Throw open the windows and let in some fresh air. It’s time for spring cleaning.
And that goes for your digital stuff too.
Whether it’s indeed spring where you are or not, you can give your devices, apps, and online accounts a good decluttering. Now’s the time. Cleaning them up can protect your privacy and your identity because when there’s less lying about, there’s less for hackers to scoop up and exploit.
The reality is that we accumulate plenty of digital clutter that needs cleaning up from time to time. Think about it:
Together, these things take up space on your devices and, in some cases, can open you up to security hazards. Let’s take a look at how you can clean up in a few steps.
1. Review your accounts and delete the ones you don’t use. Look through your bookmarks, your password manager, or the other places where you store your passwords and usernames. Review the sites and services associated with them critically. If you haven’t used an account in some time, log in one last time, remove all personal info, and deactivate it.
Doing so can keep your email address, usernames, and passwords out of unnecessary circulation. Major breaches like this one happen with unfortunate regularity, and the sad thing is that you may not even be aware that a site you’ve used has been hit. Meanwhile, your name, password, and info associated with that account (such as your credit card) are in the hands of hackers. Limit your exposure. Close those old accounts.
2. Get organized, and safer too, with a password manager. While creating strong, unique passwords for each of our accounts is a must nowadays, it can be quite the feat, given all of the accounts in our lives. Here’s where a password manager comes in. It can create those strong, unique passwords for you. Not only that, but it also stores your passwords on secure servers, away from hackers and thieves.
Along those lines, never store your passwords on your computer or device, like a text document or spreadsheet. Should your device ever get compromised, lost, or stolen, having passwords stored on them are like handing over the keys to your digital life.
3. Clean your PC to improve your performance (and your security). Let’s face it, so many of us are so busy with the day-to-day that cleaning up our computers and laptops is way down the list. However, doing so once a month can keep our devices running stronger for longer and even give you that “new computer feeling,” particularly if you haven’t cleaned it up for some time. Check out our guide for improving PC performance. We will walk you through some straightforward steps that can make a marked difference.
Moreover, part of this process should entail bolstering your operating system and apps with the latest updates. Such updates can not only improve speed and functionality, but they also often include security upgrades as well that can make you safer in the long run. If your operating system and apps feature automatic updates, enable them, and they’ll do the work for you.
4. Organize and store your photos. Photos. Now there’s a topic all unto itself. Here’s the thing: Estimates show that worldwide we took somewhere around 1.2 trillion photos. And you certainly have your share.
However, your photos may be just sitting there, taking up storage space on your computer or phone, instead of becoming something special like an album, greeting cards, a wall hanging, or popping them into a digital picture frame for your kitchen or living room. And this is where a little spring cleaning can be a bit of fun. For tips on cleaning up your photos, backing them up, and making something special with them.
5. Delete old apps and the data associated with them. Let’s say you have a couple of apps on your phone for tracking your walks, runs, and exercise. You’ve since stopped using one altogether. Go ahead and delete the old one. But before you do, go in and delete your account associated with the app to ensure that any data stored off your phone, along with your password and user id are deleted as well.
For your computers and laptops, follow the same procedure, recognizing that they also may have account data stored elsewhere other than on your device.
In short, many apps today store information that’s stored and maintained by the app provider. Make sure you close your accounts so that data and information is taken out of circulation as well.
6. Shred your old files and encrypt the important files you’re holding on to. This bit of advice calls for using comprehensive security software on your devices. In addition to protecting you from viruses, malware, and other cyberattacks on your privacy and identity, it can help you protect your sensitive information as well. Such security software can offer:
7. Throwing away old computers and tech—dispose of them properly. When it comes time to say goodbye to an old friend, whether that’s a computer, laptop, phone, or tablet, do so in a way that’s friendly to the environment and your security.
Consider this … what’s on that old hard drive of yours? That old computer may contain loads of precious personal and financial info on it. The same goes for your tablets and phones. The Federal Trade Commission (FTC) offers some straightforward advice in their article about protecting your data before you get rid of your computer. You don’t want those old tax returns ending up in the trash unprotected.
When it comes time for disposal, you have a few options:
As with any spring cleaning, you’ll be glad you did it
Enjoying the benefits of your work—that’s what spring cleaning is all about, right? With this little list, you can end up with a digital life that’s safer and faster than before.
The post Digital Spring Cleaning: Seven Steps for Faster, Safer Devices appeared first on McAfee Blog.
Just when they need financial security the most, job seekers face another challenge—getting ripped off by job scams.
Scammers will capitalize on any opportunity to fleece a victim, like the holidays with ecommerce scams and tax time with IRS scams. Now, with surging employment figures, scammers have turned to job scams that harvest money and personal information from job seekers.
In some ways, the tactics bear resemblance to online dating and romance scammers who hide behind a phony profile and tell their victims a story they want to hear, namely that someone loves them. With job scams, they take on the persona of a recruiter and lure their victims with what seems like an outstanding job offer. Of course, there’s no job. It’s a scam.
These attacks have gained a degree of sophistication that they once lacked. Years prior, scammers relied on spammy emails and texts to share their bogus job offers. Now, they’re using phony profiles on social media platforms to target victims.
Social media platforms have several mechanisms in place to identity and delete the phony profiles that scammers use for these attacks. Of note, LinkedIn’s latest community report cited the removal of more than 21 million fake accounts in the first half of 2022:
Likewise, Facebook took action on 1.5 billion fake accounts in Q3 of 2022 alone, with more than 99% of them acted on before users reported them.
Still, some scammers make their way through.
As Steve Grobman, our senior vice president and chief technology officer, was quoted in an article for CNET, the continued shift to remote work, along with remote hiring, has also made it easier for online job scams to flourish. And the figures bear that out.
In 2021, the FTC called out $209 million in reported losses due to job scams. In just the first three quarters of 2022, reported job scam losses had already reached $250 million. While year-end figures have yet to be posted, the final tally for 2022 could end up well over $300 million, a 50% uptick. And the median loss per victim? Right around $2,000 each.
While the promise of work or a job offer make these scams unique, the scammers behind them want the same old things—your money, along with your personal information so that they can use it to cause yet more harm. The moment any so-called job offer asks for any of those, a red flag should immediately go up.
It’s possibly a scam if:
In the hands of a scammer, your SSN or tax ID is the master key to your identity. With it, they can open up bank cards, lines of credit, apply for insurance benefits, collect benefits and tax returns, or even commit crimes, all in your name. Needless to say, scammers will ask for it, perhaps under the guise of background check or for payroll purposes. The only time you should provide your SSN or tax ID is when you know that you have accepted a legitimate job with a legitimate company, and through a secure document signing service, never via email, text, or over the phone.
Another trick scammers rely on is asking for bank account information so that they can wire payment to you. As with the SSN above, closely guard this information and treat it in exactly the same way. Don’t give it out unless you actually have a legitimate job with a legitimate company.
Some scammers will take a different route. They’ll promise employment, but first you’ll need to pay them for training, onboarding, or equipment before you can start work. Legitimate companies won’t make these kinds of requests.
Aside from the types of information they ask for, the way they ask for your information offers other clues that you might be mixed up in a scam. Look out for the following as well:
You can sniff out many online scams with the “too good to be true” test. Scammers often make big promises during the holidays with low-priced offers for hard-to-get holiday gifts and then simply don’t deliver. It’s the same with job scams. The high pay, the low hours, and even the offer of things like a laptop and other perks, these are signs that a job offer might be a scam. Moreover, when pressed for details about this seemingly fantastic job opportunity, scammers may balk. Or they may come back with incomplete or inconsistent replies because the job doesn’t exist at all.
Job scammers hide behind their screens. They use the anonymity of the internet to their advantage. Job scammers likewise create phony profiles on networking and social media websites, which means they won’t agree to a video chat or call, which are commonly used in legitimate recruiting today. If your job offer doesn’t involve some sort of face-to-face communication, that’s an indication it may be a scam.
Scammers now have an additional tool reel in their victims—AI chatbots like Chat GPT, which can generate email correspondence, chats, LinkedIn profiles, and other content in seconds so they can bilk victims on a huge scale. However, AI has its limits. Right now, it tends to use shorter sentences in a way that seems like it’s simply spitting out information. There’s little story or substance to the content it creates. That may be a sign of a scam. Likewise, even without AI, you may spot a recruiter using technical or job-related terms in an unusual ways, as if they’re unfamiliar with the work they’re hiring for. That’s another potential sign.
Scammers love a quick conversion. Yet job seekers today know that interview processes are typically long and involved, often relying on several rounds of interviews and loops. If a job offer comes along without the usual rigor and the recruiter is asking for personal information practically right away, that’s another near-certain sign of a scam.
This is another red flag. Legitimate businesses stick to platforms associated with networking for business purposes, typically not networking for families, friends, and interests. Why do scammers use sites like Facebook anyway? They’re a gold mine of information. By trolling public profiles, they have access to years of posts and armloads of personal information on thousands of people, which they can use to target their attacks. This is another good reason to set your social media profiles on platforms like Facebook, Instagram, and other friend-oriented sites to private so that scammers of all kinds, not just job scammers, can’t use your information against you.
As a job hunter you know, getting the right job requires some research. You look up the company, dig into their history—the work they do, how long they’ve been at it, where their locations are, and maybe even read some reviews provided by current or former employees. When it comes to job offers that come out of the blue, it calls for taking that research a step further.
After all, is that business really a business, or is it really a scam?
In the U.S., you have several resources that can help you answer that question. The Better Business Bureau (BBB) offers a searchable listing of businesses in the U.S., along with a brief profile, a rating, and even a list of complaints (and company responses) waged against them. Spending some time here can quickly shed light on the legitimacy of a company.
Also in the U.S., you can visit the website of your state’s Secretary of State and search for the business in question, where you can find when it was founded, if it’s still active, or if it exists at all. For businesses based in a state other than your own, you can visit that state’s Secretary of State website for information. For a state-by-state list of Secretaries of State, you can visit the Secretary of State Corporate Search page here.
For a listing of businesses with international locations, organizations like S&P Global Ratings and the Dun and Bradstreet Corporation can provide background information, which may require signing up for an account.
