Login
A safer internet isn’t a nice thing to have. It’s a necessity because we rely on it so heavily. And there’s plenty we can do to make it happen.
A safer internet might seem like it’s a bit out of our hands as individuals. The truth is that each of us plays a major role in making it so. As members, contributors, and participants who hop on the internet daily, our actions can make the internet a safer place.
So, specifically, what can we do? Take a few moments to ponder the questions that follow. Using them can help frame your thinking about internet safety and how you can make yourself, and others, safer.
Device safety is relatively straightforward provided you take the steps to ensure it. You can protect your things with comprehensive online protection like our McAfee+ plans, you can update your devices and apps, and you can use strong, unique passwords with the help of a password manager.
Put another way, internet safety is another way to keep your house in shape. Just as you mow your lawn, swap out the batteries in your smoke alarm, or change the filters in your heating system, much goes the same for the way you should look after computers, tablets, phones, and connected devices in your home. They need your regular care and maintenance as well. Again, good security software can handle so much of this automatically or with relatively easy effort on your part.
If you’re wondering where to start with looking after the security of your devices, check out our article on how to become an IT pro in your home. It makes the process easy by breaking down the basics into steps that build your confidence along the way.
This includes all kinds of topics. The range covers identity theft, protecting your personal info, privacy, cyberbullying, screen time, when to get a smartphone for your child, and learning how to spot scams online. Just to name a few. And if you visit our blogs from time to time, you see that we cover those and other topics in detail. It offers a solid resource any time you have questions.
Certainly, you have tools that can give you a big hand with those concerns. That includes virtual private networks (VPNs) that encrypt your personal info, built-in browser advisors that help you search and surf safely, plus scam protection that lets you know when sketchy links pop up in emails and messages.
However, internet safety goes beyond devices. It’s a mindset. As with driving a car, so much of our online safety relies on our behaviors and good judgment. For example, one piece of research found that ninety-one percent of all cyberattacks start with phishing emails.i
As Tomas Holt, professor of criminal justice at Michigan State University, states, “An individual’s characteristics are critical in studying how cybercrime perseveres, particularly the person’s impulsiveness and the activities that they engage in while online that have the greatest impact on their risk.”
Put another way, scammers bank on an itchy clicker-finger — where a quick click opens the door for an attack. Educating your family about the risks out there, such as phishing attacks and sketchy links that crop up in search goes a long way to keep everyone out of trouble. In combination with online protection software like ours covers the rest of the way.
A big part of a safer internet is us. Specifically, how we treat each other — and how we project ourselves to friends, family, and the wider internet. With so much of our communication happening online through the written word or posted pictures, all of it creates a climate around each of us. It can take on an uplifting air or mire you in a cloud of negativity. What’s more, it’s largely out there for all to see. Especially on social media.
Take time to pause and reflect on your climate. A good place to start is with basic etiquette. Verywell Family put together an article on internet etiquette for kids, yet when you give it a close read, you’ll see that it provides good advice for everyone.ii
In summary, their advice focuses on five key points:
Of course, the flip side to all of this is what to do when someone targets you with their bad behavior. Such as when an online troll who hurls hurtful or malicious comments your way. That’s a topic in itself. Check out our article on internet trolls and how to handle them. Once again, the advice there is great for everyone in the family.
We’ve shared quite a bit of info in this article and loaded it up with plenty of helpful links too. Don’t feel like you have to take care of everything in one sitting. See what you have in place and make notes about where you’d like to make improvements. Then, start working down the list. A few minutes each week dedicated to your security can greatly increase your security, safety, and savvy.
[i] https://www.darkreading.com/endpoint/91–of-cyberattacks-start-with-a-phishing-email/d/d-id/1327704
[ii] https://www.verywellfamily.com/things-to-teach-your-kids-about-digital-etiquette-460548
The post Internet Safety Begins with All of Us appeared first on McAfee Blog.
According to Pew, three-in-ten U.S. adults say they have used a dating site or app. That number climbs to 53% for people under the age of 30. More and more people are turning to digital platforms to find love and companionship or simply to expand their social circles. However, as the popularity of online dating grows, so do the potential risks associated with it. From privacy concerns to identity theft, the digital dating world can be fraught with peril if you’re not careful. But fear not, by following a few simple guidelines, you can navigate the online dating scene safely and securely.
This article is for you or anyone you know who may be hopping onto an online dating app like Match, Bumble, Plenty of Fish, eHarmony, Tinder, or OkCupid. Think of it as an advice column of a different sort, where we talk about dating in light of your online privacy and safety.
For starters, we have a couple of previous blogs that offer sound advice about online dating. The first covers ways you can protect your privacy when you’re using online dating apps, which starts with picking a dating app that has a good reputation. The second rounds out the topic with further online dating advice for adults and teens alike. Give them a look!
It starts with basic hygiene. Digital hygiene, that is. Before you dive into a dating app, ensure that your device (and all your connected devices while you’re at it) has a comprehensive security solution in place. As you surf, chat, and meet up online, you’ll want to know that you’re protected against malware, viruses, phishing attacks, sketchy links, and so forth. Other features will come in handy (and be necessary as well), like ones that help you manage your passwords, protect your identity, safeguard your privacy, and more—all of which we’ll talk about in a bit.
Picking the right app is like picking the right date. From a security standpoint, these apps are the keepers of highly personal information about you, so you’ll want to know how they handle data, what privacy protections are in place, what information they gather when you first sign up, and what they continue to gather as you use the app. Do your research. Read up on their privacy policies. See what other people have to say about their experiences. And get a sense of what the app is all about. What’s its approach to dating? What kind of relationships are they focusing on? Make sure all of it feels right to you.
Only give the app the information that’s absolutely necessary to sign up. Dating apps ask questions so that they can help you find an ideal match, yet only share what you feel comfortable sharing. This is true from a personal standpoint, but it’s true from a security standpoint too. Anything you share along those lines could be at risk of a hack or a breach, the likes of which were reported by Wired and Forbes last year. If your info is compromised, it could lead to anywhere from identity theft to harassment, so when you use a dating app, keep the sharing to a minimum—and keep your eyes peeled for any suspicious activity across your social media, online accounts, and even your finances.
Another password to remember! That’s just what you need, right? Right! It absolutely is, and a strong one is vital. You can create one and manage all of your passwords with McAfee+’s password manager. It’ll encrypt your passwords and use multi-factor authentication, which offers even further protection from hacks and attacks on your account.
You can help keep your chats more private, and just about anything else you’re doing online, by using a VPN (virtual private network). For example, our VPN uses bank-level encryption to keep your personal data and activities private from hackers. And it’ll hide other information associated with your dating account while you’re online, like personal details, credit card numbers, and so forth. Given the security risks we’ve talked about so far, you’ll want to look into a VPN.
If you’re not using a VPN on your device, don’t use your dating app on public Wi-Fi. The issue is this: plenty of public Wi-Fi hotspots aren’t secure. Someone else on the network could easily intercept the information you send over it, including your passwords, any photos you share, and any chats you have. In other words, using public Wi-Fi without protection is like opening a door that leads right to you and your most personal data. This applies to everything on public Wi-Fi, not just dating apps. If you use public Wi-Fi at all, you really should use a VPN.
In the ever-evolving landscape of online dating, safeguarding your privacy and security is paramount. By implementing strategies such as using strong passwords, employing a reliable VPN, and exercising caution on public Wi-Fi, you can navigate the digital dating sphere with confidence. Remember, your safety and privacy are non-negotiable priorities in the pursuit of love and companionship online.
The post How to Safely Date Online appeared first on McAfee Blog.
Over the past year and a half, workers everywhere have gotten used to working from home. They have adopted an entirely new work from home mindset and diverted their weekly commuting hours to other productive and more enjoyable pursuits. As parts of the world return to a “new normal,” another change is on the way: a gradual return to the office.
The hybrid working model is met with mixed reviews from employees and business security teams alike. For some employees, a clearer separation between work and home is a welcome change. CTV News reports 66% of Canadian respondents to an International Workplace Group poll say they are looking forward to splitting their working hours between the office and home.
