Login
When it comes to protecting your privacy, take a close look at your social media use—because sharing can quickly turn into oversharing.
The term “oversharing” carries several different definitions. Yet in our case here, oversharing means saying more than one should to more people than they should. Consider the audience you have across your social media profiles. Perhaps you have dozens, if not hundreds of friends and followers. All with various degrees of closeness and familiarity. Who among them can you absolutely trust with the information you share?
And you might be sharing more than you think. Posts have a way of saying more than one thing, like:
“This is the pool at the rental home I’m staying at this week. Amazing!” Which also tells everyone, “My home is empty for the next few days.”
“I can’t start my workday without a visit to my favorite coffeeshop.” Which also says, “If you ever want to track me down in person, you can find me at this location practically any weekday morning.”
One can quickly point to other examples of oversharing. Unintentional oversharing at that.
A first-day-of-school picture can tell practical strangers which elementary school your children attend, say if the picture includes the school’s reader board in it. A snapshot of you joking around with a co-worker might reveal a glimpse of company information. Maybe because of what’s written on the whiteboard behind the two of you. And in one extreme example, there’s the case an assault on a pop star. Her attacker tracked her down through her selfie, determining her location through the reflection in her eyes.
The list goes on.
That’s not to say “don’t post.” More accurately, it’s “consider what you’re posting and who gets to see it.” You have control over what you post, and to some degree, who gets to see those posts. That combination is key to your privacy—and the privacy of others too.
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting—not to mention your relationships and likes. Taking a “friends only” approach to your social media profiles can help protect your privacy, because that gives a possible scammer or stalker much less material to work with. Yet further, some platforms allow you to create sub-groups of friends and followers. With a quick review of your network, you can create a sub-group of your most trusted friends and restrict your posts to them as needed.
Be critical of the invitations you receive. Out-and-out strangers might be more than just a stranger. They might be a fake account designed to gather information on users for purposes of fraud. There are plenty of fake accounts too. In fact, in Q1 of 2023 alone, Facebook took action on 426 million fake accounts. Reject such requests.
Think about posting those vacation pictures after you get back so people don’t know you’re away when you’re away. Also consider if your post pinpoints where you are or where you go regularly. Do you want people in your broader network to know that? Closely review the pics you take and see if there’s any revealing information in the background. If so, you can crop it out (think notes on a whiteboard, reflections in a window, or revealing location info). Further, ask anyone you want to include in their post for their permission. In all, consider their privacy too.
While we’re on the topic, you can take a few other steps that can make you more private online. In addition to your social media usage, other steps can help keep more of your private and personal information with you—where it belongs:
Granted, “social” is arguably the opposite of “private.” Using social media involves sharing, by its very definition. Yet any oversharing can lead to privacy issues.
Maybe you want close friends to know what’s going on, but what about that so-so acquaintance deep in your friends list? How well do you really know them? And to what extent do you want them to know exacting details about where you are, where your kids go to school, and so on? Those are questions you ultimately must answer, and ultimately have some control over depending on what you share on social media.
Also important to consider is this: if you post anything on the internet, consider it front page news. Even with social media privacy settings in place, there’s no guarantee that someone won’t copy your posts or pics and pass them along to others.
The flipside to the topic of social media and privacy is the platform you’re using. It’s no secret that social media companies gather hosts of personal information about their users in exchange for free use of their platforms. Certainly, that’s a topic unto itself. We cover what social media companies know about you in this article here—along with a few steps that can help you limit what they know as well.
When it comes to your privacy and social media, it depends largely on how you use it. How you use various privacy and audience settings offers one way to manage it. The other is you and the information you put out there for others to see.
The post How to Help Protect Your Online Privacy appeared first on McAfee Blog.
The dark web. The name raises all kinds of questions. What is the dark web, really? Where is it? Can anyone hop on it?
Answering these questions can help you stay safer online.