Given the way rely so heavily on the internet to get things done and simply enjoy our day, comprehensive online protection software that looks out for your identity, privacy, and devices is a must. Specific to job scams, it can help you in several ways, these being just a few:
Job searches are loaded with emotion—excitement and hopefulness, sometimes urgency and frustration as well. Scammers will always lean into these emotions and hope to catch you off your guard. If there’s a common thread across all kinds of online scams, that’s it. Emotion.
A combination of a cool head and some precautionary measures that protect you and your devices can make for a much safer job-hunting experience, and a safer, more private life online too.
Editor’s Note:
Job scams are a crime. If you think that you or someone you know has fallen victim to one, report it to your authorities and appropriate government agencies. In the case of identity theft or loss of personal information, our knowledge base article on identity theft offers suggestions for the specific steps you can take in specific countries, along with helpful links for local authorities that you can turn to for reporting and assistance.
The post Job Scams—How to Tell if that Online Job Offer is Fake appeared first on McAfee Blog.
Overheating is a common issue in mobile devices, but it often raises alarms among users. This concern is usually unnecessary, as there are several common and easily resolvable reasons why phones get hot, including overuse, exposure to harsh weather conditions, and battery problems. However, it is essential to cool down an excessively hot device promptly to prevent it from overheating again.
Below we delve into the five most common reasons why your phone might be getting hot and how to cool it down.
Mobile malware can have effects beyond data leaks, software damage, or battery drainage. It can also overload your device’s processor and cause it to overheat by making it work overtime. Utilizing a robust mobile security tool, such as McAfee Mobile Security, can protect your pocket-sized digital life by blocking malicious apps, threats, and malware from entering your device.
McAfee Pro Tip: For more information on current mobile threats, check out this full report. The McAfee 2023 Consumer Mobile Threat Report is one of our latest resources that delve into the ever-evolving realm of mobile security challenges and risks.
Streaming video content, running graphically demanding gaming apps, and recording video content for prolonged periods can heat your phone’s central processing unit (CPU). This can lead to an unexpectedly hot Apple or Android device.
While computers have internal fans to keep them cool, phones don’t. Therefore, if you overwork your phone, it is likely to get hotter than you would like. This elevated heat not only affects user comfort but also poses potential risks to the device itself. Excessive heat can accelerate battery degradation, diminish overall performance, and even lead to thermal throttling, which reduces processing power to prevent damage. It’s crucial to be mindful of your phone’s workload and ensure it doesn’t become excessively hot to maintain optimal functionality and prolong the lifespan of your device.
→ Dig Deeper: What You Need to Know About Livestreaming
Your phone’s battery health plays a significant role in whether or not it overheats. As the battery health degrades, the likelihood of your phone overheating increases. Checking whether the back of your device heats up more than the front can tell you if the battery is at fault.
Most devices also have a feature allowing you to check your battery’s health. You can find this feature on an iPhone—go to “Settings” and choose “Battery”. To check your battery’s health on an Android device, you can typically navigate to the “Settings” app, and then look for the “Battery” or “Battery & Device Care” section, which can vary in name. Within this section, you’ll often find options to assess your battery’s condition and performance.
Failing to update your apps can pose overheating risks to your device. App updates often include bug fixes, extra features, and security additions, all of which improve your device’s performance and minimize overheating issues. Make sure to regularly update your apps, whether you’re using the App Store on iOS or Google Play on Android.
→ Dig Deeper: Why Software Updates Are So Important
Next, we delve into the potential permanent damage that overheating can cause. While a heat warning on a hot summer afternoon might not seem alarming, continual exposure to heat can slow down your device, cause data loss, and result in battery leakage.
One of the most concerning outcomes of overheating is the potential for battery leakage. High temperatures can accelerate the chemical reactions within the battery, which can lead to the release of harmful gasses, swelling of the battery, and, in the worst-case scenario, leakage of electrolytes. Battery leakage not only compromises your device’s performance but can also pose safety hazards. Therefore, it is important to keep your phone cool and take precautions if it does overheat.
If you find your phone getting excessively hot, it’s crucial to take immediate steps to cool it down. Some of these steps are pretty straightforward but can do wonders in bringing the temperature of your phone down. And in preventing your phone from heating up in the future, here are some techniques:
One of the simplest ways to prevent overheating is by keeping your phone up to date. Regular updates not only keep your device secure but also often fix bugs that can lead to excessive battery drain and heating.
Believe it or not, how you charge your phone can also impact how hot it gets. Always make sure to use the correct charger and charging cable for your device. Avoid full cycle and overnight charging, and never cover your phone or keep it in a hot place while it’s charging.
→ Dig Deeper: US-B Careful: Public iPhone Chargers Lie in Wait
Turning on airplane mode can help cool down your device faster. Airplane mode restricts all wireless communication on your device, such as searching for a cellular signal or Wi-Fi, which can drain your battery and cause your device to heat up.
High screen brightness not only drains your phone’s battery faster but also generates more heat. Your screen needs more power to shine brighter, which can make your device run hotter, particularly if you have your brightness cranked up for extended periods. It’s always best to auto-adjust the screen brightness on your mobile device to match your environmental conditions. At night or in darker environments, your screen brightness doesn’t need to be high.
Additionally, dynamic wallpapers and widgets can cause your device to use more power, which can result in excess heat. Try using static backgrounds and minimizing the number of widgets to help keep your device cool.
While phone cases are essential for protecting your device from accidental damage, they can also trap heat. Removing your phone’s case can allow heat to escape and can help cool down your device faster.
The intense heat generated by the sun can not only make your device uncomfortably warm to the touch but can also trigger thermal stress, adversely affecting its performance and battery life. Direct sunlight can cause your device to heat up quickly, so always make sure to keep your device away from direct sunlight and other heat sources.
As discussed earlier, malware can keep your device working overtime and generate more heat. A security app like McAfee Mobile Security can prevent malicious apps and threats from entering your device and causing it to overheat.
While an overheating phone may cause an alarm, it’s usually not a cause for concern. Several factors can cause your phone to get hot, including overuse, high screen brightness, and malware. Regular updates, correct charging habits, and using antivirus protection can all help prevent your phone from overheating. Remember, if your phone gets excessively hot, it’s crucial to take immediate steps to cool it down and prevent potential damage.
The post Why Does My Phone Get Hot? appeared first on McAfee Blog.
The eagerly awaited holiday sales such as Black Friday and Cyber Monday are just around the corner. As consumers, we look forward to getting the best deals online, but we’re not the only ones. Hackers are also keenly anticipating these holidays but for different reasons. They use this period to come up with all sorts of shopping scams that can potentially put a dampener on the holiday spirit for unsuspecting shoppers.
This article provides you with ten tips to keep you and your family safe from online shopping scams this season. These tips will not only help you spot a good deal but also help you avoid falling prey to online scams, thereby ensuring that you keep your finances safe during this shopping season.
A common tactic employed by hackers involves the use of malware hidden in email attachments. During the holiday sales season, they often camouflage their malware in emails that claim to contain offers or shipping notifications. It is important to remember that legitimate retailers and shipping companies will not send offers, promo codes, or tracking numbers as email attachments. Instead, they will mention these details in the body of the email.
Therefore, be wary of any email attachments you receive from retailers or shippers. If something seems off, it probably is. Do not download or open suspicious attachments, as this could potentially lead to a malware attack.
→ Dig Deeper: McAfee Protects Against Suspicious Email Attachments
Scammers often employ a tactic known as “typosquatting,” where they create phony email addresses and URLs that look incredibly similar to the legitimate addresses of well-known companies and retailers. These are often sent via phishing emails, and instead of leading you to great deals, these links can direct you to scam websites that extract your login credentials, payment information, or even directly extract funds from your account when you attempt to place an order through them.
Therefore, it is imperative to double-check all email addresses and URLs before clicking on them. Look out for subtle discrepancies in the spelling or arrangement of characters, as these are often indicators of a scam. If a link or email address seems suspicious, do not click on it.
→ Dig Deeper: How Typosquatting Scams Work
In continuation with the previous point, scammers also set up websites that resemble those run by trusted retailers or brands. These websites often advertise special offers or attractive deals on popular holiday items. However, these are nothing more than a ruse to trick unsuspecting shoppers into divulging their personal and financial information.
These scam websites are often spread through social media, email, and other messaging platforms. It’s crucial to exercise skepticism when encountering such links. Instead of clicking on them, it’s always safer to visit the brand’s official website directly and look for the deal there.
→ Dig Deeper: 8 Ways to Know If Online Stores Are Safe and Legit
Using a robust and comprehensive security software suite while shopping can provide you with additional layers of protection against scams. For instance, web browser protection features can block malicious and suspicious links, reducing the risk of falling prey to malware or a financial scam.
Ensure your antivirus software is up to date and your firewall is enabled. At the same time, enable secure browsing options available in your web browser. These simple steps can go a long way in securing your online shopping experience.
Using the same passwords across multiple platforms is akin to giving hackers a free pass. If they manage to hack into one account, they can potentially gain access to others that share the same password. To avoid this, consider using a password manager. These tools can generate complex and unique passwords for each of your accounts and store them securely, saving you the hassle of remembering them all.
By diversifying your passwords and securing them effectively, you can significantly reduce the risk of becoming a victim of a hack or a scam. The importance of this proactive approach cannot be overstated in today’s interconnected world, where our personal and financial information is often just a few clicks away from prying eyes and malicious intent.
→ Dig Deeper: Strong Password Ideas to Keep Your Information Safe
Two-factor authentication (2FA) is an invaluable tool that adds an extra layer of protection to your accounts. When 2FA is enabled, gaining access to your accounts isn’t as simple as just entering your username and password. Instead, you also need to input a unique, one-time-use code that is typically sent to your phone or email. This code acts as a second password, making your account significantly more secure.
If any of your accounts offer 2FA, it’s crucial to take advantage of this feature. While it might initially seem cumbersome, the added security is well worth the slight inconvenience.
Public Wi-Fi networks, such as those found in coffee shops and other public locations, can be dangerous due to their lack of security. If you shop online through a public Wi-Fi network, you’re essentially broadcasting your private information to anyone who cares to look. To prevent this, consider using a virtual private network (VPN).