For business security teams who are just catching their breath after the monumental shift to a remote workforce, they are now gearing up for the new online safety challenges posed by the hybrid work model. According to a VMware Canada Threat Report, 86% of security professionals agree that cyberattacks aimed at their organizations have become more sophisticated since the onset of the pandemic. Additionally, 91% of global respondents cite employees working from home as the cause of cyberattacks. Challenges of the hybrid workforce include the constant back-and-forth of company-issued devices, the lack of control over home office setups, and mixing personal and company devices with company and personal business respectively. For example, if you pay your bills or shop online using your work device, it opens several new avenues for a hacker to walk right onto the corporate network. When your guard is down even a little bit when you are off the clock, you could fall victim to e-skimmers, fake login pages, or phishing scams.
No matter how advanced your company’s threat detection system, hackers know where vulnerabilities lie and are on the hunt to exploit them. Check out these tips to ensure you are not the weak link in your organization.
A virtual private network (VPN) is a service that scrambles online browsing data, making it impossible for nefarious characters to decipher your activity. This is an excellent way to deter hackers from tracking your movements and picking up sensitive pieces of information.
VPNs are essential if you are working in a public area, sharing a wireless network with strangers, or using a Wi-Fi connection that is not password protected. Public Wi-Fi networks are notoriously easy pickings for hackers seeking entry into unsuspecting users’ devices. On the days where you are not in the office, make sure your wireless connection is secure.
While a VPN is an excellent tool, security measures and your accounts are vulnerable without a strong and private password or passphrase to protect them. The gigantic Colonial Pipeline hack is being blamed on a hacker gaining entry through an unused VPN that was not secured with multifactor authentication. Multifactor authentication is an online safety measure where more than one method of identity verification is needed to access the valuable information that lies within password-protected accounts.
Consider using a password manager to organize all your passwords and logins. Password managers remember each pairing so you don’t have to, plus most managers are secured with multifactor authentication. A password manager makes it easier to add variety to your passwords and prevents you from ever having to write them down.
Professionals who travel between their home and an office are likely transporting their devices back and forth, increasing the number of opportunities for devices to be forgotten at either location or in transit. As convenient as it may be, never use your personal device for official business. Even if you pride yourself on sound online safety habits, your company device likely has more defenses ingrained in its hardware than your personal devices.
With your personal devices, you should carefully vet everything you download. With your work-issued devices, this vetting process is even more important as company information is at stake. The Information and Privacy Commissioner of Ontario states that employees should never download applications to their work devices without permission from the IT team. Apps and programs often have security vulnerabilities that could open a gateway for hackers.
Zero Trust is a security philosophy that is exactly what it sounds like: trust no one. Businesses are employing Zero Trust models to greatly limit who has access to sensitive data sources. Adopt your own personal Zero Trust philosophy concerning your passwords, logins, and device access. This means never sharing passwords or log in details, especially over email, instant messenger, or over a video conference. Hackers commonly eavesdrop on all three mediums. Also, even your most trusted coworker could mishandle your passwords and login details, such as writing them down and leaving them in a public place.
A key aspect of the Zero Trust model is only granting employees access to platforms that are vital to their job. Sharing your logins with coworkers who may not be authorized for using that platform undermines all the hard work the IT team does to keep tabs on data access.
Every time you turn on the nightly news, another ransomware attack has hit another organization, each one bigger than the last. This heightened prevalence is a reflection on the wiliness of hackers, but also the number of security holes every company must plug.
There are several vulnerable points of entry in every company, and some of those vulnerabilities are heightened by the hybrid work model. Always heed the advice of your company’s IT team, and make sure to do your part to keep your devices and work information secure.
The post Hybrid Workplace Vulnerabilities: 4 Ways to Promote Online Safety appeared first on McAfee Blog.
We reported earlier this year, a fresh rash of online job scams continue to rope in plenty of victims. Now, those victims are taking to TikTok with a warning.
https://www.tiktok.com.mcas.ms/@thenamesamber/video/7188616142062275886
Source, thenamesamber on TikTok
Take the story thenamesamber told on TikTok. It starts out like many. Amber wanted a job that allowed remote work, and luckily enough, a recruiter reached out to her through an online recruiting site with an opportunity.
From there, the recruiter directed Amber to download a messaging app, which the company would use for the interview process. The interview went just fine, Amber got a job offer, and then the company asked Amber for a home address.
Here’s where the catch comes in.
Amber goes on to say that the company sent her a check by overnight mail, a check she should use to buy equipment. A check for nearly $5,000. For days, the check didn’t post. The company repeatedly asked for update. Had it posted yet? Had it posted yet?
At this point, Amber said she got suspicious. She contacted her bank. The check had a hold placed on it, and according to Amber, she was charged a fee and her account frozen for days. In speaking with her bank, Amber was told that the check was bad and that she was the victim of a scam. The bank has seen a lot of it lately, said Amber.
Yet based on what we’ve seen, Amber got lucky.
Victims and banks sometimes fail to spot the scam as it unfolds. In those cases, the check gets posted and the scammers tell the victim to forward the money to another person who’ll purchase equipment for them. Usually by way of an online payment app.
Days later, the check bounces for insufficient funds. Meanwhile, victims get burdened with the fraud reporting process — with their bank and with the payment app they used. Depending on the means and terms of payment, some or all of that money might be gone for good. And as a result, the scammers get a few thousand dollars richer.
If you spend some time on social media, you’ll stumble across plenty of videos that tell this exact story in one form or another. And with each story, you’ll find dozens of people sharing that the same thing happened, or almost happened, to them.
We’re glad people are taking to TikTok to share their stories, even as sharing those stories can get painful. You can avoid these scams. Part of it involves awareness. They’re still going strong. The next part counts on you and your sharp eye to spot sketchy behavior when you see it.
We’ll show you how, and that begins with a look at where these scams take place.
Employment figures continue to surge. It’s a hot job market out there, and when things get hot, you’ll find scammers looking to turn a buck. It’s much like tax season and gift-giving holidays. Scammers will take advantage of trends and seasonal events where people go online and there’s money involved. Job scams are no different.
Where do these scams crop up?
As we reported earlier this year and as TikTok videos have shared, many appear to originate from trusted online recruiting platforms like LinkedIn and Indeed. Scammers will either set up a bogus company or pose as a representative of a legitimate company. In other cases, job scams take root on social media. Here, scammers play the same game—set up a bogus company or impersonate a legitimate one.
From there, stories like Amber’s unfold.
Without question, recruiting and social media platforms know what’s going on and take steps to quash scam accounts.
For example, LinkedIn’s latest community report cited the removal of more than 21 million fake accounts in the first half of 2022:
Likewise, Facebook took action on 426 million fake accounts in Q1 of 2023 alone, with nearly 99% of them acted on before users reported them.
In its guidelines for a safe job search, Indeed mentions the global teams “dedicated to the safety and authenticity of the jobs posted on our platform.”
Still, some scammers make their way through to these platforms and others like them.
Our earlier advice on the topic still holds true. You can spot scams several ways, particularly when you know that scammers want your money and personal information as quickly as possible. The moment any so-called job offer asks for any of those, a red flag should immediately go up.
It’s possibly a scam if:
They ask for your Social Security or tax ID number.
In the hands of a scammer, your SSN or tax ID is the key to your identity. With it, they can open up bank cards, lines of credit, apply for insurance benefits, collect benefits and tax returns, or even commit crimes, all in your name. Needless to say, scammers will ask for it, perhaps under the guise of a background check or for payroll purposes. The only time you should provide your SSN or tax ID is when you know that you have accepted a legitimate job with a legitimate company. Only sent it through a secure document signing service, never via email, text, or over the phone.
They want your banking information.
Another trick scammers rely on is asking for bank account information so that they can wire a payment to you. As with the SSN above, closely guard this information and treat it in exactly the same way. Don’t give it out unless you have a legitimate job with a legitimate company.
They want you to pay before you get paid.
Some scammers will take a different route. They’ll promise employment, but first you’ll need to pay them for training, onboarding, or equipment before you can start work. Legitimate companies won’t make these kinds of requests. Amber’s check story provides a good example of this.
They tell you to download a specific messaging app to communicate with them.
Victims report that the scammers require a specific app to chat and, sometimes, to conduct the interview itself. Apps like Signal and Wire get mentioned, yet rest assured that these apps themselves are legitimate. The scammers are the problem, not the apps. Consider it a warning sign if someone asks you to largely communicate this way.