The story of the dark web is a complicated one. It’s a small and highly anonymous layer of the internet. As a result, it has a reputation for harboring criminal activity. We often mention the dark web in our blogs, typically when the conversation turns to identity theft, data breaches, and stolen personal information. Rightfully so. Plenty of cybercrime can get traced right back to the dark web.
Yet cybercriminals didn’t create the dark web. And they’re far from the only people who use it. News outlets like the BBC and the New York Times have a presence there, as does the U.S. Central Intelligence Agency (CIA). Journalists, activists, and everyday citizens use it as well, often to work around oppressive censorship. Even Facebook is there, providing people access to the social media site in regions where it’s blocked.
Anonymity reigns on the dark web. It was designed to work that way. With that, it’s home to a mixed bag of activity, legitimate and illicit alike. Yet that anonymity doesn’t stop us from putting a face onto the dark web—from understanding what it is, where it is, and what transpires there.
That starts with a look at the internet and the two primary layers that make it up.
If you visualize the internet as an ocean, you’ll find it populated with websites and collections of data at all depths. Yet, the typical internet user only has access to the first few feet, a layer of the internet known as the surface web.
The sights you’ll see within the surface web will look familiar. It’s all the blogs, shops, social media sites, and so on that you visit regularly. And it’s easy to get to. You only need to fire up your browser and go. All the sites are public facing. With a quick search, you can find them.
In all, the surface web contains any destination you can reach through search. To put it more precisely, the surface web accounts for areas of the internet that search engines can “crawl” and index for search. Estimates vary, yet the surface web accounts for roughly 4 to 5% of the internet.
Now, enter the deep web, the next 95% of the internet that is not searchable. Yet, that’s not to say that you don’t travel down into its depths from time to time. In fact, you likely do it daily. Any time you go through a paywall or use a password to access internet content, you’re entering the deep web. The content found there is hidden from search. Examples include logging into your bank account, accessing medical records through your healthcare provider, or using corporate web pages as part of your workday. Even streaming a show can involve a trip to the deep web. None of that content is searchable.
As such, the overwhelming majority of activity within the deep web is legitimate. So while this layer of the internet runs deep, it isn’t necessarily dark. The dark web is something altogether different.
The dark web lives within the deep web. Like the other depths of the deep web, it’s not searchable. The people behind the websites and data collections on the dark web intentionally keep them hidden from search. And the reasons vary. Some of them are entirely legitimate, others questionable, and several are outright illegal in nature.
Its origins go back to the 1990s, when the U.S. Department of Defense developed the dark web as a means of anonymous and encrypted communications. That story might sound familiar. It’s quite like the origin story for the broader internet. That had its roots in the Department of Defense as well. So, just as the broader internet eventually became available to the public, so did the dark web as well.
Getting there requires a special browser because the protocols for the dark web differ from the surface web. Moreover, these browsers strip web traffic of identifiable information, encrypt it, and send it through a series of server jumps. The browsing traffic will appear to go through a server in one country, then a different server in another, and then another.
These steps make it highly difficult to identify the person using the browser. On the flip side, it makes it difficult to identify the people hosting the sites and services on the dark web as well.
Without question, privacy is everything on the dark web. For good and for bad.
While the notion of the dark web typically gets raised in the context of cybercrime and other illegal activity, it has legitimate uses. Some of these use cases include:
Well-regarded news outlets such as the BBC and Pro Publica maintain a presence on the dark web to ensure that anyone can access their reporting. This includes people in nations and regions where certain news sources are censored.
For the particularly privacy-conscious, the dark web hosts several resources for encrypted communication. That includes email clients, internet chat, and even social media sites.
Anonymous tips are a part of national security, law enforcement, and journalism as well. The private nature of the dark web confers an additional degree of anonymity to tipsters.
The dark web isn’t a place everyday internet users will need, or even want, to go. It’s far more complicated than the surface web—and going in without taking several security measures can make the trip a risky one.