VPNs encrypt your internet traffic, securing it against any prying eyes. This encryption protects your passwords, credit card numbers, and other sensitive information from being intercepted and misused. If you frequently shop online in public places, using a VPN is a must.
In the U.S., the Fair Credit Billing Act protects against fraudulent charges on credit cards. Under this act, you can dispute any charges over $50 for goods and services that you never received or were billed incorrectly for. Moreover, many credit card companies offer policies that add to the protections provided by the Fair Credit Billing Act.
However, these protections don’t extend to debit cards. When you use a debit card, the money is immediately drawn from your bank account, making it more difficult to recover in case of fraud. So, for online shopping, it’s safer to use a credit card instead of a debit card.
A virtual credit card can provide an extra layer of security for your online purchases. When you use one of these cards, it generates a temporary card number for each transaction, keeping your real card number safe. However, there are potential downsides to be aware of, such as difficulties with returns and refunds.
Before deciding to use a virtual credit card, understand its pros and cons. Research the policies of the issuing company so you can make an informed decision about whether or not it’s the right choice for you.
Given the number of accounts most of us manage and the rampant incidents of data breaches, it’s crucial to monitor your credit reports for any signs of fraud. An unexpected change in your credit score could indicate that someone has taken out a loan or credit card in your name. If you notice any discrepancies, report them immediately to the credit bureau and to the lender who reported the fraudulent information.
In the U.S., you’re entitled to a free credit report from each of the three major credit bureaus every year. Utilize this service and check your reports regularly. Remember, quickly identifying and reporting fraudulent activity is the key to mitigating its impact.
McAfee Pro Tip: Have you encountered a suspicious charge on your credit card and felt uncertain about the next steps? Get a credit monitoring service to monitor any unusual credit-related transactions that may be a potential sign of identity theft.
As we approach Cyber Monday, it’s important to stay vigilant to protect yourself and your family from online scams. By taking simple precautions like verifying email addresses, resorting to 2FA, using a VPN while shopping on public Wi-Fi, and monitoring your credit reports, you can significantly reduce your chances of falling for an online shopping scam. Additionally, consider employing cybersecurity solutions like McAfee+, which offer robust protection against various online threats. Remember, if a deal seems too good to be true, it probably is. Happy and safe shopping!
The post Cyber Monday: Protect Yourself and Your Family from Online Shopping Scams appeared first on McAfee Blog.
In the shadow of the COVID-19 pandemic, workplaces worldwide have undergone a seismic shift towards remote working. This adjustment involves much more than just allowing employees to access work resources from various locations. It necessitates the update of remote working policies and heightened cybersecurity security awareness.
Cybercriminals and potential nation-states are reportedly exploiting the global health crisis for their own gain. Hackers have targeted an array of sectors, including healthcare, employing COVID-19-related baits to manipulate user behavior. This article aims to provide a comprehensive guide on how you, as an employee, can augment your cybersecurity measures and stay safe when working remotely.
It has been reported that criminals are using COVID-19 as bait in phishing emails, domains, malware, and more. While the exploitation of this global crisis is disheartening, it is unsurprising as criminals habitually leverage large events to their advantage. That said, it’s crucial to identify potential targets, particularly in certain geographic regions.
The data so far reveals a broad geographic dispersion of ‘targets,’ with many countries that are typical phishing targets being hit. However, there are anomalies such as Panama, Taiwan, and Japan, suggesting possible campaigns targeting specific countries. The landscape is continuously evolving as more threats are identified, necessitating vigilant monitoring on your part to stay safe.
→ Dig Deeper: McAfee Labs Report Reveals Latest COVID-19 Threats and Malware Surges
The abrupt shift to remote work has left many employees unprepared, with some needing to operate from personal devices. These personal devices, if lacking appropriate security measures, can expose both you and your company or employer to various potential attacks.
Over the last few years, there has been a surge in targeted ransomware attacks, particularly through “commodity malware.” This malware type is often directed at consumers. Consequently, accessing work networks from potentially infected personal devices without appropriate security measures significantly increases the risk. Both employees and employers are left vulnerable to breaches and ransomware lockdowns.
Office closures and working-from-home mandates due to COVID-19 permanently changed the way we look at workplace connectivity. A recent Fenwick poll among HR, privacy, and security professionals across industries noted that approximately 90% of employees now handle intellectual property, confidential, and personal information on their in-home Wi-Fi as opposed to in-office networks. Additionally, many are accessing this information on personal and mobile devices that often do not have the same protections as company-owned devices. The elevated number of unprotected devices connected to unsecured networks creates weak areas in a company’s infrastructure, making it harder to protect against hackers.
One technology your organization should be especially diligent about is video conferencing software. Hackers can infiltrate video conferencing software to eavesdrop on private discussions and steal vital information. Many disrupt video calls via brute force, where they scan a list of possible meeting IDs to try and connect to a meeting. Others seek more complex infiltration methods through vulnerabilities in the actual software. Up until recently, Agora’s video conferencing software exhibited these same vulnerabilities.
Hackers will usually try to gain access to these network vulnerabilities by targeting unsuspecting employees through phishing scams which can lead to even greater consequences if they manage to insert malware or hold your data for ransom. Without proper training on how to avoid these threats, many employees wouldn’t know how to handle the impact should they become the target.
If you’re an employee working remotely, it is essential to comprehend and adhere to best security practices. Here are some guidelines you could follow:
Considering the rise of remote working, it is more crucial than ever for employees, especially those working remotely, to invest in secure solutions and tools. However, as end-users, it’s also wisest to take extra steps like installing comprehensive security software to ward off cyber threats. These software have features that collectively provide a holistic approach to security, detecting vulnerabilities, and minimizing the chance of an attack.
We recommend McAfee+ and McAfee Total Protection if you want an all-inclusive security solution. With a powerful combination of real-time threat detection, antivirus, and malware protection, secure browsing, identity theft prevention, and privacy safeguards, McAfee+ and McAfee Total Protection ensure that your devices and personal information remain secure and your online experience is worry-free.
McAfee Pro Tip: Gauge your security protection and assess your security needs before you get a comprehensive security plan. This proactive approach is the foundation for establishing robust cybersecurity measures tailored to your specific requirements and potential vulnerabilities. Learn more about our award-winning security products award-winning security products.
In the current digital age, employees must be aware of their crucial role in maintaining organizational security. As such, you should consider engaging in tailored security education and training programs that help employees identify and avoid potential threats such as phishing and malicious downloads. Regular training and updates can be beneficial as employees are often the first line of defense and can significantly help mitigate potential security breaches.
To ensure effective acquisition of knowledge, engage in security training that is designed in an engaging, easy-to-understand manner and utilizes practical examples that you can relate to. Successful training programs often incorporate interactive modules, quizzes, and even games to instill important security concepts.
Effective communication and collaboration are paramount in a remote working environment. Employees need to share information and collaborate on projects effectively while ensuring that sensitive information remains secure. Use and participate in platforms that enable secure communication and collaboration. Tools such as secure messaging apps, encrypted email services, secure file sharing, and collaboration platforms will ensure information protection while allowing seamless collaboration.
Make sure that you’re provided with detailed guidelines and training on the proper use of these tools and their security features. This will help prevent data leaks and other security issues that can arise from misuse or misunderstanding.
→ Dig Deeper: Five Tips from McAfee’s Remote Workers
The transition to a remote working environment brings with it various cybersecurity challenges. Prioritizing secure communication and collaboration tools, coupled with ongoing education and adherence to best practices, can help you navigate these challenges with confidence, ultimately reaping the benefits of a flexible and efficient remote work environment while safeguarding critical data and information. McAfee can help you with that and more, so choose the best combination of features that fits your remote work setup.
The post Staying Safe While Working Remotely appeared first on McAfee Blog.
As healthcare integrates increasingly digital processes into its operations, the need for robust security measures increases. For many of us, visiting our healthcare provider involves filling out forms that are then transferred into an Electronic Health Record (EHR) system. We put our trust in these healthcare institutions, expecting them to take the necessary steps to store our sensitive data securely. However, with a significant rise in medical data breaches, a whopping 70% increase over the past seven years, it has become more important to understand how these breaches occur and how we can protect ourselves.
Recently, LabCorp, a medical testing company, announced a breach affecting approximately 7.7 million customers, exposing their names, addresses, birth dates, balance, and credit card or bank account information. This breach occurred due to an issue with a third-party billing collections vendor, the American Medical Collection Agency (AMCA). Not long before this, Quest Diagnostics, another company collaborating with AMCA, experienced a similar breach, affecting 11.9 million users.
Medical data is, by nature, nonperishable, making it a highly valuable asset for cybercriminals. This means that while a credit card number or bank account detail can be changed if compromised, medical information remains constant, maintaining its value over time. This also suggests that once procured, this information can be used for various malicious activities, from identity theft to extortion.
Realizing that the healthcare industry is riddled with various security vulnerabilities is crucial. Unencrypted traffic between servers, the ability to create admin accounts remotely, and the disclosure of private information are all shortcomings that these cybercriminals can exploit. With such access, they can permanently alter medical images, use medical research data for extortion, and much more. According to the McAfee Labs Threats Report, the healthcare sector witnessed a 210% increase in publicly disclosed security incidents from 2016 to 2017, resulting from failure to comply with security best practices or address vulnerabilities in medical software.
→ Dig Deeper: How to Safeguard Your Family Against A Medical Data Breach
While the onus lies on healthcare institutions to ensure the security of patients’ data, there are several steps that individuals can take on their own to safeguard their privacy. These steps become particularly pivotal if you think your personal or financial information might have been compromised due to recent breaches. In such instances, following certain best practices can significantly enhance your personal data security.
One such measure is placing a fraud alert on your credit. This effectively means that any new or recent requests will be scrutinized, making it challenging for fraudulent activities to occur. Additionally, the fraud alert enables you to access extra copies of your credit report, which you can peruse for any suspicious activities.
Another effective step you can consider is freezing your credit. Doing so makes it impossible for criminals to take out loans or open new accounts in your name. However, to execute this effectively, remember that credit needs to be frozen at each of the three major credit-reporting agencies – Equifax, TransUnion, and Experian.