Aside from the types of information they ask for, the way they ask for your information offers other clues that you might find yourself mixed up in a scam. Look out for the following as well:
1) The offer is big on promises but short on details.
You can sniff out many online scams with the “too good to be true” test. Scammers often make big promises during the holidays with low-priced offers for hard-to-get holiday gifts and then don’t deliver. It’s the same with job scams. The high pay, the low hours, and even the offer of things like a laptop and other perks, these are signs that a job offer might be a scam. Moreover, when pressed for details about this seemingly fantastic job opportunity, scammers might balk. Or they might come back with incomplete or inconsistent replies because the job doesn’t exist at all.
2) They communicate only through email or chat.
Job scammers hide behind their screens. They use the anonymity of the internet to their advantage. Job scammers likewise create phony profiles on networking and social media websites, which means they won’t agree to a video chat or call, which are commonly used in legitimate recruiting today. If your job offer doesn’t involve some sort of face-to-face communication, that indicates it might be a scam.
3) And the communications seem a little …off.
Scammers now have an additional tool to reel in their victims — AI chatbots like Chat GPT, which can generate email correspondence, chats, LinkedIn profiles, and other content in seconds so they can bilk victims on a huge scale. However, AI has its limits. Right now, it tends to use shorter sentences in a way that seems like it’s spitting out information. There’s little story or substance to the content it creates. That might be a sign of a scam. Likewise, even without AI, you might spot a recruiter using technical or job-related terms in unusual ways, as if they’re unfamiliar with the work they’re hiring for. That’s another potential sign.
4) Things move too quickly.
Scammers love quick conversion. Yet job seekers today know that interview processes are typically long and involved, often relying on several rounds of interviews and loops. If a job offer comes along without the usual rigor and the recruiter is asking for personal information practically right away, that’s another near-certain sign of a scam.
5) You get job offers on Facebook or other social media sites not associated with job searches.
This is another red flag. Legitimate businesses stick to platforms associated with networking for business purposes, typically not networking for families, friends, and interests. Why do scammers use sites like Facebook anyway? They’re a gold mine of information. By trolling public profiles, they have access to years of posts and armloads of personal information on thousands of people, which they can use to target their attacks. This is another good reason to set your social media profiles on platforms like Facebook, Instagram, and other friend-oriented sites to private so that scammers of all kinds, not just job scammers, can’t use your information against you.
As a job hunter you know that getting the right job requires some research. You look up the company, dig into their history—the work they do, how long they’ve been at it, where their locations are, and maybe even read some reviews provided by current or former employees. When it comes to job offers that come out of the blue, it calls for taking that research a step further.
After all, is that business really a business, or is it really a scam?
In the U.S., you have several resources that can help you answer that question. The Better Business Bureau (BBB) offers a searchable listing of businesses in the U.S., along with a brief profile, a rating, and even a list of complaints (and company responses) waged against them. Spending some time here can quickly shed light on the legitimacy of a company.
Also in the U.S., you can visit the website of your state’s Secretary of State and search for the business in question, where you can find when it was founded, if it’s still active, or if it exists at all. For businesses based in a state other than your own, you can visit that state’s Secretary of State website for information. For a state-by-state list of Secretaries of State, you can visit the Secretary of State Corporate Search page here.
For a listing of businesses with international locations, organizations like S&P Global Ratings and the Dun and Bradstreet Corporation can provide background information, which might require signing up for an account.
Given the way we rely so heavily on the internet to get things done and enjoy our day, comprehensive online protection software that looks out for your identity, privacy, and devices is a must. Specific to job scams, it can help you in several ways, these being just a few:
Amber’s story, and stories like hers have racked up nearly a quarter-billion dollars in reported losses in the first half of this year here in the U.S. The median loss, somewhere around $2,000 per victim.
Job scams persist. In fact, they’ve increased by nearly 25% this year compared to this time last year. It’s no surprise that scam stories on TikTok keep racking up. Yet as you’ve seen, awareness and a sharp eye can help you avoid them.
Editor’s Note:
Job scams are a crime. If you think that you or someone you know has fallen victim to one, report it to your authorities and appropriate government agencies. In the case of identity theft or loss of personal information, our knowledge base article on identity theft offers suggestions for the specific steps you can take in specific countries, along with helpful links for local authorities that you can turn to for reporting and assistance.
The post Online Job Scams – TikTokers Tell Their Stories, with a Warning appeared first on McAfee Blog.
You can almost feel it in the air. Wi-Fi is everywhere. And if you tap into public Wi-Fi, do it with a VPN.
The keyword in public Wi-Fi is “public.” That means anyone else on the network can see what you’re connecting to and what data you’re passing along, with a little effort. Your credit card number while you shop. Your password when you bank. That confidential contract you just sent to a client. And your logins for social media too. It’s all an open book to anyone who has the tools to snoop.
What tools let them snoop? Network analyzers, or packet sniffers as many call them, can read the data traffic that travels across a network. And because public Wi-Fi networks are open, so is the data traffic — loaded with your credentials, personal info, and so on. A bad actor can gather up data with a packet sniffer, analyze it, and pluck out the sensitive bits of information that are of value.
This is where a VPN comes in. It makes any network private. Even on public Wi-Fi.
Let’s take a look at what a VPN is, how it works, and why it’s your friend on public Wi-Fi.
A VPN is an app that you install on your device to help keep your data safe as you browse the internet. When you turn on your VPN app, your device makes a secure connection to a VPN server that routes internet traffic. Securely. This keeps your online activity private on any network, shielding it from prying eyes. Thus, while you’re on a VPN, you can browse and bank with the confidence that your passwords, credentials, and financial information are secure. If any malicious actors attempt to intercept your web traffic, they’ll only see garbled content, thanks to your VPN’s encryption functionality.
Every internet connection is assigned a unique set of numbers called an IP address, which is tied to information such as geographic location or an Internet Service Provider (ISP). A VPN replaces your actual IP address to make it look like you’ve connected to the internet from the physical location of the VPN server, rather than your real location. This is just one reason so many people use VPNs.
To change your IP address, you open your VPN app, select the server location you’d like to connect to, and you’re done. You’re now browsing with a new IP address.
An ideal case for using a VPN is when you’re using public Wi-Fi at the airport, a café, hotel, or just about any place “free Wi-Fi” is offered. The reason being is that these are open networks, and any somewhat enterprising cybercriminal can tap into these networks and harvest sensitive information as a result. One survey showed that 39% of internet users worldwide understand public Wi-Fi is unsafe, yet some users still bank, shop, and do other sensitive things on public Wi-Fi despite the understood risks.
Further, you have your privacy to consider. You can use a VPN to help stop advertisers from tracking you. Searches you perform and websites you visit won’t get traced back to you, which can prevent advertisers from gleaning information about you and your online habits in general. Moreover, some ISPs collect the browsing history of their users and share it with advertisers and other third parties. A VPN can prevent this type of collection as well.
A VPN protects your search history through the secure connection you share. When you search for a website, or type a URL into your navigation bar, your device sends something called a DNS request, which translates the website into the IP address of the web server. This is how your browser can find the website and serve its content to you. By encrypting your DNS requests, a VPN can hide your search habits and history from those that might use that info as part of building a profile of you. Others might use this info in a wide variety of ways, from legitimately serving targeted ads to nefarious social engineering.
Note that a VPN is quite different and far, far more comprehensive than using “Private Mode” or “Incognito Mode” on your browser. Those modes only hide your search history locally on your device—not from others on the internet, like ISPs and advertisers.
No, a VPN can’t make you anonymous. Not entirely anyway. They help secure what you’re doing, but your ISP still knows when you’re using the internet. They just can’t see what you’re doing, what sites you visit, or how long you’ve been on a site.
Apple’s Private Relay is similar to a VPN in that it changes your IP address so websites you visit can’t tell exactly where you are. It works on iOS and Macs as part of an iCloud+ subscription. Yet there is one important distinction: it only protects your privacy while surfing with the Safari browser.
Per Apple, it works like this:
When Private Relay is enabled, your requests are sent through two separate, secure internet relays. Your IP address is visible to your network provider and to the first relay, which is operated by Apple. Your DNS records are encrypted, so neither party can see the address of the website you’re trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested, and connects you to the site. All of this is done using the latest internet standards to maintain a high-performance browsing experience while protecting your privacy.