This is where the rubber meets the road from an online protection standpoint. The dark web is also a marketplace for hackers and bad actors. In several ways—as a place to purchase and rent malware, a repository for stolen information, and a place to communicate and coordinate attacks.
For starters, the dark web is populated with dark marketplaces. And difficult-to-trace cryptocurrency is the coin of the realm. With dark web stores stocked with ready-made malware kits, bad actors can launch attacks with little need for technical expertise. Others have done the work for them.
Cybercrime groups of all sizes prop up these shops, which they also use to rent out other services for attacks. For example, a small-time bad actor could easily lease a botnet to wage an attack that slows a targeted website to a crawl. Some cybercrime groups will provide hackers who can run attacks on someone else’s behalf, creating a mercenary “hacker for hire” gig economy.
Likewise, information stolen from a data breach can end up in dark web marketplaces as well. The personal information posted in these marketplaces can range anywhere from emails and passwords to in-depth information like tax numbers, health information, and driver’s license numbers. Some of it goes up for sale. Some of it gets dumped there for free. With the right information in hand, cybercriminals can commit acts of identity theft. That includes claiming unemployment benefits and tax refunds in someone else’s name. In extreme cases, it can lead to bad actors can outright impersonate their victims, racking up debts and criminal records along the way.
Some hacking groups sell hacked accounts outright. For a couple hundred dollars, they offer up login and password information for bank accounts that have a couple thousand dollars in them. Also available, pre-hacked email, social media, and online payment accounts. If it’s hackable and has value, it’s likely for sale on the dark web.
With all this shady activity on the dark web, you might wonder how you can protect yourself. In fact, you can take several steps to help prevent your information from finding its way there. And you also can take other steps if your information unfortunately does end up on the dark web.
Installing online protection software is the first step. Online protection software can help prevent many of the attacks bad actors can purchase on the dark web. It protects against ransomware, adware, spyware, and all manner of malware, whether it’s pre-existing or entirely new.
Yet today’s online protection goes far beyond antivirus. Comprehensive protection like ours protects your privacy and identity as well. It can monitor your identity and credit, create strong passwords, and clean up your personal information online.
An identity monitoring service can actively scan the dark web for personal info like your date of birth, email addresses, credit card numbers, personal identification numbers, and much more. In the event you fall victim to identity theft, our identity theft coverage and restoration can provide up to $1 million in coverage to cover the costs. Plus, it provides the services of a recovery expert with limited power of attorney to help you repair the damage done.
If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up immediately. That might indicate improper use. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud. Moreover, they have customer support teams that can help you file a claim if needed.
Given all the accounts you likely have a credit monitoring service can help. McAfee’s credit monitoring service can help you keep an eye on changes to your credit score, report, and accounts with timely notifications and provide guidance so you can take action to tackle identity theft.
With the high number of accounts you need to protect, creating strong, unique passwords for each one can get time consuming. Further, updating them regularly can become a time-consuming task. That’s where a password manager comes in.
A password manager does the work of creating strong, unique passwords for your accounts. These will take the form of a string of random numbers, letters, and characters. They will not be memorable, but the manager does the memorizing for you. You only need to remember a single password to access the tools of your manager.
The more online accounts you keep, the greater the exposure you have to data breaches. Each account will have varying degrees of personal and financial information linked to it. And that means each one carries a varying degree of risk if it gets breached. Moreover, some sites and services protect data better than others, which adds another dimension of risk. Closing old and particularly risky accounts can decrease the risk of your personal and financial information winding up in the hands of an identity thief.
With security and savings in mind, McAfee created Online Account Cleanup. It finds and requests the deletion of unused accounts and protects your personal data from data breaches as a result. Monthly scans across your online accounts show a risk level for each account and help you decide which ones to delete.
Two-factor authentication is an extra layer of defense on top of your username and password. It adds a one-time-use code to access your login procedure, typically sent to your smartphone by text or call. Together, that makes it tougher for a crook to hack your account if they get hold of your username and password. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up is more than worth the big boost in protection you’ll get.
