be difficult to remember. You may recall the phrase but not all the detailed changes that make it layered. Keeping a document on a zip drive or even in a physical paper file or journal will allow you to access your information if your hardware fails or you are switching to a new system.
Cracking passwords is just one of the strategies hackers use to steal information. In addition to using strong passwords, it is important to employ comprehensive security software. Strong passwords will help protect your online accounts. Strong overall security will keep your hardware and network safe from danger.
The post Strong Password Ideas to Keep Your Information Safe appeared first on McAfee Blog.
Fears and phobias. We all have them. But what are your biggest ones? I absolutely detest snakes but spiders don’t worry me at all. Well, new research by McAfee shows that cybercriminals and the fear of being hacked are now the 5th greatest fear among Aussies.
With news of data breaches and hacking crusades filling our news feed on a regular basis, many of us are becoming more aware and concerned about the threats we face in our increasingly digital world. And McAfee’s latest confirms this with hackers making their way into Australia’s Top 10 Fears.
According to research conducted by McAfee, snakes are the top phobia for Aussies followed by spiders, heights and sharks. Cybercriminals and the fear of being hacked come in in 5th place beating the dentist, bees, ghosts, aeroplane travel and clowns!
Aussie Top 10 Fears and Phobias
Fears and phobias develop when we perceive that we are at risk of pain, or worse, still, death. And while almost a third of respondents nominated snakes as their number one fear, there is less than one-in-fifty thousand chance of being bitten badly enough by a snake to warrant going to hospital in Australia, according to research from the Internal Medicine Journal.
In contrast, McAfee’s analysis of more than 108 billion potential online threats between October and December, identified 202 million of these threats as genuine risks. With a global population of 7.5 billion, that means there is approximately a one in 37 chance of being targeted by cybercrime. Now while this is not a life-threatening situation, these statistics show that chance of us being affected by an online threat is very real.
According to the research, 82% of Aussies believe that being hacked is a growing or high concern. And when you look at the sheer number of reported data breaches so far this year, these statistics make complete sense. Data breaches have affected Bunnings staff, Federal Parliament staff, Marriott guests, Victorian Government staff, QLD Fisheries members, Skoolbag app users and Big W customers plus many more.
Almost 1 in 5 (19%) of those interviewed said their top fear at work is doing something that will result in a data security breach, they will leak sensitive information or infect their corporate IT systems.
The fear that we are in the midst of a cyberwar is another big concern for many Aussies. Cyberwar can be explained as a computer or network-based conflict where parties try to disrupt or take ownership of the activities of other parties, often for strategic, military or cyberespionage purposes. 55% of Aussies believe that a cyberwar is happening right now but we just don’t know about it. And a fifth believe cyber warfare is the biggest threat to our nation.
Being proactive about protecting your online life is the absolute best way of reducing the chances of being hacked or being affected by a data breach. Here are my top tips on what you can now to protect yourself:
Using a password manager to create unique and complex passwords for each of your online accounts will definitely improve your online safety. If each on your online accounts has a unique password and you are involved in a breach, the hacker won’t be able to use the stolen password details to log into any of your other accounts.
Storing your financial data within your browser and being able to populate online forms quickly within seconds makes the autofill function very attractive however it is risky. Autofill will automatically fill out all forms on a page regardless of whether you can see all the boxes. You may just think you are automatically entering your email address into an online form however a savvy hacker could easily design an online form with hidden boxes designed to capture your financial information. So remove all your financial information from Autofill. I know this means you will have to manually enter information each time you purchase but your personal data will be better protected.
One of the easiest ways for a cybercriminal to compromise their victim is by using phishing emails to lure consumers into clicking links for products or services that could lead to malware, or a phoney website designed to steal personal information. If the deal seems too good to be true, or the email was not expected, always check directly with the source.
It’s important to put the right security solutions in place in order to surf the web safely. Add an extra layer of security to your browser with McAfee WebAdvisor.
I know public Wi-Fi might seem like a good idea, but if consumers are not careful, they could be unknowingly exposing personal information or credit card details to cybercriminals who are snooping on the network. If you are a regular Wi-Fi user, I recommend investing in a virtual private network or (VPN) such as McAfee Secure VPN which will ensure your connection is completely secure and that your data remains safe.
While it is tempting, putting our head in the sand and pretending hackers and cybercrime don’t exist puts ourselves and our families at even more risk! Facing our fears and making an action plan is the best way of reducing our worry and stress. So, please commit to being proactive about your family’s online security. Draw up a list of what you can do today to protect your tribe. And if you want to receive regular updates about additional ways you can keep your family safe online, check out my blog.