Check to see if Apple Private Relay is available in your country or region. If you travel somewhere that Private Relay isn’t available, it’ll automatically turn off and will notify you when it’s unavailable and once more when it’s active again. You can learn more about it here , and how you can enable it on your Apple devices.
Private Relay only works with Safari on iOS and macOS as part of an iCloud+ subscription. Even if you are using an Apple device, a VPN is still a good idea because it’ll protect the information that your device sends outside of Safari — such as any info passed along by your apps or any other browsers you might use.
An unlimited VPN with bank-grade encryption comes as part of your McAfee+ subscription and provides the security and privacy benefits above with bank-grade encryption. Additionally, it turns on automatically any time you connect to an unsecured Wi-Fi network, which takes the guesswork out of when you absolutely need to use it.
In all, our VPN makes it practically impossible for cybercriminals or advertisers to access so that what you do online remains anonymous, so you can enjoy your time online with confidence.
The post On Public Wi-Fi, a VPN is Your Friend appeared first on McAfee Blog.
Cybercrime has a price. One that more and more business owners find themselves paying.
The costs push well into the six figures, according to the U.S. Federal Bureau of Investigation’s (FBI) 2022 cybercrime report. On average, a business email compromise (a form of usually through targeted phishing or other account hacking) siphons $125,611 in funds. Ransomware attacks hold company data hostage for an average of $14,403. And data breaches level businesses for an average loss of $164,336.
Cybercriminals increasingly wage these attacks against businesses with revenues of $500,000 or less, which makes the thought of a six-figure loss for them even more sobering. Retailers, professional service providers, real estate companies, medical practices, and other businesses like them now find themselves the preferred targets for a growing body of cybercriminals.
Yet you can help prevent your business from getting hit.
To counter this rise in attacks, we created McAfee Business Protection in partnership with Dell. It offers an all-in-one solution, with automated protection features that helps secure a company’s employees, along with their data, devices, and online connections. Intuitive setup and guidance for each employee strengthens their personal security posture and fortifies the overall security of your business as a result.
And today, there’s an absolute need for that kind of protection.
Cybercriminals have good reasons for targeting businesses with revenues of $500,000 and less:
Cybercriminals may take in smaller hauls from these businesses, yet they make up for that in volume. They will attack several smaller businesses for smaller dollar amounts, which can rival the funds they’d reap by attacking one large target for one large amount—and with less relative risk.
Another factor that makes these businesses so attractive to cybercriminals is that one hack can lead to another.
Case in point, you might recall the massive data breach at Target during the holiday shopping season in 2013. It exposed some 41 million customer records, which cost Target nearly $300 million in settlements and losses. How did the hackers get in? By hacking a local HVAC contractor that used Target’s systems for billing, contracts, and project management.
This shows how a breach in even the smallest of links in the supply chain can lead to yet another breach that impacts millions of people.
As always, hackers look for easy, low-risk targets that offer the highest reward. In the case of businesses that make $500,000 a year or less, they’ve found exactly that.
Even as cybercriminals increase their attacks, both time and remote work only increase the risk to businesses.
Time is an issue business owners know well already. There’s never enough of it, which means some aspects of the business get prioritized over others. In this mix, cybersecurity suffers.
Our own research in the U.S. and Europe found that 63% of small business owners spend an hour or less on protecting their business a week. Moreover, 45% manage security in an ad-hoc way. It’s understandable, given that business owners would rather invest time in growing their business rather than managing their security. However, this low prioritization puts the business at risk, which could result in those six-figure losses mentioned above.
The advent of remote work introduces further security issues as well. In the wake of the pandemic, many employees continue to work remotely or remotely part of the time.
The implications for security can be significant. Whether working from home or some other location like a café, these employees may not have proper cybersecurity protection in place. Further, they may be using unsecure networks or Wi-Fi that can put company data at risk—not to mention their data as well. In all, remote workers can find themselves quite vulnerable.
As we created McAfee Small Business protection, we kept these issues in mind. We created protection that’s strong, and we made it straightforward as well. Business owners can set it up for their employees quickly and put controls in place to ensure they’re secure. Meanwhile our Protection Score measures the overall security of the business and offers guidance that can make it even more secure.
By design, it offers:
Further features secure your business in breadth and depth:
These are just a few of the security features offered, and you can see a full list on our partnership page with Dell here.
Cybercrime indeed has a price. Beyond the dollars involved, the costs can run yet deeper from there. Downtime in the wake of an attack hits the bottom line. The recovery efforts that follow do as well. Additionally, businesses can suffer reputational damage if an attack also affects its customers, clients, and partners.
Now, a shift has taken place. Cybercriminals still go after big businesses and major organizations, yet an increasing number of them go after businesses with revenues in the seven or even six figures. Poor security posture is one reason. Another is that even relatively amateur operations can wage attacks with “off-the-shelf” hacking tools found on the dark web.
In short, every business faces the risk of cybercrime today.
Yet with the right protection in place, you can avoid paying the price of cybercrime. And the introduction of our new McAfee Business Protection makes it easy in a time when it’s needed most.
The post The Price of Cybercrime: Protecting the Business You’ve Built from Hacks and Attacks appeared first on McAfee Blog.
If you’re a parent of a teen, there’s a good chance that Instagram is the culprit behind a good chunk of their screen time. However, woven into the stream of reels, stories, selfies, and Insta-worthy moments, are potential risks to your child’s privacy and safety.
According to a recent Pew Research Center report, 62 percent of teens use Instagram, making it the third most popular social media platform after YouTube and TikTok. Teens use the photo and video-sharing platform to share their creativity, connect with friends, and get updates on their favorite celebrities and influencers.
Instagram’s format makes it easy for kids (and adults!) to spend hours using filters and stickers, commenting, liking posts, and counting likes. But all this fun can take a turn if kids misuse the platform or fail to take the risks seriously.
Whether your child is new to Instagram or a seasoned IG user, consider pausing to talk about the many aspects of the platform.
Here are a few critical topics to help you kick off those conversations.
Acknowledging the impulsive behavior and maturity gaps unique to the teen years is essential. Do you feel like you are repeating yourself on these topics? That’s okay—it means you are doing it right. Repetition works. Advise them: Sharing too many personal details online can set them up for serious privacy risks, including identity theft, online scams, sextortion, or cyberbullying. Also, oversharing can negatively influence potential schools and employers who may disapprove of the content teens choose to share online.
Suggestion: Sit down together and review Instagram’s privacy settings to limit who can see your child’s content. Please encourage them to use strong passwords and two-factor authentication to secure accounts. Also, advise them to think twice before posting something and warn them about the risks of sharing intimate photos online (even with friends), as they can be easily shared or stolen. Now may be the time if you’ve never considered adding security software to protect your family devices. McAfee+ provides all-in-one privacy, identity, and device protection for families. It includes helpful features, including identity monitoring, password manager, unlimited VPN, file shredding, protection score, and parental controls. The software has updated features to include personal data cleanup and credit monitoring and reporting to protect kids from identity theft further.
This acronym stands for Fear of Missing Out. This word came from the subtle undercurrent of emotions that can bubble up when using social media. It’s common for kids to feel anxious or even become depressed because they think they are being excluded from the party. FOMO can lead them to spend too much time and money on social media, neglect their family or school responsibilities, or engage in risky behaviors to fit in with or impress others.
Suggestion: Help your child understand that it’s normal to sometimes have FOMO feelings. Please encourage them to focus on their strengths and to develop fulfilling hobbies and interests offline. To reduce FOMO, encourage your child to take breaks from social media. Also, install software to help you manage family screen time.
Akin to FOMO, comparing oneself to others is an ever-present reality among teens that is only amplified on Instagram. According to several reports, Instagram’s photo-driven culture and photo filters that enhance facial and body features can make teens feel worse about their bodies and increase the risk of eating disorders, depression, and risky behaviors. Girls, especially, can develop low self-esteem, comparing themselves to unrealistic or edited images of celebrities, influencers, or friends. Social comparison can also lead to the fixation on getting more likes, followers, or comments on their posts.
Suggestion: Create a safe space for your teen to discuss this topic with you. Help them understand the differences between Instagram life and real life. Help them be aware of how they feel while using Instagram. Encourage them to follow accounts that inspire and uplift them and unfollow accounts that spark feelings of comparison, jealousy, or inferiority.