The “dark” in the dark web stands for anonymity. And with anonymity, all kinds of activity follow. Good and bad.
From a security standpoint, the dark web is a haven for all manner of cybercriminals. Understanding how they use the dark web can help you protect yourself from their activities. You have tools for prevention, and you have resources available if your information ends up there or leads to identity theft.
By putting a face on the dark web, you put a face on cybercrime and can help reduce the risk of it happening to you.
The post What is the Dark Web? The Answer Can Help You Stay Safer Online. appeared first on McAfee Blog.
“Together for a better internet.” That’s the rallying cry of this year’s Safer Internet Day, and it’s one we’re happy to hear. Particularly from a parent’s perspective.
Safer Internet Day celebrates its 20th year on February 7th and focuses on ways we can all protect, empower, and respect all children when they go online—and gives us an opportunity to reflect on what that really means.
Consider that for some time now, children have found themselves born into an online world. As soon as they can pick up a toy, they can pick up a phone or tablet too. And they often do, given that they’re growing up in homes where one is practically always in reach. With that, their online life begins.
Learning how to live life online is simply another part of growing up nowadays. And that’s where we as parents play a significant role. Just as in every other aspect of life, they look to us for guidance, encouragement, and new things to see and do online. Safely, too.
Children have said as much. In our recent global report entitled “Life Behind the Screens of Parents, Tweens, and Teens,” we asked who is best suited to teach them about being safe online. Children said their parents are the clear winners. Nearly three-quarters of children pointed to parents, almost twice more than teachers at school (39%) and more than twice over for online resources (34%).
However, while parents agreed with this, it appears they didn’t always follow through. For starters, parents reported using basic protection on their own computers at a relatively low rate. Even the simplest of security steps scored relatively low despite how relatively easy they are to take. That included using antivirus software (68%), protecting the computer with a password (58%), or sticking to reputable online stores when shopping (50%). These figures dropped yet lower when asked if they took the same precautions for their children on their computers.
For example, only 57% of parents said they installed antivirus on their child’s computer and only 44% have their child password or passcode protect their computer, as illustrated by the drops in the chart below.
This trend extends to smartphones as well. While 56% of parents said that they protect their smartphone with a password or passcode, only 42% said they do the same for their child’s smartphone—a 14% difference. Again, considering how easy it is to create a password or passcode for a phone, and how much of our online lives course through those devices, that figure would ideally come in at 100%.
In all, many parents protect their children even less than they protect themselves.
Everyone loves their smartphone. Children particularly so. While parents placed their smartphone as their top device at 59%, followed by their computer or laptop at 42%, tweens and teens put their smartphone at the top of the at a decisive 74%. Second was their gaming console at 68%.
Unsurprisingly, that love for the smartphone pushes children’s internet usage quickly to an adult level at an early age, marking a sort of early mobile maturity where they are exposed to the broader internet full of apps, chats, entertainment, and social media—along with their benefits and risks nearly right away.
Taken with the low level of security measures parents place on their children’s phones, we can see how children are going online with a device that’s largely unprotected—in part because their parents leave their smartphones largely unprotected as well.
Beyond devices, parents have other concerns about their children as they increasingly spend more time online, particularly as they get older. Some of the top ones include:
Increasingly, staying safe online involve more than protecting devices—it revolves around protecting the people who use them. Topics like the ones above are prime examples. They’re about people, not devices. Further, we have the broader issues of staying more private online and protecting your identity from hackers, scammers, and thieves—where once again, bad actors target people, not their devices.
It’s a lot to keep on top of.
And that can feel a bit overwhelming to a parent. Luckily, as with other aspects of parenting, you don’t have to think about all these topics all at once. They’ll crop up naturally over time, just as the umpteen other teaching moments do over the course of parenting.