Moreover, vigilance plays a critical role in protecting your personal data. Regularly checking your bank account and credit activity can help you spot any anomalies swiftly, allowing you to take immediate action.
McAfee Pro Tip: To lock or to freeze? That is the question. Credit lock only offers limitations in accessing an account. A credit freeze generally has more security features and financial protections guaranteed by law and the three major credit bureaus, so you’ll have more rights and protection if identity theft, fraud, scams, and other cybercrimes occur with a credit freeze compared to a credit lock. Learn more about the difference between credit freeze and credit lock here.
Identity theft protection services offer an additional layer of security to protect your personal as well as financial information. They actively monitor your accounts, provide prompt alerts for any suspicious activities, and help you recover losses if things go awry. An identity theft protection service like McAfee Identity Theft Protection can be beneficial. Remember, however, that even with such a service, you should continue practicing other security measures, as they form part of a comprehensive approach to data security.
These services work in the background to ensure constant protection. However, choosing a reputable and reliable identity theft protection service is essential. Do thorough research before committing and compare features such as monitoring services, recovery assistance, and insurance offerings. This step can help protect you not only during medical data breaches but also on other digital platforms where your personal information is stored.
If you suspect your personal data has been compromised, you should check your bank account and credit activity frequently. Regular monitoring of your accounts empowers you to stop fraudulent activity. Many banks and credit card companies provide free alerts—through an email or text message—whenever a new purchase is made, an unusual charge is noticed, or your account balance drops to a particular level.
Besides, you should also consider utilizing apps or online services provided by banks and credit companies to keep an eye on your accounts. Such tools can help you track your financial activity conveniently and take instant action if any suspicious activity is spotted. Regularly updating your contact information with banks and credit companies is also important, as it ensures you receive all alerts and updates on time.
→ Dig Deeper: Online Banking—Simple Steps to Protect Yourself from Bank Fraud
Increased digitization in the healthcare sector has brought convenience and improved patient services. However, it also presents attractive targets for cybercriminals eager to exploit vulnerabilities for personal gain. Medical data breaches are concerning due to their potential long-term impacts, so it’s critical to protect your personal information proactively.
While healthcare institutions must shoulder the primary responsibility to safeguard patient information, users are far from helpless. By placing a fraud alert, freezing your credit, using identity theft protection services like McAfee Identity Theft Protection, and maintaining vigilance over your financial activity, you can form a comprehensive defense strategy to protect yourself against potential breaches.
The post 4 Tips to Protect Your Information During Medical Data Breaches appeared first on McAfee Blog.
The moment you hop online, you lose a little privacy. How much depends on what you’re doing and what steps you’ve put in place to protect your privacy. The reality is that any online activity will generate data. As you surf, bank, and shop, data gets created. From there, other parties collect, analyze, and sometimes sell or share that data with others.
The most notable example of this is, of course, social media. Social media companies gather hosts of data and personal information about their users in exchange for free use of their platforms. Yet similar data collection happens far more broadly online. Internet service providers (ISPs) will often gather browsing data and information about their users. Some search engines will also gather information about their users, their searches, and where those searches take them. Another high-value form of data collection entails location tracking. App creators, ISPs, cell phone companies, and others will pair what you’re doing online with where and when you’re doing it.
Make no mistake that all this data has value. Whether it gets collected for advertising purposes, or to generate profit by selling data to others, your privacy has a price tag on it. Yet you have some say in all this. You can take several steps that can minimize the data trail that you create by going online. Put simply, you can take control of your privacy online.
→ Dig Deeper: How Data Brokers Sell Your Identity
Although data creation and collection naturally come with using the Internet, you can take several steps to make you and your data more private. Some of it comes down to behavior, while other steps involve settings and technologies that help cover your tracks. Here are 10 ways you can stay more private online:
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting—not to mention your relationships and likes. Put another way, keeping your profile public makes it searchable by search engines. Your profile is out there for anyone to see.
Taking a “friends only” approach to your social media profiles can help protect your privacy because that gives a possible scammer or stalker significantly less material to work with. Yet further, some platforms allow you to create sub-groups of friends and followers. With a quick review of your network, you can create a subgroup of your most trusted friends and restrict your posts to them as needed.
→ Dig Deeper: Over 10 Million Facebook Users Hacked in Ongoing Phishing Scam
Different devices and platforms will have their own privacy settings, so give them a look and see what your options are. For example, Facebook offers an entire page dedicated to privacy settings and offers a Privacy Checkup as well.
As for devices, Windows and Mac OS have extensive privacy controls available. Android provides visual guides on the topic, and Apple has a similar resource for iOS users as well. A quick search about privacy on any device, platform, or app should turn up some helpful results that can get you started if you have questions.
→ Dig Deeper: Privacy, Identity, and Device Protection: Why You Need to Invest in All Three
Privacy policies spell out what data a company might be collecting, for what purposes, what they do with it, and if they might share or otherwise sell it to third parties. The language in privacy policies can get somewhat long and complex. However, several companies have been making good faith efforts to explain their privacy policies in plain language on user-friendly websites.
Google provides a good example of this, which includes a link to their Privacy Checkup experience. Additionally, Apple offers users on iOS 15.2 or higher an app privacy report that shows what iPhone features and data apps have recently accessed. Once again, a web search will help point you to similar resources for the devices, platforms, and apps you use.
→ Dig Deeper: What Personal Data Do Companies Track?
Location tracking has become a prominent form of data collection. Smartphone applications are usually the prime culprits. Thankfully, you can easily disable the location-sharing feature on an app-by-app basis. Some apps allow you to enable location services only when in use, while for others, you can entirely disable location services. An alternative option is to set the app to ask for permission each time. This is an effective way to find out if any apps are using location services without your knowledge. For iPhone users, this can be found in Settings > Privacy & Security > Location Services. Android users can go to Settings > Locations > App Location Permissions.
Deactivating location sharing in your apps doesn’t necessarily mean you’ll stop seeing location-based ads. Advertisers often guess your general location by looking at your internet connection. They might not know your exact address, but they can get a pretty good idea of which city or town you’re in.
If you’ve been using the internet for a while, you likely have several old accounts that you no longer use or have forgotten about. Old accounts may still contain your personal data, exposing it to potential hackers or cyber thieves. It’s advisable to close any old accounts that you no longer need. Before doing this, ensure that you delete as much personal data from them as possible.
Deleting an account is often more complicated than simply not using it anymore. In many cases, you’ll have to contact the company or service provider to close your account. If you can’t find information on how to delete your account, a quick web search can often lead you to step-by-step instructions.
McAfee Pro Tip: Your online presence expands as you create more internet accounts, and these accounts may potentially be leveraged by data brokers or third parties to gain access to your personal data. Improve your data security by erasing unused or old accounts to eliminate public-facing information. Know how to delete old accounts containing personal information.
Virtual Private Networks (VPN) can significantly enhance your online privacy. A VPN encrypts your internet connection, making it harder for third parties to track your online activities or capture your personal information. While connected to a VPN, your ISP can only see that you’re connected to a VPN server, but not what websites you visit or what data you’re transferring.
Besides protecting your data, VPNs can also prevent websites and online services from tracking your physical location. This can be particularly useful if you’re accessing the internet in a region with stringent internet censorship or if you want to access region-locked content.
Many people are surprised when they Google themselves and see how much information about them is publicly available. Data brokers collect information from various sources and make it available to anyone willing to pay for it. This can include personal information, such as your home address, estimated income, shopping habits, and more.
Fortunately, you can take steps to clean up your personal data trail. Start by Googling yourself to find out what information about you is publicly available. Next, contact the websites or data brokers that publish this information and request them to remove it. Several online services can help you with this process by automating it and making it more efficient.
→ Dig Deeper: How Data Brokers Sell Your Identity
Online privacy is a serious concern in today’s digital age. While it’s impossible to completely avoid data collection, there are numerous steps you can take to protect your personal data and make your online activities more private. These include being strategic with your social media settings, regularly reviewing your privacy settings, understanding the privacy policies of the apps you use, disabling location sharing, deactivating old accounts, using a VPN, and cleaning up your personal data trail. For added protection, use a comprehensive security solution such as McAfee+ Ultimate, which comes with features like password manager, antivirus software, and firewall protection; users can efficiently navigate the internet while avoiding online threats.
Whether we admit it or not, a significant portion of our privacy is within our control. By becoming more aware of what data we share and who we share it with, we can make decisions that protect our privacy. In an era where data is the new oil, taking steps to safeguard our digital privacy is more important than ever.
The post 10 Tips to Keep Your Data Private Online appeared first on McAfee Blog.
Read this statement, then read it again: Just five distracted seconds at 55 mph is equivalent to driving the length of a football field with your eyes closed. This alarming truth from the National Highway Traffic Safety Administration (NHTSA), highlights the need for parents to address the issue of distracted driving with their teens.
Additional distracted driving statistics are mind-blowing. According to the NHSTA, 77 percent of drivers admitted to using their phones while driving, 74 percent used their map app, 56 percent read emails or texts, 27 percent updated or checked their social media accounts, and shockingly, 19 percent of drivers—equivalent to one in five—engaged in online shopping while driving.
In the United States, distracted driving has become a leading cause of fatal crashes, accounting for 25 to 30 percent of all fatal crashes. Furthermore, overall highway fatalities have increased by 22 percent, as reported recently by The Los Angeles Times, which attributed this rise to the allure of technology turning our cars into “candy stores of distraction.”
While technology plays a significant role in distracted driving, other everyday choices and factors can also contribute to accidents. Eating while driving, managing a lively pet in the car, navigating unfamiliar streets, and even talking with peer passengers can distract young drivers. Studies have shown that crash risk doubles when teens drive with one peer passenger and quadruples with three or more teen passengers.
In the throes of summer, it’s a great time for parents to have a conversation with their teen drivers about the dangers of distracted driving and texting while driving. Here are some important topics to discuss and tips to help keep your kids safe on the road:
Remember, developing good (or better) habits takes time, effort, consistency, and parental involvement in teen driving. Preventing distracted driving with positive behavior change won’t happen overnight. Repeat yourself when it comes to road safety without apologies. Giving your child rules and expectations demonstrates love. By making some of these shifts, hopefully, you will worry less, raise wiser drivers, and improve safety for everyone on the roads.
