Login
When you open your laptop or your mobile device, what is the first thing you do? Do you head to your favorite social media site to skim the latest news, or do you place your weekly grocery delivery order? No matter what your daily online habits are, even the slightest degree of caution can go a long way in staying secure online.
That’s because hackers are experts at hiding malware in your everyday online routines, or even infiltrating your cookies to steal login information and learn about your personal preferences.
According to a StatsCan Canadian internet use survey, six out of ten internet users reported experiencing a cybersecurity incident. There are many hoops to jump through when navigating the digital landscape. By taking the necessary steps to remedy vulnerabilities in your digital activity, you can dramatically improve your online protection.
Cybercriminals take advantage of online users through routine avenues you would not expect. Here are three common ways that cybercriminals eavesdrop on online users.
Adware, or advertising-supported software, generates ads in the user interface of a person’s device. Adware is most often used to generate revenue for the developer by targeting unsuspecting online users with personalized ads paid by third parties. These third parties usually pay per view, click, or application installation.
Though not always malicious, adware crosses into dangerous territory when it is downloaded without a user’s consent and has nefarious intent. In this case, the adware becomes known as a potentially unwanted application (PUA) that can remain undetected on users’ devices for long periods of time. According to a report by the Cybersecure Policy Exchange, an unintentionally installed or downloaded computer virus or piece of malware is one of the top five cybercrimes that Canadians experience. The PUA can then create issues like frequent crashes and slow performance.
Users unknowingly download adware onto their device when they download a free ad-supported program or visit a non-secure site that does not use the Hypertext Transfer Protocol Secure (HTTPS) to encrypt online communication.
Hackers also use invasive tactics known as ad injections, where they inject ads with malicious code for increased monetary gain. This is a practice known as “malvertising.” If a user clicks on a seemingly legitimate and well-placed ad, they risk exposing themselves to numerous online threats. These ads can be infected with malware such as viruses or spyware. For example, hackers can exploit browser vulnerabilities to download malware, steal information about the device system, and gain control over its operations. Hackers can also use malvertising to run fraudulent tech support scams, steal cookie data, or sell information to third-party ad networks.
Another vulnerability that many may not realize is their browser’s built-in autofill functions. As tempting as it is to use your browser’s autofill function to populate a long form, this shortcut may not be safe. Cybercriminals have found ways to capture credentials by inserting fake login boxes onto a web page that users cannot see. So, when you accept the option to autofill your username and password, you are also populating these fake boxes.
Take a proactive approach to your digital protection the next time you are browsing the internet by reassessing your online habits. Check out these five tips to ensure you are staying as safe as possible online.
Cookie data can contain anything from login information to credit card numbers. Cybercriminals looking to exploit this information can hijack browser sessions to pose as legitimate users and steal cookies as they travel across networks and servers. As a result, it is essential for online users to regularly clear out their cookies to better protect their information from falling into the wrong hands. Navigate to your browser’s history, where you can wipe the data associated with each browser session, including your cookies.
Clearing your browser’s cookie data will also remove your saved logins, which is why leveraging a password manager can make it easier to access regularly visited online accounts.
Many browsers come with a built-in password generator and manager; however, it is better to entrust your logins and password to a reputable password manager. Browser password managers are not as secure as password managers, because anyone who has access to your device will also access your online information. A password manager, provides a more secure solution since it requires you to log in with a separate master password. A password manager also works across various browsers and can generate stronger passwords than those created by your browser.
In addition to clearing cookie data, users should adjust their browser settings to ensure their online sessions remain private.
Another option is to access the internet in Private Browsing Mode to automatically block third-party tracking, making it a quick and easy option to ensure private browsing. Users can also enable the “do not track” function of their browser to prevent third-party tracking by advertisers and websites. Additionally, you can adjust your browser settings to block pop-up ads and control site permissions, such as access to cameras and locations.
Ad blockers suppress unwanted and potentially malicious ads to ensure a safer browsing experience. Ad blockers can also make it easier to view page layout by removing distracting ads and optimizing page load speed. Additionally, they prevent websites from tracking your information that third parties can sell.
Deploying a security solution like McAfee+ Ultimate ensures the safest internet browsing experience through a holistic approach for threat detection, protection, and remediation. Equipped with a password manager, antivirus software, and firewall protection, users can effectively sidestep online threats while browsing the internet. Moreover, it includes comprehensive privacy and identity protection, such as our Personal Data Cleanup, dark web monitoring, credit monitoring, along with ways you can quickly Lock or freeze your credit file to help prevent accounts from being opened in your name.