It starts with asking a few questions. What might be on the horizon for our children as they go online over the next few weeks and months? How can you support them? And how can you prepare yourself for that support? Granted, those are some pretty broad questions. Yet we can help:
As for tools you can use to help keep your children safer online, we just released our McAfee+ Family Plans, online protection that’s personalized for the ones closest to you. Whether you want to protect your partner, children, parents, or a loved one practically anywhere, they offer tailored device, identity, and privacy protection for up to six people.
For your children, that means you can protect them from viruses, sketchy websites, and inappropriate content—plus establish ground rules for screen time, all in a way that’s right for them. Each child also gets their own Protection Score, a reflection of just how safe they are online, which you can quickly review and then get guide you through steps that can make them safer still. In all, it’s a powerful tool for parents who care about their children’s safety online.
You have yet another powerful tool at your disposal: conversations. You’ll find that some of the best protection you provide stems from chats with your children.
Sit down with them while they play an online game, ask what apps they like to use, or ask to look when a TikTok reel makes them laugh. These are all natural moments to get a glimpse into their digital life and simply talk about it—without lectures or preaching. The more you can make talking about life online feel like a normal thing, the more opportunities you’ll get to support them when they need it.
As parents, we can look at our children now and wonder what the internet will bring to them in the next five, ten, or even twenty years from now. It’s exciting, perhaps a bit dizzying, yet it’s more reason to offer your guidance and encouragement, to learn about life online together. That will give them a foundation they can build on, so they can enjoy a fulfilling and safer life online.
The post Safer Internet Day: Through a Parent’s Eyes appeared first on McAfee Blog.
Some smart devices are not limited to use on the home network; for instance, your child’s mobile phone or tablet. Keeping your kids safe on these on-the-go devices means extending your security policies beyond the home. Trend Micro Home Network Security (HNS) makes it easy with its complementary app, Trend Micro Guardian. Guardian integrates with HNS’s parental control rules via Mobile Device Management technology to extend the rules you’ve applied on your home network to your children’s Wi-Fi / mobile connections outside the home.
Guardian enables the following security and parental controls:
|
|
Setup and Configuration
In order to benefit from these features, the Trend Micro Guardian app must be installed on your child’s device and paired with your Home Network Security Station. It’s recommended that you install Trend Micro Guardian on the child’s device before setting up Parental Controls. However, you may also save the Trend Micro Guardian setup process until after you’ve defined the Parental Control rules for your child. Either way, Guardian accepts the rules defined and applies them to the child’s device whenever they go beyond your home and hook up to public WiFi or their mobile network.
For the Trend Micro Guardian app setup and installation process, you may refer to FAQ: Trend Micro Guardian or the Home Network Security Product Guide for more details.
A Few Additional Notes
|
|
Protection that Goes Where Your Child Goes
Internet safety for kids is a must, whether they’re online at home, or out and about, away from home. Trend Micro Guardian ensures the child will observe and practice the same security rules at home and on the internet anywhere in the world.
For more information on Trend Micro Home Network Security with Guardian, go to Home Network Security.
The post Trend Micro Guardian: Protecting Your Kids On-the-Go appeared first on .
The coronavirus pandemic—the infection officially designated as COVID-19—is causing upheaval across the globe. Aside from the serious economic and public health implications, one very practical impact of shelter-in-place dictums is to force many companies to support remote working where they can. The most recent data tells us that in 2017, eight million Americans worked from home at least some of the week — amounting to around 5% of US workers. However, the events of the past few weeks are driving what is being described in certain sectors as the biggest shift to home working since 9/11.
This will ensure that many companies can continue functioning while helping to achieve social distancing to minimise the spread of the virus. But there are challenges, particularly to smaller businesses who don’t have IT security teams to assist with the transition. Hackers are primed and ready to take advantage of home workers, whose machines and devices may not be as secure as those in the office. There’s also a risk that workers are more distracted by current events when working at home, creating more opportunities for cyber-criminals to strike.