The post Parent’s Guide: 8 Ways to Help Your Teen Combat Distracted Driving appeared first on McAfee Blog.
The time has come. Your kids are chafing at the bit to get on social media and you can no longer hold them back. But you’re terrified. ‘What if they say the wrong thing? What if they meet some unsavoury types or worst case, what if they get bullied?’ I hear you – everything you are concerned about is completely normal and totally valid. But this is not the time to put your head in the sand people, tempting as it is.
So, make yourself a cuppa. I’m going to run you through the basics so you can get your offspring (and yourself) through this quite significant moment in the best shape possible.
Ah, such a tricky question!! While there is no specific Aussie law that dictates the minimum age kids need to be to join social media, most social media platforms require their users to be 13 years old to set up an account. This is a result of a US federal law, the Children’s Online Privacy Protection Act (COPPA) , which affects any social media platform that US citizens can join. So, therefore it affects nearly all social media platforms worldwide.
But let’s keep it real – most kids join before they are 13. Some do with the consent of their parents, but many don’t. So, if your kids are consulting you on their move into social media, then pat yourself on the back. You’ve done a great job in keeping the lines of communication open and staying relevant. But if yours just charged ahead without involving you (like some of mine did) then it’s still not too late to be part of their journey.
In my opinion, there is no simple answer. A one size fits all approach doesn’t work here. Some kids mature faster than their peers, others may have a bigger dose of emotional intelligence and instinctively understand the ramifications of poor online behaviour. Some kids are more resilient and robust while others are more sensitive. There are so many things to consider when advising but ultimately, this is your call as a parent.
This is where many of us can come unstuck because it can feel so overwhelming knowing where to start. But don’t worry – I’ve got you. I’m going to give you 5 things that you can action that will make a huge difference to your kids’ online safety. And these strategies are relevant to all of us parents – regardless of whether your kids are new to social media or old hands!
I can’t stress enough just how important it is to have real conversations with your kids about all aspects of their lives, including the digital part. Asking them what they do online, why they like a certain app and who they play online games with are just some of the ways of starting a conversation. I am also a fan of sharing details of your online life with them too. Whether its sharing new apps with my kids, funny posts, or relevant news articles, I think if I regularly demonstrate that I get social media then I generate a little ‘tech cred’. And when you’ve got ‘tech cred’, they are more likely to come to you when things aren’t going swimmingly. And that’s exactly what we want as parents!
I love the idea of a clear contract between parents and kids that details your expectations about their online behaviour and technology use. It’s a great way of developing a set of guidelines that will help them navigate some of the risks and challenges associated with being online. Now, this agreement should be a family exercise so ensure your kids are invested in the process too. If you want a starting point, check out this one from The Modern Parent here.
Without a doubt, one of the most powerful ways to stay safe online is to ensure you have super duper passwords for each of your online accounts. So, take some time to ensure your kids have got this covered. Every online account needs its own individual password that should have no link to your child’s name, school, family, or favourite pet. I’m a big fan of a crazy sentence – I find they are easier to remember. If you include at least one capital letter, a few numbers, and symbols then you’re doing well. Password managers can be a great way of remembering and also generating complex passwords. These can be a godsend when your list of online accounts grows. All you need to do is remember the master password. How good!
And ensure they know to NEVER share passwords. Tell them that passwords are like toothbrushes – never to be shared! That always worked with my boys!
Unless you are proactive, privacy settings on social media platforms will remain on the default setting which usually means public. Now, this means that anyone who has access to the internet can view the posts and photos that you share whether you want them to or not. Now, this is not ideal for anyone but particularly not a young tween who is trying to find their feet online.
So, take some time to help your kids turn activate the privacy settings on all their online accounts. Turning their profile to private will give them more control over who can see their content and what people can tag them in.
There is some amazing technology that can really help you, help your kids stay safe. Installing security software on your kids’ devices is essential. McAfee+, McAfee’s new ‘all in one’ privacy, identity and device protection is a fantastic way to ensure all your family members are protected online. It features identity monitoring and a password manager but also an unlimited VPN, a file shredder, protection score and parental controls. A complete no brainer!
My absolute hope is that your kids’ social media career is smooth sailing. However, with four kids of my own, I know that curveballs and challenges are often inevitable. But if you’ve developed an open line of communication with your kids and possibly even generated a little ‘tech cred’, then it is likely they will reach out to you if things go awry.
Depending on the issue they are experiencing, you may just need to talk them through the situation. Perhaps they need help understanding they should have expressed something in a less inflammatory way or that they may be over-reacting to a comment. It may be helpful for you to work with them to develop an action plan or formulate a response to someone who is perhaps being a bit tricky.
But if they have experienced behaviour that you consider to be unacceptable, then you may need to take further action. I always recommend taking screen shots of concerning behaviour online. These may be important if you need to take further action down the track. Once you’ve taken screen shots, then block the person who is causing your child grief. You can also report the behaviour to the social media platform. If the perpetrator goes to the same school as your child, then I would approach the school and ask them to assist. If the situation is super serious, you can always report it to the Office of our ESafety Commissioner in Australia or the Police who can both work with social media platforms.
Congratulations! You have completed the basic course in social media parenting. I know letting them go can feel quite terrifying, but I know that if you cover off the basics and keep talking to them, then you’re setting them up for success online.
Over to you now, mum and dad!
Good luck!
Alex
The post 5 Minute Parent’s Guide to Social Media appeared first on McAfee Blog.
How it works • Installation • Usage • MODES • For Developers • Credits
Introducing SCRIPTKIDDI3, a powerful recon and initial vulnerability detection tool for Bug Bounty Hunters. Built using a variety of open-source tools and a shell script, SCRIPTKIDDI3 allows you to quickly and efficiently run a scan on the target domain and identify potential vulnerabilities.
SCRIPTKIDDI3 begins by performing recon on the target system, collecting information such as subdomains, and running services with nuclei. It then uses this information to scan for known vulnerabilities and potential attack vectors, alerting you to any high-risk issues that may need to be addressed.
In addition, SCRIPTKIDDI3 also includes features for identifying misconfigurations and insecure default settings with nuclei templates, helping you ensure that your systems are properly configured and secure.
SCRIPTKIDDI3 is an essential tool for conducting thorough and effective recon and vulnerability assessments. Let's Find Bugs with SCRIPTKIDDI3
[Thanks ChatGPT for the Description]
This tool mainly performs 3 tasks
SCRIPTKIDDI3 requires different tools to run successfully. Run the following command to install the latest version with all requirments-
git clone https://github.com/thecyberneh/scriptkiddi3.git
cd scriptkiddi3
bash installer.sh
scriptkiddi3 -h
This will display help for the tool. Here are all the switches it supports.
[ABOUT:]
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3,
A recon and initial vulnerability detection tool built using shell script and open source tools.
[Usage:]
scriptkiddi3 [MODE] [FLAGS]
scriptkiddi3 -m EXP -d target.com -c /path/to/config.yaml
[MODES:]
['-m'/'--mode']
Available Options for MODE:
SUB | sub | SUBDOMAIN | subdomain Run scriptkiddi3 in SUBDOMAIN ENUMERATION mode
URL | url Run scriptkiddi3 in URL ENUMERATION mode
EXP | exp | EXPLOIT | exploit Run scriptkiddi3 in Full Exploitation mode
Feature of EXPLOI mode : subdomain enumaration, URL Enumeration,
Vulnerability Detection with Nuclei,
an d Scan for SUBDOMAINE TAKEOVER
[FLAGS:]
[TARGET:] -d, --domain target domain to scan
[CONFIG:] -c, --config path of your configuration file for subfinder
[HELP:] -h, --help to get help menu
[UPDATE:] -u, --update to update tool
[Examples:]
Run scriptkiddi3 in full Exploitation mode
scriptkiddi3 -m EXP -d target.com
Use your own CONFIG file for subfinder
scriptkiddi3 -m EXP -d target.com -c /path/to/config.yaml
Run scriptkiddi3 in SUBDOMAIN ENUMERATION mode
scriptkiddi3 -m SUB -d target.com
Run scriptkiddi3 in URL ENUMERATION mode
scriptkiddi3 -m SUB -d target.com
Run SCRIPTKIDDI3 in FULL EXPLOITATION MODE
scriptkiddi3 -m EXP -d target.com
FULL EXPLOITATION MODE contains following functions
Run scriptkiddi3 in SUBDOMAIN ENUMERATION MODE
scriptkiddi3 -m SUB -d target.com
SUBDOMAIN ENUMERATION MODE contains following functions
Run scriptkiddi3 in URL ENUMERATION MODE
scriptkiddi3 -m URL -d target.com
URL ENUMERATION MODE contains following functions
Using your own CONFIG File for subfinder
scriptkiddi3 -m EXP -d target.com -c /path/to/config.yaml
You can also provie your own CONDIF file with your API Keys for subdomain enumeration with subfinder
Updating tool to latest version You can run following command to update tool
scriptkiddi3 -u
An Example of config.yaml
binaryedge:
- 0bf8919b-aab9-42e4-9574-d3b639324597
- ac244e2f-b635-4581-878a-33f4e79a2c13
censys:
- ac244e2f-b635-4581-878a-33f4e79a2c13:dd510d6e-1b6e-4655-83f6-f347b363def9
certspotter: []
passivetotal:
- sample-email@user.com:sample_password
securitytrails: []
shodan:
- AAAAClP1bJJSRMEYJazgwhJKrggRwKA
github:
- ghp_lkyJGU3jv1xmwk4SDXavrLDJ4dl2pSJMzj4X
- ghp_gkUuhkIYdQPj13ifH4KA3cXRn8JD2lqir2d4
zoomeye:
- zoomeye_username:zoomeye_password
If you have ideas for new functionality or modes that you would like to see in this tool, you can always submit a pull request (PR) to contribute your changes.