Hurtful events that impact teens, such as gossip, rumor spreading, peer pressure, criticism, and conflict, can increase in online communities. If your child posts online, they can receive mean or sexual comments from people they know and strangers (trolls). Cyberbullying can surface in many ways online, making kids feel anxious, fearful, isolated, and worthless.
Suggestions: Keep up on how kids bully one another online and check in with your child daily about what’s happening in their life. Encourage them not to respond to bullies and to block and report the person instead. Also, if they are getting bullied, remind them to take and store screenshots. Such evidence can be helpful if they need to confide with a parent, teacher, or law enforcement.
Understanding how to discern true and false information online is becoming more complicated daily. In the McAfee 2023 Threat Predictions: Evolution and Exploitation, experts predict that AI tools will enable more realistic and efficient manipulation of images and videos, which could increase disinformation and harm the public’s mental health. Understanding online content is a great way to help your kids build their confidence and security on Instagram and other networks.
Suggestion: Encourage critical thinking and guide kids to use fact-checking tools before believing or sharing content that could be fake and using ethical AI frameworks. Remind them of their digital footprints and how the things they do online can have long-lasting consequences.
It’s important to remember that all social networks come with inherent dangers and that Instagram has taken a number of steps to reduce the potential risks associated with its community by improving its security features and safety rules for kids. Remember, nothing protects your child like a solid parent-child relationship. As a parent or caregiver, you play a critical role in educating your child about their digital well-being and privacy. Working together, as a family, your child will be equipped to enjoy the good stuff and avoid the sketchy side of the digital world.
The post Instagram Safety for Kids: Protecting Privacy and Avoiding Risks appeared first on McAfee Blog.
Everyone loves a great deal when they shop online. Until they discover it’s a rip-off.
Social media ads for vintage wear. Website ads for home entertainment gear. Search ads for handbags. Some of these ads aren’t what they seem. Instead of leading you to deals on a trustworthy ecommerce site, the ads take you to a bogus page designed to steal your money and personal info.
Unfortunately, it happens. And one global report estimated that online shoppers lost $41 billion to fraud in 2022. How do scammers pull it off? With the same tools that legitimate businesses use.
Let’s look at how they do it and how you can steer clear of their tricks.
Many of today’s scammers work in organized fashion. They oversee large cybercrime operations that run much like a business. They employ web designers, coders, marketing teams, and customer call centers that mimic a genuine online retailer. Which makes sense. The more they can look and act like the real thing, the more likely they can lure victims into their online stores.
Smaller bands of scammers get in on this action as well. Just as a small business can easily create an online store with any number of off-the-shelf services and solutions, so can a couple of scammers.
In this way, scammers large and small can readily create a professional-looking website, create effective ads to drive traffic to it, and collect financial information from there.
Yet, some scammers don’t steal financial information outright. They might indeed ship you the goods, but they won’t be the goods you ordered. They’re counterfeit. And it might be part of a large-scale operation that exploits child workers.
Whether they’re out to steal your money or sell you knockoff goods, online shopping scams tend to ramp up around gift-giving seasons. They’ll bait shoppers with hard-to-find items, tout steep discounts on other popular items, and otherwise play into the rush of holiday gift buying. Yet they crop up year-round as well. Really, any time you shop is a time to be on the lookout for them.
This is a great piece of advice to start with. Directly typing in the correct address for online stores and retailers is a prime way to avoid scammers online. In the case of retailers that you don’t know much about, the U.S. Better Business Bureau (BBB) asks shoppers to do their research. Ensure that the retailer has a good reputation. The BBB makes that easier with a listing of retailers you can search by typing in their name.
Also in the U.S., you can visit the website of your state’s Secretary of State. There you can search for the business in question, learn when it was founded, if it’s still active, or if it exists at all. For businesses based in a state other than your own, you can visit that state’s Secretary of State website for information. For a state-by-state list of Secretaries of State, you can visit the Secretary of State Corporate Search page here.
For a listing of businesses with international locations, organizations like S&P Global Ratings and the Dun and Bradstreet Corporation can provide background information.
Never heard of that retailer before? See when they launched their website. A relatively new site might be a sign that it’s part of a scam.
A quick visit to the ICANN (Internet Corporation for Assigned Names and Numbers) website can show you certain background information for any website you type in. Given how quickly and easily scammers can register and launch a website, this kind of information can help you sniff out a scam.
Of course, it might also indicate a new business that’s entirely legitimate, so a little more digging is called for. That’s where reviews come in. Aside from the resources listed above, a simple web search of “[company name] reviews” or “[company name] scam” can help you find out if the retailer is legit.
3. Look for the lock icon in your browser when you shop.
Secure websites begin their addresses with “https,” not just “http.” That extra “s” stands for “secure,” which means that it uses a secure protocol for transmitting sensitive info like passwords, credit card numbers, and the like over the internet. It often appears as a little padlock icon in the address bar of your browser, so double-check for that. If you don’t see that it’s secure, it’s best to avoid making purchases on that website.
4. Pay with a credit card instead of your debit card.
Credit cards offer fraud protections that debit cards don’t. Another key difference: when fraud occurs with a debit card, you fight to get your money back—it’s gone straight out of your account. With a credit card, the issuer fights to get their money back. They’re the ones who take the financial hit.
Additionally, in the U.S., the Fair Credit Billing Act offers the public protection against fraudulent charges on credit cards. The act gives citizens the power to dispute charges over $50 for goods and services that were never delivered or otherwise billed incorrectly. Note that many credit card companies have their own policies that improve upon the Fair Credit Billing Act as well. However, debit cards aren’t afforded the same protection under the Act. Avoid using a debit card while shopping online and use your credit card instead.
Two-factor authentication is an extra layer of defense on top of your username and password. It adds a one-time-use code to access your login procedure, typically sent to your smartphone by text or call. Together, that makes it tougher for a crook to hack your account. If any of your accounts support two-factor authentication, the few extra seconds it takes to set up is more than worth the big boost in protection you’ll get.
Public Wi-Fi in coffee shops and other public locations can expose your private surfing to prying eyes because those networks are open to all. A virtual private network (VPN) encrypts your browsing, shopping, and other internet traffic. That makes it secure from bad actors who try to intercept your data on public Wi-Fi, which can include your passwords and credit card numbers.
A complete suite of online protection software like McAfee+ can offer layers of extra security while you shop. It includes web browser protection that can block malicious and questionable links that might lead you down the road to malware or a phishing scam— along with a password manager that can create and securely store strong, unique passwords.
Social media has made it easier for sellers large and small to reach customers online. It’s made it easier for scammers to reach victims too.
If you’re on social media, you’ve certainly seen your share of ads. Some are from companies and retailers you know and trust. Yet more are from names you’ve likely never heard of. They might be legitimate businesses, yet they might be fronts for a convincing-looking scam.
These ads end up on social media the same way ads from legitimate businesses do, by way of social media ad platforms. Social media companies created these platforms so advertisers can reach millions of individual users based upon their age group, hobbies and interests, past purchases, and so on.
For example, a scammer might target younger shoppers with an interest in retro fashion. From there, the scammer can narrow that down to target people who live in metropolitan areas who like 1980s memorabilia. The scammers then create an ad that takes that audience to a phony website loaded with bogus t-shirts, coats, and bags.
All of it costs relatively little. A small ad budget of a few hundred dollars can give scammers exposure to millions of potential victims.
The best way to avoid getting stung by these sites is to do your homework. Seek out the company’s track record. Look for reviews. And if you’re unsure, take a pass. Don’t shop with that company.
Shopping scams can look and feel rather sophisticated today. With a host of low-cost and easy-to-use tools for publishing and advertising online, scammers of all sizes can create bogus shopping experiences that look convincing.
So buyers be wary. Before you click or tap on that ad, do some research. Determine if the company is legitimate, if it’s had complaints waged against it, and how those complaints were resolved. And always use your credit card. It offers the best consumer protections you have in the event you do end up getting scammed.
The post Steer Clear of Rip-offs: Top Tips for Safer Online Shopping appeared first on McAfee Blog.
It’s no secret that when it comes to social networks, teen preferences can change dramatically from year to year. That holds with Twitter. Even though the social network has seen a dip in use overall, Twitter has proven its staying power among certain communities, and that includes teens.