This isn’t just about hackers stealing your personal log-ins and information to sell on the dark web. In a home-working context, corporate data and systems may also be at risk. It takes just one unsecured remote worker to let the bad guys in. The damage they end up doing may be particularly difficult for employers to weather given the extreme economic pressures already on many firms.
With that in mind, therefore, let’s take a look at some of the major threats to home workers and their organizations, and what can be done to keep the hackers at bay.
Phishing messages are by far the number one threat to home workers. Cyber-criminals are using widespread awareness of COVID-19, and a desire for more information on the outbreak, to trick users into clicking on malicious links or opening booby-trapped attachments. Many are spoofed to appear as if sent by trusted organizations such as the US Centers for Disease Control and Prevention (CDC) or the World Health Organization (WHO). They may claim to offer more information on the spread of the outbreak, tips on staying safe, and even provide details of how to get a non-existent vaccine online.
If you click through on a malicious link, the next stage of the attack could:
|
|
Brute forcing is another way for hackers to hijack your cloud accounts. They use previously breached username/password combos and run them through automation software to try them across billions of websites and apps. Because users reuse passwords across numerous accounts, the bad guys often get lucky and are able to unlock additional accounts in this way. Home workers using Microsoft Teams, Slack, Zoom and other cloud platforms for collaboration and productivity may be targeted.
Malicious smartphone apps are another threat to home workers. These may be disguised to trick the user into believing they’re downloading a COVID-19 tracker, for example. In reality, it could infect the device with ransomware, info-stealers, or other malware. That device could then spread the same malware to the corporate network, if it is connected to it via the home network.
Smart device threats are also a concern for home workers. More and more of us are investing in smart home devices. From voice assistants to smart speakers, connected refrigerators to smart TVs, it’s estimated that there’ll be as many as 128 million smart homes in the US by the end of this year. However, often these consumer-grade devices don’t have strong built-in protection. They may use weak, factory default passwords and/or contain multiple software vulnerabilities which are rarely patched by the manufacturer, if at all. The risk is that hackers could hijack one or more of these devices and use them as a stepping stone into the home and then corporate network – as we’ve demonstrated in previous research.
Friends and family could also introduce new cyber-threats, as they will also be confined largely to the home. That means they’ll be logging on to the home network with their own mobile devices, which may not be as well protected from threats as they should be. Once again, such threats could spread quickly from the home network to infect the enterprise network if it’s connected without adequate security controls. Another risk is of children using unsecured remote learning platforms, which may offer cybercriminals opportunities to hijack accounts, steal information and spread malware onto the network.
Home workers represent an attractive target in their own right. After all, personal information and log-ins (home banking, Netflix, webmail etc) can be easily sold for a profit on dark web marketplaces. However, organizations represent a much bigger, potentially more lucrative pay day for cyber-criminals. While corporate PCs and networks might be fairly well secured, the rush to support home working may have left gaps the bad guys are keen to exploit.
By first compromising the home worker, and then pivoting through unsecured channels to the corporate network, hackers could spread ransomware, steal sensitive company IPs, infect work networks with crypto-mining malware, or steal large volumes of customer data. They may also look to hijack employees’ corporate email or other accounts as the first part of a multi-stage information-stealing attack. There have even been new warnings of Business Email Compromise (BEC) attacks in which employees (usually those working in the finance department) are contacted by someone posing as a senior exec and ordered to wire business funds to a new bank account.
With so many techniques at their disposal, it’s easy to imagine that the bad guys have the upper hand. But by putting a few best practices in place, there are things businesses and employees can do today to reduce home working security risks.
Consider the following:
|
|
We don’t know how long COVID-19 will last. But by adapting to the new reality as quickly as possible, businesses and their home workers can at least close down any security gaps, enabling them to be as productive as possible — while most importantly, staying safe and healthy.
The post COVID-19: How Do I Work from Home Securely? appeared first on .
FreshRSS 