If you have any other queries, you can always contact me on Twitter(thecyberneh)
I would like to express my gratitude to all of the open source projects that have made this tool possible and have made recon tasks easier to accomplish.
Malware—the term seems to be at the center of the news every day, with each headline telling of a new way the cyber threat has inserted itself into our lives. From an entire attack campaign on banks worldwide, to a strain residing within medical devices, to a variant that has learned to self-heal, the list of malware-based attacks goes on. And as they do, it’s becoming more and more clear that today’s malware has not only become adaptive, but has learned how to spread its wings further than before, to devices beyond laptops and phones, and in a way that creates a longevity behind each cyberattack it spearheads.
However, though it is important to understand the many forms that malware, or malicious software, takes, it’s crucial to first and foremost grasp what it is.
The abbreviated term for malicious software, “malware,” is a generic term used to describe any type of software or code specifically designed to exploit a computer/mobile device or the data it contains, without consent. Most malware is designed to have some financial gain for the cybercriminal, as crooks typically use it to extract data that they can leverage over victims. That information can range anywhere from financial data, to healthcare records, to personal emails and passwords—the possibilities of what sort of information can be compromised have become endless.
So how exactly can these cybercriminals get their hands on so much data? Since its birth over 30 years ago, malware has found a variety of vessels to help it enact attacks. This includes email attachments, malicious advertisements on popular sites (malvertising), fake software installations, USB drives, infected apps, phishing emails, and even text messages.
Now, these are just a few of the ways malicious software can be delivered–but there are also different kinds of malware itself. To name a few:
Now that you know what malware is, how it can be delivered, and the many forms it takes, it’s time to learn how you can protect yourself against it:
The post Malware: 5 Tips for Fighting the Malicious Software appeared first on McAfee Blog.
It’s been like this from the start—wherever people shop, do business, or simply gather together, you’ll find thieves in the mix, ready to take advantage. And that’s truer today when it comes to life online as cybercriminals use the internet to steal financial or personal data for their personal gain—otherwise known as identity theft.
This is a criminal act and can affect your credit score in a negative way and cost money to fix. It can also affect employment opportunities since some employers conduct a credit check on top of drug testing and a criminal history check. Identity theft victims may even experience an impact to their mental health as they work to resolve their case.
This could include private details like your birth date, bank account information, Social Security number, home address, and more. With data like this, an individual can adopt your identity (or even create a fake identity using pieces of your personal profile) and apply for loans, credit cards, debit cards, and more.
You don’t have to be kept in the dark, though. The good news is that being able to recognize the signs of identity theft means you can act quickly to intervene and minimize any effects in case it happens to you. You can also protect yourself by using preventive measures and engaging in smart online behavior.
Steps to take if you think your identity has been stolen
There are several signs that your identity has been stolen, from a change in your credit score to receiving unfamiliar bills and debt collectors calling about unfamiliar new accounts. It may be an unusual charge on one of your cards, however small. Or you may use a credit monitoring service like ours and receive an alert of suspicious activity. However it comes to your attention, you can act fast to minimize what happens.
File a police report
Start by contacting law enforcement to file a report. Your local police department can issue a formal report, which you may need to get your bank or other financial institution to reverse fraudulent charges. An official report assures the bank that you have been affected by identity fraud and it’s not a scam.
Before going to the police, gather all the relevant information about what happened. This could include the dates and times of fraudulent activity and any account numbers affected. Bringing copies of your bank statements can be useful. Also, make note of any suspicious activity that could be related. For example, was your debit card recently lost or your email hacked? The police will want to know.
Notify the company where the fraud occurred
You should also notify any businesses linked to your identity theft case. Depending on the type of identity theft, this could include banks, credit card companies, medical offices, health insurers, e-commerce stores, and more. Similarly, a fraudster may assume your identity to gain access to health care services, such as medical checkups, prescription drugs, or pricey medical devices. For instance, if someone uses your health insurance to get prescription drugs from a pharmacy, make sure to alert the pharmacy and your insurer.
File a report with the Federal Trade Commission
The Federal Trade Commission (FTC) is a government body that protects consumer interests. You can report identity theft via their portal, IdentityTheft.gov. They’ll then use the details you provide to create a free recovery plan you can use to address the effects of identity theft, like contacting the major credit bureaus or alerting the Internal Revenue Service (IRS) fraud department. You can report your case online or by calling 1-877-438-4338.
Outside of the U.S., our knowledge base article on identity theft offers suggestions for the specific steps you can take in specific countries, along with helpful links for local authorities that you can turn to for reporting and assistance.
Ask credit reporting agencies to issue a fraud alert
A common consequence of identity theft is a dip in the victim’s credit score. For example, a cybercriminal may take out new lines of credit in the victim’s name, accrue credit card debt, and then not pay the balance. For this reason, contacting the credit monitoring bureaus is one of the most important steps to take in identity theft cases.
There are three main agencies in the U.S.: TransUnion, Equifax, and Experian. You can get a free credit report from each agency every 12 months via AnnualCreditReport.com. Check the report and note all fraudulent activity or false information and flag it with the relevant bureau’s fraud department. You should also initiate a fraud alert with each agency.
A fraud alert requires any creditors to verify your identity before opening a new line of credit. This adds an extra layer of security. An initial fraud alert lasts for 90 days. Once this expires, you can prolong your protection via an extended fraud alert, which will remain valid for seven years. You can notify one of the big three bureaus to set it up. They are then required to notify the other two bureaus.
A credit freeze is another smart move, which you can do through each of the three major credit bureaus. You can either call them or start the process online. This prevents people from accessing your credit report. Lenders, creditors, retailers, landlords, and others may want to see your credit as proof of financial stability. For example, if someone tries to open a phone contract under your name, the retailer may check the credit report. If there is a credit freeze in place, they won’t be able to view it and won’t issue the contract. If you need to allow someone access to your credit report, you can temporarily lift the freeze. And depending on your plan, you can issue a credit freeze or an even more comprehensive security freeze right from the McAfee app.
Change passwords for your accounts
Identity theft is often linked with leaked or hacked passwords. Even if you aren’t sure whether your passwords have been compromised, it’s best to play it safe. Change passwords to any affected accounts. Make sure to use strong, unique passwords for each of your accounts with a mix of numbers, letters, and symbols. A password manager included with comprehensive online protection software can do the work for you by creating and securely storing them for you. Further, if there’s a chance to activate two-factor authentication on your accounts go ahead and use it as it makes accessing accounts with a stolen password more difficult.
Is it possible to prevent identity theft?
Putting thorough protections in place can greatly reduce your risk of identity theft. As mentioned above, our McAfee+ plans offer a broad set of features that can help protect your identity. You monitor your credit, monitor your identity, and even help you restore your credit with identity theft & restoration services that cover up to $1 million in losses due to identity theft and connect you with recovery pros who can help you clean up your credit.
Additionally, you can grab a copy of our free Identity Protection Guide that covers the topic in detail—it’s part of our McAfee Safety Series, dedicated to ways you can protect yourself for a safer, more enjoyable life online.
If identity theft happens to you …
Realizing that you’ve become a victim carries plenty of emotion with it, which is understandable—the thief has stolen a part of you to get at your money, information, or even reputation. Once that initial rush of anger and surprise has passed, it’s time to get clinical and get busy. Right away.
Think like a detective who is building—and closing—a case. That’s exactly what you’re doing. Follow the steps, document each one, and build up your case file as you need. Staying cool, organized, and ready with an answer for any questions you’ll face in the process of restoring your identity will help you see things through.
The post What Should You Do if Your Identity Has Been Stolen? appeared first on McAfee Blog.
It has a way of sneaking up on you. Credit theft and fraud.
Maybe it’s happened to you. Maybe it’s happened to a friend or family member. There’s a call from the bank, a notification in your financial app, or a charge on the statement that’s beyond explanation. Someone else has tapped into your funds. Or worse yet, someone stole your identity and took out a loan in your name. You find out only after it’s happened.
That’s the trick with credit theft and fraud. People typically discover it after the damage is done. Then they’re left picking up the pieces, which can cost both time and money. Not to mention a potential knock to their credit score.
However, you can help keep it from happening to you. Our recently published Credit Protection Security Guide breaks down several ways. Here we’ll get into a quick introduction on the topic and show how you can prevent against credit theft and fraud better than ever before.
It’s an unfortunate reality in the world we live in today. Credit theft and fraud are something we all need to look out for, particularly as we increasingly shop and conduct our finances online, potentially exposing that information to thieves. Some figures estimate that for nearly every $100 in purchases made with debit and credit cards worldwide, somewhere around 7 cents can be stolen or fraudulent. As you can imagine, that figure adds up quickly, to the tune of more than $28 billion globally each year.
The flipside is this: today we have plenty of tools that make protecting our credit far easier than they ever were before. Up until now, that called for a time-consuming and sometimes rather manual process. You had to check credit separately with the different bureaus, place locks and freezes the same way, scan each credit report closely for suspicious activity, and so forth.
Now, online protection software can take much of that work off your hands. Comprehensive protection like McAfee+ has plans that offer credit monitoring, identity monitoring, and even identity theft protection & restoration—all quickly spotting any changes, notifying you if your personal information pops up on the dark web, and providing $1 of coverage toward restoring your credit along with the help of a licensed recovery pro if the unexpected happens to you.
Another thing online protection can do for you removes your personal information from those “people finder” and data broker sites. Identity thieves lean on those sites because they contain valuable information that they can piece together to commit theft and fraud in someone else’s name. If you think about your identity as a big jigsaw puzzle, these sites contain valuable pieces that can help complete the picture—or just enough to take a crack at your credit.
In fact, personal information fuels a global data trading economy estimated at $200 billion U.S. dollars a year. Run by data brokers that keep hundreds and even thousands of data points on billions of people, these sites gather, analyze, buy, and sell this information to other companies as well as to advertisers. Likewise, these data brokers may sell this information to bad actors, such as hackers, spammers, and identity thieves who would twist this information for their own purposes. In short, data brokers don’t discriminate. They’ll sell personal information to anyone.