‘till next time.
Alex x
The post Aussies Fear Snakes, Spiders and Getting Hacked appeared first on McAfee Blog.
Whether using the internet for play or work, you want to spend your time online enjoying the peace of mind that comes with having a secure network.
You don’t want to contend with someone taking your personal data — whether it’s credit card information, passwords, or bank account details — via malware or a data breach on your Android, Windows, or Apple iOS device.
Fortunately, with some sensible precautions and simple steps, you can use your connected devices productively without worrying about cybercriminals and malicious software. This article explains how to stop hackers from getting access to your sensitive data.
You can take steps to protect your different computing and mobile devices and operating systems. These steps can be divided into technological solutions and the right awareness and information to provide a comforting measure of self-protection.
It’s like learning karate for self-defense, giving you confidence as you negotiate the wider world (and hoping that you never have to use it).
When it comes to identity protection software, McAfee provides a proven solution with our identity protection and privacy services. The protection includes alerts if your sensitive information is found on the dark web (up to 10 months sooner than other providers), personal data cleanup from sites gathering and selling your information, and an unlimited virtual public network (VPN) service that protects your privacy as you use public Wi-Fi networks.
You’ll also get up to $1 million in identity theft coverage and hands-on restoration support to help you reclaim your identity.
Simple, obvious passwords and passcodes (like your street address, your birthday, your kids’ or pets’ names, or “1234” or “abcd”) are easy for cybercriminals to crack, giving them unwanted access to your private data.
The stronger your password, the better your protection. Some best password practices include:
It’s important not to be a standing target. Just as you should use different passwords for everything, you should regularly change your passwords. You should do this a few times a year (although some cyber experts say this might not be necessary if you have a long and very complicated password).
If you have a number of passwords that you update often, it might be worth getting a password manager like McAfee True Key to keep track of them. Not only will you not be faced with remembering all your different passwords or writing them down (also a no-no), but it can also help you create and store unique passwords.
The software uses the strongest encryption algorithms available to protect your passwords, scrambling them so no one else can access them. It’ll also suggest new passwords and automatically log you into your online accounts with just one master password.
Another important line of defense is multi-factor authentication (sometimes known as two-factor authentication). This system uses a password and a second piece of verification — often an SMS message sent to your Android device or iPhone — to authenticate your identity.
This provides hard-to-beat protection even if a hacker has your password. Besides receiving SMS codes, there are also code-generating apps and physical security keys.
Thinking before you click on an email or text is a very important defense against phishing scams. Your bank won’t send you an email or text notifying you that there’s been suspicious activity on your account.
Does getting a large refund from your phone company sound too good to be true? It is. Similarly, the Internal Revenue Service (IRS) won’t text to tell you that you owe them money, and princes aren’t going to give you a fortune out of the blue.
Internet users beware: If you’re not absolutely certain that the text message you received is from a legitimate and trusted source, delete it. You can always contact the business or person directly to confirm that the message is legit.
Any operating system or app you use is open to malicious cyberattacks. This is why you should keep all your software up to date with the latest versions. Software developers are continually fixing holes in their products and offering cybersecurity patches to make them as safe and hacker-proof as possible.
Make sure your software, firmware, and security settings are up to date on your home’s Wi-Fi router, as well. You can often change your settings to allow for automatic updates.
Sure, who doesn’t like to go to a cafe, library, or hotel lobby to use the free Wi-Fi? But security is often weak in these public networks. If you open your online banking account or access personal information, you may unwittingly be giving a personal invitation to eavesdropping cybercriminals.
This is where the bank-grade level of protection of McAfee Secure VPN comes in, which automatically turns on when you need it and keeps you safe on public Wi-Fi networks.
Even if your device does get hacked, you can protect vital information on your Windows or macOS system with an encryption program like BitLocker or FileVault. You can protect any hard drive you use, including portable ones and USB keys.
It’s also a good idea to only shop at encrypted websites marked with the prefix “HTTPS” in their URLs.
One of the best ways to surf the web in comfort while keeping hackers at bay is with the comprehensive solutions provided by McAfee Total Protection.
Your protection includes proactive measures (meaning we’ll guide you to the best choices for prevention), early detection, and expert identity theft support.
This means you’ll get identity monitoring, up to $1 million in identity theft coverage, lost wallet protection, premium antivirus software, a secure VPN, and personal data removal. In particular, our Personal Data Cleanup service will help find and remove your personal information from data broker websites and people search sites.
With McAfee, you don’t have to be afraid of hackers. Let us deal with them.
The post How to Stay One Step Ahead of Hackers appeared first on McAfee Blog.
FreshRSS 