Your online behavior can say a lot about you so make sure you safeguard your internet protection. Whether it is through malvertising or invisible forms, hackers can glean information to paint a picture of who you are to target you through deceptive tactics. Cybercriminals are always looking for vulnerabilities which is why assessing your online habits sooner rather than later is a critical first step to smarter online browsing.
The post How to Protect Your Online Privacy appeared first on McAfee Blog.
The dark web. The name raises all kinds of questions. What is the dark web, really? Where is it? Can anyone use it?
Answering these questions can help you stay safer online.
The story of the dark web is a complicated one. It’s a small and highly anonymous portion of the internet. As a result, it has a reputation for harboring criminal activity. We often mention the dark web in our blogs, typically when the conversation turns to identity theft, data breaches, and stolen personal info. Rightfully so. Plenty of cybercrime can be traced right back to the dark web.
Yet cybercriminals didn’t create the dark web. And they’re far from the only people who use it. News outlets like the BBC and the New York Times have a presence there, as does the U.S. Central Intelligence Agency (CIA). Journalists, activists, and everyday citizens use it as well, often to work around oppressive censorship. Even Facebook is there, providing people access to the social media site in regions where it’s blocked.
Anonymity reigns on the dark web. It was designed to work that way. With that, it’s home to a mixed bag of activity, legitimate and illicit alike. Yet that anonymity doesn’t stop us from putting a face onto the dark web — from understanding what it is, where it is, and what happens there.
That starts with a look at the internet and the two primary layers that make it up.
The layers of the internet: The surface web and the deep web
If you visualize the internet as an ocean, you’ll find it populated with websites and collections of data at all depths. Yet, the typical internet user only has access to the first few feet, a layer of the internet known as the surface web.
The sights you’ll see within the surface web will look familiar. It’s all the blogs, shops, social media sites, and so on that you visit regularly. And it’s easy to get to. You only need to fire up your browser and go. All the sites are public-facing. With a quick search, you can find them.
In all, the surface web contains any destination you can reach through search. To put it more precisely, the surface web accounts for areas of the internet that search engines can “crawl” and index for search. Estimates vary, yet the surface web accounts for roughly 4 to 5% of the internet.
Now, enter the deep web, the next 95% of the internet that is not searchable. Yet, that’s not to say that you don’t travel down into its depths from time to time. In fact, you likely do it daily. Any time you go through a paywall or use a password to access internet content, you’re entering the deep web. The content found there is hidden from search. Examples include logging into your bank account, accessing medical records through your healthcare provider, or using corporate web pages as part of your workday. Even streaming a show can involve a trip to the deep web. None of that content is searchable.
As such, the overwhelming majority of activity within the deep web is legitimate. So while this layer of the internet runs deep, it isn’t necessarily dark. The dark web is something altogether different.
What is the dark web?
The dark web lives within the deep web. Like the other depths of the deep web, it’s not searchable from the surface web. The people behind the sites and repositories on the dark web keep themselves anonymous. And the reasons vary. Some of them are entirely legitimate, others questionable, and several are outright illegal in nature.
Its origins go back to the 1990s when the U.S. Department of Defense developed the dark web as a means of sending anonymous and encrypted communications. That story might sound familiar. It’s quite like the origin story for the broader internet. That had its roots in the Department of Defense as well. So, just as the broader internet eventually became available to the public, so too did the dark web.
Getting there calls for a special browser because the protocols for the dark web differ from the surface web. Moreover, these browsers strip web traffic of identifiable info, encrypt it, and send it through a series of server jumps. The browsing traffic will appear to go through a server in one country, then a different server in another, and then another.
These steps make it highly difficult to identify the person using the browser. On the flip side, it also makes it difficult to identify the people hosting the sites and services on the dark web.
Without question, privacy is everything on the dark web. For good and for bad.
While the notion of the dark web typically gets raised in the context of cybercrime and other illegal activity, it has legitimate uses. Some of these use cases include:
Circumventing censorship
Well-regarded news outlets such as the BBC and Pro Publica maintain a presence on the dark web to ensure that anyone can access their reporting. This includes people in nations and regions where certain news sources are censored.
Private communication
For the particularly privacy-conscious, the dark web hosts several resources for encrypted communication. That includes email clients, internet chat, and even social media sites.
Whistleblowing
Anonymous tips are a part of national security, law enforcement, and journalism as well. The private nature of the dark web confers an added degree of anonymity to tipsters.