Getting your info removed from these sites can seem like a daunting task. (Where do I start, and just how many of these sites are out there?) Our Personal Data Cleanup can help by regularly scanning these high-risk data broker sites for you and info associated with you like your home address, date of birth, and names of relatives—along with other detailed information about you that could include marriage licenses, voter registration and motor vehicle records, even real estate records too. It identifies which sites are selling your data, and depending on your plan, automatically requests removal.
How things have changed. Even as thieves have gotten savvier in the digital age, so have we. Collectively, we have a growing arsenal of ways that we can keep on top of our credit and protect ourselves from credit theft and fraud.
Our Credit Protection Security Guide breaks it all down in detail. In it, you’ll learn more about how thieves work, ways you can secure your credit online and off, how to monitor and lock it down, plus protect your mobile wallets too. It’s thorough. Yet you’ll find how straightforward the solution is. A few changes in habits and a few extra protections at your side will go a long way toward prevention—helping you avoid that call, text, or notification that your credit has been compromised.
In all, you can take control of your credit and make sure you’re the only one putting it to good use.
The post Your Guide to Protecting Your Credit appeared first on McAfee Blog.
The joy of purchasing a new device is liberating. Now you can work, learn, and play faster — along with enjoying ample storage space. So, the last thing you’d expect is your apparently safe device being exposed to vulnerabilities, or “bloat.”
Exposure to unwanted software can derail its performance and hog its storage within a few months of usage. In technical terms, such pieces of software are referred to as bloatware. Bloatware has the potential to attack PCs with Microsoft systems and Android devices. It can also attack Apple iPhones and Macs although their systems tend to be built with a bit more protection.
This article defines bloatware, offers common examples, explains how to identify it, and discusses its impact on your computer’s security.
Bloatware, also called Junkware or Potentially Unwanted Programs (PUP), are third-party programs that slow down the performance of your device and lay it bare to cybersecurity risks.
Manufacturers initially introduced bloatware to provide users with more utility, but the programs led to device issues. Software programs that identify as bloatware run in the background, and locating them is not child’s play.
Bloatware finds its way into your device in two ways: it comes pre-installed or through programs downloaded from the internet. Lenovo‘s Superfish bloatware scandal from 2015 explains how bloatware can harm your devices.
Common examples of bloatware apps include:
As a piece of good advice, it is best to uninstall such apps when of no use — whether on your Android smartphone, Windows computer, or an iOS device.
Performance degradation is a common symptom of a device carrying bloatware. Extended boot-up times, clogged storage, and startup delays are common occurrences. Let’s review some programs that may also be bloatware:
Here’s how to identify bloatware:
As mentioned, not all bloatware is a threat to your device. Some may be useful and can be removed easily. But a major chunk of bloatware is known to slow down your computer.
Bloatware eats up a good chunk of the disk space or hard drive as it runs in the background, and it drains the battery life. Bloatware that isn’t removed quickly may clog your device with annoying ads. These ads can pose a security threat or even corrupt your operating system.
Sadly, it can be a challenge to uninstall bloatware because it finds its way back into the device — sometimes even after it has been deleted. In some cases, it may even redirect you to fake bloatware removal websites and offer malicious removal tools. Such websites ask you to install a new program to remove the previous one, trapping your device further. Unfortunately, there are no secret hacks to stop it from finding a way into your system.
Pro tip: Anytime you download a program or software, be sure it’s from an official source (like a secured website, the Google Play Store, or the Apple App Store). Installing a program from a suspicious website can put your device at risk, as the program can download bundles of other programs on the back end without your knowledge.
Windows 10 comes with a special refresh tool to remove any bloatware disguised as user-installed programs. This tool can bring your PC back to a clean slate. It’s important to check your hard drive beforehand, as it can also remove licenses.
Bloatware can be both harmful and annoying. New devices need full-fledged protection so they can last longer. The answer to your bloatware woes is an antivirus program. It safeguards your computer from dangerous security threats and prevents accidental downloads, so malicious bloatware or malware can’t access your device.
Bloatware can compromise your online safety and security. McAfee+’s protection package is the ideal investment for your new device, so you can work without any hassles or doubts.
McAfee+ enables a top-tier level of online security with full protection from pesky software programs like bloatware. Additionally, you get access to antivirus software for unlimited devices, lost wallet protection, a secure VPN, personal data clean-ups, and more. Sign up for McAfee + and rest easy while your devices remain bloatware-free.
The post What Is Bloatware and How Can It Impact Security? appeared first on McAfee Blog.
With regular marketing emails from brands, businesses, and subscription services, our email accounts are more cluttered than ever. The number of daily emails exchanged globally reached an estimated 319 billion in 2021. Unfortunately, the chances that these emails were spam or junk are quite high. In fact, 45% of all email traffic came from spam emails as of December 2021.
With emails often being the preferred mode of communication for official purposes, it’s important to observe good digital hygiene with your inbox. While a cluttered inbox can be overwhelming, it can also double as a cybersecurity threat. Junk emails that contain malware or act as phishing tools are notorious for wreaking havoc in IT systems or aiding identity theft.
Are you tired of opening your inbox to a barrage of unwanted emails? Read this article to learn how to block or eliminate spam emails.
We know you didn’t sign up to be spammed by unwanted emails. So why is your inbox overflowing with spam messages? It could be one of many reasons, including:
Companies also often share information that you’ve entered during registration with other businesses. Applications for loyalty cards and discount coupons at checkout are also sources of customer information for companies. Although companies are mandated to ask permission before sharing your personal information with affiliates, users often ignore the fine print. So, how do you block these unwanted emails?
Fortunately, most email services let you block this contact or other specific email addresses by following a few simple steps. Usually, just notifying your email service that a certain sender is spamming you does the job. The process varies according to the email provider used. Read on to find out how to keep your inbox clean.
Gmail users can block spam mail using the Gmail app or web app. Follow the steps below to block emails while using the web app:
Open a message from the sender you wish to block. If you don’t have a recent email from them, search their address or name in the search box at the top of the page.
Doing this will cause all future emails from this sender to enter your spam folder. If you block someone you didn’t intend to, follow the same procedure to unblock and start receiving mail from their address.
Follow these steps to block an address using the Outlook (the new Hotmail) web app:
By marking the email as junk, Outlook filters and sends all further emails from the sender to your spam folder.
Like all other service providers, the process of blocking a sender from your Yahoo mail account is quite straightforward. Use your web app and follow these steps to get rid of junk mail from your inbox:
Alternatively, you can also block a sender from the Settings menu.
You can unblock any address by navigating to “Blocked addresses” using the same steps and unblock any ID.
To proactively block senders from your AOL Mail inbox, follow the steps below using your web browser:
Following these simple steps marks all future emails from the chosen sender as spam and sends them to the spam folder.
The Apple iOS email app on iPhone, iPad, and Mac only recently allowed unsubscribing from mailing lists. It still doesn’t let you block senders. Follow the steps detailed below to filter and unsubscribe from senders:
Flag any email as spam by forwarding the email to spam@icloud.com.
Widely used and accepted email services are a frequent target of cyberattacks. Attackers can use email to gain control or access your personal information and resources.
Securing email systems is crucial since your email might contain a lot of sensitive information, including financial documents, legal information, important personal documents, or even trade secrets.
As an email sender and receiver, you should be aware of the most common ways the service is used to infect a computer.
A general rule of thumb is to verify and review download links, forms, and email addresses of the sender before clicking on them, as they can pose significant threats to your cybersecurity. If you receive an email from someone you trust but it contains a link that you find suspicious, multiple websites can analyze URLs and files for malware.
Keeping an email system safe involves securing the servers of the client and the user. As an informal email system user, it can be hard to mitigate and manage risks posed by malicious emails on your own.
Fortunately, you can utilize McAfee+and Identity Theft Protection. McAfee ensures complete cyber protection with advanced monitoring, customized tips according to your usage, and data clean-ups. With multiple subscription plans at your disposal, you can protect yourself and your family from all kinds of cyberthreats.
The post How to Block Emails appeared first on McAfee Blog.
Have you seen that small pop-up on your phone or laptop that says your password has been compromised?
Simple and weak passwords are prone to guesswork, and attackers can force their way in if the password length is too short. Attackers can easily guess simple passwords like your birthday, email account, or one of your former phone numbers.
A long password made up of a random string of characters, including letters, numbers, and symbols, is considered strong security against data breaches.
Creating a strong password for each of your accounts is the best way to protect your sensitive information. Coming up with a unique password for every account and learning each one by heart can be challenging. This is where a password generator can help you create a random password. Password generators are also beneficial when you want to change an old password.
The next challenge is storing your passwords safely so that you can keep track of each of your account’s login information. McAfee True Key is another tool to streamline your password security and management. Simply sign in once using a master password, and True Key will auto-save and autofill your passwords for you whenever you want to access one of your accounts.
A password generator is a software that creates random passwords for its users. A random password generator will construct passwords of any length using numbers, letters, and symbols. You can also add customizations to your randomly generated password, such as using only alphanumeric characters with no symbols. Using a password generator is considered a great way to secure your data. Without a strong password to secure your data, you risk financial fraud and identity theft.
In addition to stealing your money, a hacker who controls your account can apply for new credit cards and reduce your credit score.
With the rapid growth of security failure and cybercrime, a strong password from a password generator can protect your data against fraud and malware attacks. Traditional password attacks include brute force attacks, rainbow tables, and dictionary attacks.
A strong password consisting of a long string of ambiguous characters, including alphanumeric and symbols, can shield against this. Whenever you are asked to update a password on one of your account websites, you can immediately create a strong password using a password generator. It’s also a healthy practice to update passwords every three months. You can accomplish this easily using a password generator.
The password strength directly correlates to the computing power needed to crack it. Here are the key elements of a strong password:
A good password generator tool works by creating a random password using “cryptographically secure” random values. In other words, these passwords cannot be predicted by attackers even if they replicate the algorithm employed by the generator. This makes such password generators an incredibly safe and effective way to create unique passwords. In addition to their security, password generators let you tailor your new password to a preferred length and complexity.
You can generate a slew of unique passwords in an instant. Once you find one you like, your password generator can save it for you. Some secure password generators like McAfee True Key also combine password management in their functions. Bid goodbye to the hassle of individually signing into every account with a unique password. You can store all of your unique passwords and sign in to any of your accounts using a single master password.