According to a 2022 Pew Center Study, 23 percent of teens online use Twitter (down from 33 percent in 2014-15). Because of Twitter’s loyal fanbase, it’s important for tweeting teens as well as parents, and caregivers to understand how to engage safely on the fast-moving platform.
Many teens love the public aspect of Twitter. They see it as a fun place to connect with friends and stay up to date on sports, school news, memes, online trends and challenges, and popular culture. However, because the platform’s brief, 140–280-word format is so distinct from other popular networks such as TikTok, YouTube, and Snapchat, the online etiquette and ground rules for engagement are also distinct.
As fun as Twitter content is to share and consume, the platform still comes with hidden risks (as do all social networks).
Here’s a guide to help your family understand safe Twitter use and still have fun on this unique social network.
This is likely one of the most important phrases you can convey to your child when it comes to using Twitter. Every word shared online can have positive or negative repercussions. Twitter’s fast-moving, ticker-like feed can tempt users to underestimate the impact of an impulsive, emotionally charged tweet. Words—digital words especially—can cause harm to the reputation of the person tweeting or to others.
For this reason, consider advising your kids to be extra careful when sharing their thoughts or opinions, retweeting others, or responding to others’ tweets. We all know too well that content shared carelessly or recklessly online can affect future college or career opportunities for years to come.
There’s little more important these days than protecting your family’s privacy. Every online risk can be traced to underestimating the magnitude of this single issue.
It’s never too early or too late to put the right tools in place to protect your family’s privacy online. While Twitter has privacy and reporting features designed to protect users, it’s wise to add a comprehensive identity and privacy protection solution to protect your family’s devices and networks.
Kids get comfortable with their online communities. This feeling of inclusion and belonging can lead to oversharing personal details. Discuss the importance of keeping personal details private online reminding your kids to never share their full name, address, phone number, or other identity or location-revealing details. This includes discerning posting photos that could include signage, school or workplace logos, and addresses. In addition, advise family members not to give away data just because there’s a blank. It’s wise to only share your birthday month and day and keep your birth year private.
When is the last time you reviewed social media account settings with your child? It’s possible that, over time, your child may have eased up on their settings. Privacy settings on Twitter are easy to understand and put in place. Your child’ can control their discoverability, set an account to be public or private, and protect their tweets from public search. It’s easy to filter out unwanted messages, limit messages from people you don’t follow, and limit who can see your Tweets or tag you in photos. It’s also possible to filter the topics you see.
Respecting others is foundational to engaging on any social network. This includes honoring the beliefs, cultures, traditions, opinions, and choices of others. Cyberbullying plays out in many ways on Twitter and one of those ways is by subtweeting. This vague form of posting is a form of digital gossip. Subtweeting is when one Twitter user posts a mocking or critical tweet that alludes to another Twitter user without directly mentioning their name. It can be cruel and harmful. Discuss the dangers of subtweeting along with the concept of empathy. Also, encourage your child to access the platform’s social media guidelines and know how to unfollow, block, and report cyberbullies on Twitter.
Maintaining a strong parent-child bond is essential to your child’s mental health and the first building block of establishing strong online habits. Has your child’s mood suddenly changed? Are they incessantly looking at their phone? Have their grades slipped? An online conflict, a risky situation, or some type of bullying may be the cause. You don’t have to hover over your child’s social feeds every day, but it’s important to stay involved in their daily life to support their mental health. If you do monitor their social networks, be sure to check the tone and intent of comments, captions, and replies. You will know bullying and subtweeting when you see it.
We love to quote Spiderman’s uncle Ben Parker and remind families that “with great power comes great responsibility” because it sums up technology ownership and social media engagement perfectly. The more time kids spend online, the more comfortable they can become and the more lapses in judgment can occur. Consider discussing (and repeating often) that social media isn’t a right, it’s a privilege that carries responsibility and consequences.
The FBI estimates there are approximately 500,000 predators active online each day and that they all have multiple profiles. Anonymous, catfish, and fake accounts abound online wooing even the savviest digital native into an unsafe situation. Engaging on any social network can expose kids to a wide array of possible dangers including scammers, catfishes, and predators. Scams and predator tactics continue to get more sophisticated. For this reason, it’s important to candidly talk about online predator awareness and the ever-evolving tactics bad actors will go to deceive minors online.
Twitter continues to attract tweens and teens who appreciate its brevity and breaking news. While navigating online safety and social media can be daunting for parents, it’s critical to stay engaged with your child and understand their digital life. By establishing an open flow of communication and regularly discussing privacy and appropriate online behavior, you can create a culture of openness in your family around important issues. We’re rooting for you!
The post How to Protect Your Family’s Privacy on Twitter: A Guide for Parents and Kids appeared first on McAfee Blog.
Ping, it’s a scammer!
The sound of an incoming email, text, or direct message has a way of getting your attention, so you take a look and see what’s up. It happens umpteen times a week, to the extent that it feels like the flow of your day. And scammers want to tap into that with sneaky phishing attacks that catch you off guard, all with the aim of stealing your personal information or bilking you out of your money.
Phishing attacks take several forms, where scammers masquerade as a legitimate company, financial institution, government agency, or even as someone you know. And they’ll come after you with messages that follow suit:
You can see why phishing attacks can be so effective. Messages like these have an urgency to them, and they seem like they’re legit, or they at least seem like they might deal with something you might care about. But of course they’re just a ruse. And some of them can look and sound rather convincing. Or at least convincing enough that you’ll not only give them a look, but that you’ll also give them a click too.
And that’s where the troubles start. Clicking the links or attachments sent in a phishing attack can lead to several potentially nasty things, such as:
However, plenty of phishing attacks are preventable. A mix of knowing what to look for and putting a few security steps in place can help you keep scammers at bay.
How you end up with one has a lot to do with it.
There’s a good chance you’ve already seen your share of phishing attempts on your phone. A text comes through with a brief message that one of your accounts needs attention, from an entirely unknown number. Along with it is a link that you can tap to follow up, which will send you to a malicious site. In some cases, the sender may skip the link and attempt to start a conversation with the aim of getting you to share your personal information or possibly fork over some payment with a gift card, money order, rechargeable debit card, or other form of payment that is difficult to trace and recover.
In the case of social media, you can expect that the attack will come from an imposter account that’s doing its best to pose as one of those legitimate businesses or organizations we talked about, or perhaps as a stranger or even someone you know. And the name and profile pic will do its best to play the part. If you click on the account that sent it, you may see that it was created only recently and that it has few to no followers, both of which are red flags. The attack is typically conversational, much like described above where the scammer attempts to pump you for personal info or money.
Attacks that come by direct messaging apps will work much in the same way. The scammer will set up a phony account, and where the app allows, a phony name and a phony profile pic to go along with it.
Email gets a little more complicated because emails can range anywhere from a few simple lines of text to a fully designed piece complete with images, formatting, and embedded links—much like a miniature web page.
In the past, email phishing attacks looked rather unsophisticated, rife with poor spelling and grammar, along with sloppy-looking layouts and images. That’s still sometimes the case today. Yet not always. Some phishing emails look like the real thing. Or nearly so.
Case in point, here’s a look at a phishing email masquerading as a McAfee email:
There’s a lot going on here. The scammers try to mimic the McAfee brand, yet don’t quite pull it off. Still, they do several things to try and be convincing.
Note the use of photography and the box shot of our software, paired with a prominent “act now” headline. It’s not the style of photography we use. Not that people would generally know this. However, some might have a passing thought like, “Huh. That doesn’t really look right for some reason.”
Beyond that, there are a few capitalization errors, some misplaced punctuation, plus the “order now” and “60% off” icons look rather slapped on. Also note the little dash of fear it throws in at the top of the email with mention of “There are (42) viruses on your computer.”
Taken all together, you can spot many email scams by taking a closer look, seeing what doesn’t feel right, and then trusting you gut. But that asks you to slow down, take a moment, and eyeball the email critically. Which people don’t always do. And that’s what scammers count on.
Similar ploys see scammers pose as legitimate companies and retailers, where they either ask you to log into a bogus account page to check statement or the status of an order. Some scammers offer links to “discount codes” that are instead links to landing pages designed steal your account login information as well. Similarly, they may simply send a malicious email attachment with the hope that you’ll click it.