The dark web isn’t a place everyday internet users will need, or even want, to go. It’s far more complicated than the surface web—and going in without taking several security measures can make the trip a risky one.
This is where the rubber meets the road from an online protection standpoint. The dark web is also a marketplace for hackers and bad actors. In several ways — as a place to buy or rent malware, a repository for stolen info, and a place to communicate and coordinate attacks.
For starters, the dark web is populated with dark marketplaces. And difficult-to-trace cryptocurrency is the coin of the realm. With dark web stores stocked with ready-made malware kits, bad actors can launch attacks with little technical expertise. Others have done the work for them.
Cybercrime groups of all sizes prop up these shops, which they also use to rent out other services for attacks. For example, a small-time bad actor could easily lease a botnet to wage an attack that slows a targeted website to a crawl. Some cybercrime groups will provide hackers who can run attacks on someone else’s behalf, creating a mercenary “hacker for hire” gig economy.
Likewise, info stolen from a data breach can end up in dark web marketplaces as well. The personal info posted in these marketplaces can range anywhere from emails and passwords to in-depth info like tax ID numbers, health info, and driver’s license numbers.
Some of it goes up for sale. Some of it gets dumped there for free. With the right info in hand, cybercriminals can commit acts of identity theft. That includes claiming unemployment benefits and tax refunds in someone else’s name. In extreme cases, it can lead to bad actors outright impersonating their victims, racking up debts and criminal records along the way.
In all, if it’s hackable and has value, it’s likely for sale on the dark web.
With all this shady activity on the dark web, you might wonder how you can protect yourself. In fact, you can take several steps to help prevent your info from finding its way there. And you also can take other steps if your info, unfortunately, ends up on the dark web.
Installing online protection software is the first step. Online protection software can help prevent many of the attacks that bad actors can buy on the dark web. It protects against ransomware, adware, spyware, and all manner of malware, whether it’s pre-existing or entirely new.
Yet today’s online protection goes far beyond antivirus. Comprehensive protection like ours protects your privacy and identity as well. It can keep tabs on your identity and credit, create strong passwords, and clean up your personal info online.
Monitor your identity:
An identity monitoring service can actively scan the dark web for personal info like your date of birth, email addresses, credit card numbers, personal identification numbers, and much more. In the event you fall victim to identity theft, our identity theft coverage and restoration can provide up to $1 million in coverage to cover the costs. Plus, it provides the services of a recovery expert with limited power of attorney to help you repair the damage done.
Keep an eye on your credit:
If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up at once. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud. Moreover, they have customer support teams that can help you file a claim if needed.
Given all the accounts you likely have a credit monitoring service can help. McAfee’s credit monitoring service can help you keep an eye on changes to your credit score, report, and accounts with prompt notifications and provide guidance so you can tackle identity theft.
Create strong, unique passwords:
With the high number of accounts you need to protect, creating strong, unique passwords for each one can get time consuming. Further, updating them regularly can become a time-consuming task. That’s where a password manager comes in.
A password manager does the work of creating strong, unique passwords for your accounts. These will take the form of a string of random numbers, letters, and characters. They will not be memorable, but the manager does the memorizing for you. You only need to remember a single password to access the tools of your manager.
Close old, risky accounts:
The more online accounts you keep, the greater the exposure you have to data breaches. Each account will have varying degrees of personal and financial info linked to it. And that means each one carries a varying degree of risk if it gets breached. Moreover, some sites and services protect data better than others, which adds another dimension of risk. Closing old and particularly risky accounts can decrease the risk of your personal and financial info winding up in the hands of an identity thief.
With security and savings in mind, McAfee created Online Account Cleanup. It finds and requests the deletion of unused accounts and protects your personal data from data breaches as a result. Monthly scans across your online accounts show a risk level for each account and help you decide which ones to delete.
Use two-factor authentication:
Two-factor authentication is an extra layer of defense on top of your username and password. It adds a one-time-use code to access your login procedure, typically sent to your smartphone by text or call. Together, that makes it tougher for a crook to hack your account if they get hold of your username and password. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up is more than worth the big boost in protection you’ll get.
The “dark” in the dark web stands for anonymity. And with anonymity, all kinds of activity follow. Good and bad.
From a security standpoint, the dark web is a haven for all manner of cybercriminals. Understanding how they use the dark web can help you protect yourself from their activities. You have tools for prevention, and you have resources available if your info ends up there or leads to identity theft.
By putting a face on the dark web, you put a face on cybercrime and can help reduce the risk of it happening to you.
The post What is the Dark Web? appeared first on McAfee Blog.
FreshRSS