In other forms of email phishing attacks, scammers may pose as a co-worker, business associate, vendor, or partner to get the victim to click a malicious link or download malicious software. These may include a link to a bogus invoice, spreadsheet, notetaking file, or word processing doc—just about anything that looks like it could be a piece of business correspondence. Instead, the link leads to a scam website that asks the victim “log in and download” the document, which steals account info as a result. Scammers may also include attachments to phishing emails that can install malware directly on the device, sometimes by infecting an otherwise everyday document with a malicious payload.
Email scammers may also pose as someone you know, whether by propping up an imposter email account or by outright hijacking an existing account. The attack follows the same playbook, using a link or an attachment to steal personal info, request funds, or install malware.
While you can’t outright stop phishing attacks from making their way to your computer or phone, you can do several things to keep yourself from falling to them. Further, you can do other things that may make it more difficult for scammers to reach you.
The content and the tone of the message can tell you quite a lot. Threatening messages or ones that play on fear are often phishing attacks, such angry messages from a so-called tax agent looking to collect back taxes. Other messages will lean heavy on urgency, like the phony McAfee phishing email above that says your license has expired today and that you have “(42)” viruses. And during the holidays, watch out for loud, overexcited messages about deep discounts on hard-to-find items. Instead of linking you off to a proper ecommerce site, they may link you to a scam shopping site that does nothing but steal your money and the account information you used to pay them. In all, phishing attacks indeed smell fishy. Slow down and review that message with a critical eye. It may tip you off to a scam.
Some phishing attacks can look rather convincing. So much so that you’ll want to follow up on them, like if your bank reports irregular activity on your account or a bill appears to be past due. In these cases, don’t click on the link in the message. Go straight to the website of the business or organization in question and access your account from there. Likewise, if you have questions, you can always reach out to their customer service number or web page.
When scammers contact you via social media, that in of itself can be a tell-tale sign of a scam. Consider, would an income tax collector contact you over social media? The answer there is no. For example, in the U.S. the Internal Revenue Service (IRS) makes it quite clear that they will never contact taxpayers via social media. (Let alone send angry, threatening messages.) In all, legitimate businesses and organizations don’t use social media as a channel for official communications. They have accepted ways they will, and will not, contact you. If you have any doubts about a communication you received, contact the business or organization in question directly and follow up with one of their customer service representatives.
Some phishing attacks involve attachments packed with malware like the ransomware, viruses, and keyloggers we mentioned earlier. If you receive a message with such an attachment, delete it. Even if you receive an email with an attachment from someone you know, follow up with that person. Particularly if you weren’t expecting an attachment from them. Scammers will often hijack or spoof email accounts of everyday people to spread malware.
On computers and laptops, you can hover your cursor over links without clicking on them to see the web address. Take a close look at the addresses the message is using. If it’s an email, look at the email address. Maybe the address doesn’t match the company or organization at all. Or maybe it looks like it almost does, yet it adds a few letters or words to the name. This marks yet another sign that you may have a phishing attack on your hands. Scammers also use the common tactic of a link shortener, which creates links that almost look like strings of indecipherable text. These shortened links mask the true address, which may indeed be a link to scam site. Delete the message. If possible, report it. Many social media platforms and messaging apps have built-in controls for reporting suspicious accounts and messages.
On social media and messaging platforms, stick to following, friending, and messaging people who you really know. As for those people who contact you out of the blue, be suspicious. Sad to say, they’re often scammers canvassing these platforms for victims. Better yet, where you can, set your profile to private, which makes it more difficult for scammers select and stalk you for an attack.
How’d that scammer get your phone number or email address anyway? Chances are, they pulled that information off a data broker site. Data brokers buy, collect, and sell detailed personal information, which they compile from several public and private sources, such as local, state, and federal records, plus third parties like supermarket shopper’s cards and mobile apps that share and sell user data. Moreover, they’ll sell it to anyone who pays for it, including people who’ll use that information for scams. You can help reduce those scam texts and calls by removing your information from those sites. Our Personal Data Cleanup scans some of the riskiest data broker sites and shows you which ones are selling your personal info.
Online protection software can protect you in several ways. First, it can offer safe browsing features that can identify malicious links and downloads, which can help prevent clicking them. Further, it can steer you away from dangerous websites and block malware and phishing sites if you accidentally click on a malicious link. And overall, strong virus and malware protection can further block any attacks on your devices. Be sure to protect your smartphones in addition to your computers and laptops as well, particularly given all the sensitive things we do on them, like banking, shopping, and booking rides and travel.
Once phishing attacks were largely the domain of bogus emails, yet now they’ve spread to texts, social media, and messaging apps—anywhere a scammer can send a fraudulent message while posing as a reputable source.
Scammers count on you taking the bait, the immediate feelings of fear or concern that there’s a problem with your taxes or one of your accounts. They also prey on scarcity, like during the holidays where people search for great deals on gifts and have plenty of packages on the move. With a critical eye, you can often spot those scams. Sometimes, a pause and a little thought is all it takes. You can stay one step ahead of scammers with the power of AI, our new McAfee Scam Protection can alert you when scam texts pop up on your device or phone. Removing the guessing and it can block risky sites if you accidentally follow a scam link in a text, email, social media, and more. And in the cases where a particularly cagey attack makes its way through, online protection software can warn you that the link you’re about to click is indeed a trap.
Taken all together, you have plenty of ways you can beat scammers at their game.
The post How to Protect Yourself From Phishing Scams appeared first on McAfee Blog.
All your online activity creates a trail of data. And that data tells a story. The story of you.
The websites, apps, and services you use throughout the day all collect data. They may collect data about your behaviors, interests, and purchases—along with what you’re doing, for how long, and where, largely without your knowledge. They may also collect personal information, information you provide, such as health records, your Social Security Number, banking info, your driver’s license number, and more. This can include further health data, such as the kind that gets tracked from a smartwatch or wearable device.
“So what?”
I’ve heard plenty of people say exactly that about data collection. And plenty of others simply resign themselves to the reality of data collection. “What’s out there is already out there.” They feel like there’s not much they can do about it. If anything at all. And does it really matter?
It absolutely matters.
That is, it matters if you hate spam calls and texts. If you’re worried about identity theft. If you’re worried that practically anyone can purchase a detailed picture of your personal information from an online data broker and use it as they like.
Indeed, your data tells the story of you. And plenty of others are interested in your story. Businesses and advertisers for one, so they can market to the most targeted of your needs and interests. Yet also hackers, scammers, spammers, and thieves—and in extreme cases, stalkers as well.
While it’s true that you cannot control how each byte of data about you and your family is shared and processed, you’re not helpless! In many cases, you can control how you share your data by taking a few steps. Your data is precious, and you deserve to be selective about who you share it with.
That’s the reason you’ve seen McAfee roll out so many protections for your privacy and identity, with several more to come. While there are so many tools for data collection today, so are the tools for you to take control.
Looking at our own McAfee+ online protection plans, they offer you identity theft and fraud protections such as Personal Data Cleanup, identity monitoring, along with credit monitoring, a VPN that can help keep your online activity more private, $1M in identity theft coverage and support from an identity restoration specialist … the list goes on. These are tools everyone can benefit from in the face of the current threats out there.
The evolution of McAfee+ reflects the nature of online threats today. Increasingly, the target is you—your privacy, your identity, and all the things that they unlock.
Another simple yet powerful step is to protect your devices with comprehensive online protection software. This will help defend you against the latest virus, malware, spyware, and ransomware attacks plus further shield your privacy, and minimize web tracking (think advertisers) with a VPN. In addition to this, it will also create and store strong, unique passwords, and offer web protection that can help steer you clear of sketchy websites that may try to steal your data.
Start with the devices and apps you use most. Different devices and apps will have their own privacy settings, so give them a look and see what your options are. You may be surprised to find how you can limit which information advertisers can use to serve up ads to you. You may find that some apps have GPS tracking turned on, even though they don’t need it to function. All of this adds up to data that companies may collect, share, or resell—depending on their privacy policy. Again, start with the devices and apps you use most then expand from there. It’s also a good opportunity to delete apps you don’t use anymore—along with the data associated with them.
One major privacy leak comes at the hands of online data brokers, companies that collect and resell volumes of exacting personal information about millions of people. In fact, they make up a multi-billion-dollar industry that spans worldwide. Additionally, there are so-called “White Pages” and “people finder” sites that post information like names, addresses, and other public records that anyone can access. With all this information collected in a central location that’s easily searched and accessed, these sites can be an ideal resource for hackers, spammers, and thieves. McAfee’s Personal Data Cleanup can help you take control. It scans high-risk data broker sites and lets you know which ones are selling your data, and depending on your McAfee+ plan, it can remove it for you too.
Yet you can take even more control of your privacy. As part of our McAfee Safety Series, we have an entire guide dedicated to the topic of online privacy, the McAfee Digital Privacy Guide. It shows you ways that you can take control of your digital privacy, insight into what information you may be creating, and how you may be passing it along—whether you know it or not.
In all, your privacy is your own. We believe that what you share and don’t share, who you share it with and who you don’t, and for what reason … should be your decision.
It’s your story. Take control. And we’re here to help.
The post How to Protect Your Personal Data appeared first on McAfee Blog.
Authored by Vonny Gamot
The official 40th birthday of the internet serves as a timely reminder that while it is a fantastic place, we must practice good digital hygiene to safeguard our privacy and identity so we can protect ourselves from the latest threats.
Since its widely recognized creation on January 1st 1983, the internet has since transformed economies and the everyday lives of people. From social media, memes, and viral videos to smart homes, online shopping and even cloud computing, the internet entertains, educates, and connects us. Above all, it will continue to play a crucial role in human civilization for many generations to come.
Yet with the good comes the not-so-good. Wherever people gather, cyberthieves gather too. The internet is no exception. As the evolution of the internet continues, cybercriminals are evolving in tandem, looking for new and inventive ways, such as using Artificial Intelligence to exploit its features. With over five billion people accessing and using the Internet in 2022, that’s over 60% of the world’s population potentially at risk.
So, while we celebrate the internet’s 40th birthday, it’s also a good reminder to take stock of the latest online threats and ensure our digital hygiene is up to scratch for the year ahead. When we do this, we can take full advantage of the incredible opportunities the internet affords us.
The new year is a great moment to reflect, reset, and consider your personal online safety and protection. Stay vigilant against the latest threats and scams and use dedicated and robust online protection software such as our newly released McAfee+ plans—which comes with important features like identity monitoring that can spot your personal info on the dark web and personal data cleanup that can help remove your personal info from data broker sites that will sell it to companies and crooks alike.
It’s also a time to keep a fresh eye out for scams and phishing attacks. If that email, text, or message you received looks too good to be true, or you feel that the sender is trying to pressure you into doing sharing info or sending money, it’s always best to double check that the source is legitimate. These are often indicators that a scam is afoot.
Beyond using online protection software and keeping your guard up, you can take several other steps that can make you immediately safer than you were before. Here are four strong suggestions that will get you started:
MFA is an excellent way to frustrate cybercriminals attempting to break into online accounts. MFA means that users need more than a username and password to log in, for example, a one-time code sent to private email, text, or through an authentication app utilizing face or fingerprint scans. This adds an extra layer of security as the cybercriminal has to access the device, email, or biometric reader to get into someone’s online account.
Strong, unique passwords for each of your online accounts are a must. It’s always important for people to understand that reusing passwords is just as risky as using “password123” and puts online accounts at risk. A tactic known as “credential stuffing” is where a cybercriminal attempts to input stolen usernames and password combinations in dozens of random websites to see which door it opens. It is also important to consider using password managers which can create and safeguard all passwords in one secure desktop extension or mobile phone app.
Updating software is vital to the security of a device. These updates include security patches that cyber experts have created to foil cybercriminals. The more outdated the software is, the more time criminals have had to work out ways to infiltrate and steal information within them. Moreover, updates often include new and improved features, which makes a strong case for keeping things current.
Phishing is when a scammer sends texts or emails that appear to be from trusted sources like your favourite online clothing store, employer or, as we’re seeing during the cost-of-living crisis, energy firms, or banks. They do this to encourage people to share personal information.
Once a phishing attempt has been recognised it is vital that they are not engaged with, links are left unopened, and the potential scam email is not forwarded along to another person. Before the message is deleted, it is vital that the sender is blocked and that the message is marked as junk and reported.
If you think that you have entered your credit card details onto a phishing website, contact your bank or credit card issuing company immediately. Report your personal information as stolen, and you may want to request that your existing card be canceled depending on the circumstances.
Online protection is part mindset, part prevention, and part action. While the steps above mark a start, they’re just that. There’s plenty more you can do, and when taken in batches, the steps you take can really add up to an exceptional level of protection. The question is, where to start?
Our McAfee Safety Series can get you moving in the right direction. It’s a set of guides that cover a range of important security topics and that show you several straightforward things you can do that will make you safer. They range from phishing and privacy to online shopping and safer online media. In all, they can help you spot scams, hacks, and attacks—and potentially prevent them in the first place.
I encourage you to grab the first one that looks interesting to you. What you learn can put you several steps ahead of the hackers, scammers, and thieves out there.
The post 40 Years of the Internet – Tips for Staying Safe Online in 2023 appeared first on McAfee Blog.
Happy National App Day! No, we don’t mean apps of the mozzarella stick and potato skin variety, but your mobile apps that let you order dinner, hail a taxi, stay connected to your friends, and entertain you for hours with silly videos. While they’re undoubtedly useful, mobile apps are also a weak spot in some people’s digital safety. Cybercriminals take every chance they get to trick people through all kinds of technology, and mobile apps are no exception.
To celebrate National App Day, here are a few tips to keep your mobile and your personally identifiable information (PII) safe.
Did you know that there are hundreds of apps on the Android and Apple app stores whose only aim is to steal your passwords? In 2022, Meta identified more than 400 fake apps disguised as various utilities that targeted users to weasel Facebook login and password combinations.1 Malicious apps also regularly masquerade as photo editors and wallpapers but their real purpose is to run malware in the background of the mobile device, such as this Squid Game app from 2021.
Little-known apps aren’t the only ones you have to be wary of either. The biggest companies are also falling to cybercrime. For instance, more details recently came to light about a breach at Uber that leaked the PII of 57 million users. Plus, the popular mobile payment service, Cash App had the personal details of 8.3 million current and former users leaked.2
To keep your cellphone free of malicious software and your PII and password secure, take these five mobile security tips with you into the new year.
The new year is as good a time as any to unload any unnecessary baggage, emotional, literal, or in this case, digital. Go through your phone and delete the apps you haven’t used in the last six months. Make sure to completely delete your account with that app and not just hide it from your homepage. The smaller your digital footprint, the less at risk your PII is of being compromised in a breach.
Before you download any new app, it’s a good idea to conduct some background research on it. How many detailed reviews does it have? Who is the app developer? A phony app usually reveals itself through its lack of reviews. Consider apps with less than 50 reviews fishy. Skim the reviews for specific details and typos. If it’s lacking in detail but brimming with typos and grammatical mistakes, it could signal a fake. This research should take about five minutes, so don’t worry; it shouldn’t be too much of an inconvenience, and that time will be well spent.
Just like it’s a good idea to keep on top of global news, set up news alerts for cybersecurity breaches. If a company falls to a cybercriminal, the alert will give you the valuable time you need to act quickly to either delete your account or change your password.
For every online account, it is essential to create a unique password or passphrase. That way, if you do get hacked through an app or get tricked by a fake one, you don’t have to worry about cybercriminals using that password to walk into your other accounts. Password managers are an excellent way to keep all your passwords secure and free up your brain space for things other than dozens of passwords.
When you sign up for a new app, you can expect to give it a username, a password, and maybe your first name; however, if it has optional fields for your full birthday or your address, consider leaving those blank. The less information the company has about you, the less that can end up in cybercriminals’ hands if the app is breached.
The first step to better cyber habits is arming yourself with the knowledge of the threats that are out there. The best advice here is to slow down, observe and think about your next move every time you download a new app. The signs of a fake are usually not difficult to spot. Then, once you’re confident in its legitimacy, limit the amount of PII you share with it. In this digital world we live in, consider everyone susceptible to a breach.
To give you peace of mind, supplement your great habits with a tool, like McAfee+ Ultimate, that will cover all your bases and be your partner to live your best private life online.
1Tech.co, “Data Breaches That Have Happened in 2022 So Far.”
2Termly, “98 Biggest Data Breaches, Hacks, and Exposures.”
The post 2023’s Top 5 App Security Tips appeared first on McAfee Blog.
FreshRSS 