You can get a range of features with your password generator to improve your data security. Here are some useful characteristics to look for in a good password generator:
McAfee True Key can help you generate strong passwords while also serving as a place to store all of your unique passwords. True Key protects your passwords by scrambling them using AES-256, one of the strongest encryption algorithms available. With factors of your choosing, only you can decrypt and access your sensitive information on True Key by signing in using a single master password.
Access all of your data on True Key by signing in using your secure master password. Every time you sign in to your True Key account, your identity will be verified using at least two factors of your choosing. You can customize your profile by adding more sign-in factors; the more you add, the more secure your information.
True Key is supported by iOS, Android, Mac, and PC devices, meaning you can sign in from any of these operating systems. You also get local data encryption and cross-device syncing across all of these devices. Supported browsers include Chrome, Firefox, Microsoft Edge, and Safari. McAfee respects your privacy, which means your passwords are not accessible to anyone but you. Your data will never be sold or shared with any third parties.
Your password determines your data security. Data breaches can involve cases of identity theft and financial fraud. Create strong passwords for every account to keep your online data free from financial fraud and malicious intent. You can accomplish this using a strong password generator. Ensure your password generator uses cryptographically secure random variables, so hackers can’t predict your passwords even if they have access to the algorithm used for the generator.
In addition to creating unique passwords, a password generator also serves as a secure place to store your passwords. Most people assume they are safe when storing passwords in a document on their PC. If a hacker gains access to your device, they can read the document containing all of your sensitive passwords. Prevent this by using a password manager, which requires a master password and two-factor authentication to log in.
Get these benefits and more completely free when you install McAfee True Key. And to protect yourself even more, consider McAfee+
The post Strong Password Generators appeared first on McAfee Blog.
It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were busy setting up shop. To trick unsuspecting users, cybercriminals have set up crafty mobile threats – some that users may not even be fully aware of. These sneaky cyberthreats include SMSishing, fake networks, malicious apps, and grayware, which have all grown in sophistication over time. This means users need to be equipped with the know-how to navigate the choppy waters that come with these smartphone-related cyberthreats. Let’s get started.
If you use email, then you are probably familiar with what phishing is. And while phishing is commonly executed through email and malicious links, there is a form of phishing that specifically targets mobile devices called SMSishing. This growing threat allows cybercriminals to utilize messaging apps to send unsuspecting users a SMSishing message. These messages serve one purpose – to obtain personal information, such as logins and financial information. With that information, cybercriminals could impersonate the user to access banking records or steal their identity.
While this threat was once a rarity, its the rise in popularity is two-fold. The first aspect is that users have been educated to distrust email messages and the second is the rise in mobile phone usage throughout the world. Although this threat shows no sign of slowing down, there are ways to avoid a cybercriminal’s SMSishing hooks. Get started with these tips:
Public and free Wi-Fi is practically everywhere nowadays, with some destinations even having city-wide Wi-Fi set up. But that Wi-Fi users are connecting their mobile device to may not be the most secure, given cybercriminals can exploit weaknesses in these networks to intercept messages, login credentials, or other personal information. Beyond exploiting weaknesses, some cybercriminals take it a step further and create fake networks with generic names that trick unsuspecting users into connecting their devices. These networks are called “evil-twin” networks. For help in spotting these imposters, there are few tricks the savvy user can deploy to prevent an evil twin network from wreaking havoc on their mobile device:
Fake apps have become a rampant problem for Android and iPhone users alike. This is mainly in part due to malicious apps hiding in plain sight on legitimate sources, such as the Google Play Store and Apple’s App Store. After users download a faulty app, cybercriminals deploy malware that operates in the background of mobile devices which makes it difficult for users to realize anything is wrong. And while users think they’ve just downloaded another run-of-the-mill app, the malware is hard at work obtaining personal data.
In order to keep sensitive information out of the hands of cybercriminals, here are a few things users can look for when they need to determine whether an app is fact or fiction:
With so many types of malware out in the world, it’s hard to keep track of them all. But there is one in particular that mobile device users need to be keenly aware of called grayware. As a coverall term for software or code that sits between normal and malicious, grayware comes in many forms, such as adware, spyware or madware. While adware and spyware can sometimes operate simultaneously on infected computers, madware — or adware on mobile devices — infiltrates smartphones by hiding within rogue apps. Once a mobile device is infected with madware from a malicious app, ads can infiltrate almost every aspect on a user’s phone. Madware isn’t just annoying; it also is a security and privacy risk, as some threats will try to obtain users’ data. To avoid the annoyance, as well as the cybersecurity risks of grayware, users can prepare their devices with these cautionary steps:
The post Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You appeared first on McAfee Blog.
Happy Cybersecurity Awareness Month!
Every October, the National Cybersecurity Alliance selects a theme around which to publish extensive awareness resources and practical tips to help you improve your cybersecurity.1 This year’s theme is “It’s easy to stay safe online.” With the number of cyberthreats and breaches dominating the headlines, it can seem like a Herculean task to cover all your bases; however, with just four easy habits, you can actually protect yourself against a large percentage of these threats!
Don’t be scared of hackers, phishers, or cybercriminals this month. Leave that to the ghosts, ghouls, and your upcoming holiday social calendar.
Multifactor authentication (MFA) is an excellent way to frustrate cybercriminals attempting to break into your online accounts. MFA means that you need more than a username and password to log in, such as a one-time code sent to by email, text, or through an authentication app or a face or fingerprint scan. This adds an extra layer of security, because a thief would have to have access to your device, your email, or be able to trick a biometric reader to get into your online account.
Most online sites offer the option to turn on MFA. While it may add an extra few seconds to the login process, it’s well worth it. Username and password combinations can be up for sale on the dark web following a breach. With these in hand, a cybercriminal could then help themselves to your online bank account, online medical records, and possibly your identity. When an account is secured with MFA, a criminal may quickly move on to another target that’s easier to crack.
Most sites won’t even let you proceed with creating an account if you don’t have a strong enough password. A strong password is one with a mix of capital and lowercase letters, numbers, and special characters. What also makes for an excellent password is one that’s unique. Reusing passwords can be just as risky as using “password123” or your pet’s name plus your birthday as a password. A reused password can put all your online accounts at risk, due to a practice called credential stuffing. Credential stuffing is a tactic where a cybercriminal attempts to input a stolen username and password combination in dozens of random websites and to see which doors it opens.
Remembering a different password for each of your online accounts is almost an impossible task. Luckily, password managers make it so you only have to remember one password ever again! Password managers, like the one available in McAfee+. safeguard all your passwords in one secure desktop extension or cellphone app that you can use anywhere. McAfee+ is secured with one of the most secure encryption algorithms available, and multifactor authentication is always standard.
It’s best to create passwords or passphrases that have a secret meaning that only you know. Stay away from using significant dates, names, or places, because those are easier to guess. You can also leave it up to your password manager to randomly generate a password for you. The resulting unintelligible jumble of numbers, letters, and symbols is virtually impossible for anyone to guess.
Software update notifications always seem ping on the outskirts of your desktop and mobile device at the most inconvenient times. What’s more inconvenient though is having your device hacked. Another easy tip to improve your cybersecurity is to update your device software whenever upgrades are available. Most software updates include security patches that smart teams have created to foil cybercriminals. The more outdated your apps or operating system is, the more time criminals have had to work out ways to infiltrate them.
Consider enabling automatic updates on all your devices. Many major updates occur in the early hours of the morning, meaning that you’ll never know your devices were offline. You’ll just wake up to new, secure software!
You’ve likely already experienced a phishing attempt, whether you were aware of it or not. Phishing is a common tactic used to eke personal details from unsuspecting or trusting people. Phishers often initiate contact through texts, emails, or social media direct messages, and they aim to get enough information to hack into your online accounts or to impersonate you.
Luckily, it’s usually easy to identify a phisher. Here are a few tell-tale signs for be on the lookout for:
Never engage with a phishing attempt. Do not forward the message or respond to them and never click on any links included in their message. The links could direct to malicious sites that could infect your device with malware or spyware.
Before you delete the message, block the sender, mark the message as junk, and report the phisher. Reporting can go a long way toward hopefully preventing the phisher from targeting someone else.
The best complement to your newfound excellent cyberhabits is a toolbelt of excellent services to patch any holes in your defense. McAfee+ includes all the services you need to boost your peace of mind about your online identity and privacy. You can surf public Wi-Fis safely with its secure VPN, protect your device with antivirus software, scan risky sites for your personally identifiable information, and more!
This October, make a commitment to improving your cybersecurity with the guidance of the National Cybersecurity Alliance and McAfee.
1National Cybersecurity Alliance, “Cybersecurity Awareness Month”
The post 4 Easy Things You Can Do Today to Improve Your Cybersecurity appeared first on McAfee Blog.
Internet security is a broad term that refers to a wide range of tactics that aim to protect activities conducted over the internet. Implementing internet security measures helps protect users from different online threats like types of malware, phishing attacks, scams, and even unauthorized access by hackers.
In this article, we highlight the importance of internet security in safeguarding your computer network and outline what you can do to have a comprehensive computer security system in place.
As the internet expands and becomes an even bigger part of our lives, cyberthreats continue to grow both in scope and sophistication. According to Forbes, data breaches and cyberattacks saw an increase of 15.1% in 2021 compared to the previous year. These security threats come in different forms and vary in terms of complexity and detectability.
Some common online threats people face today include:
While these internet security threats may seem overwhelming at first glance, safeguarding your computer or mobile devices from them is relatively easy. Below is a detailed look at some security solutions available to you.
As we stated above, setting up an internet security system is a relatively straightforward process. Here are some basic network security measures you can implement right away.
The first step in making sure you have internet security is installing antivirus software. These programs are designed to prevent, search for, detect, and get rid of viruses and other types of malicious software.
Antivirus software can run automatic scans to make sure no network or data breach has occurred and scan specific files or directories for any malicious activity or patterns.
There are plenty of options to choose from when it comes to antivirus software, however, few programs offer the comprehensive level of protection the antivirus software included in McAfee® Total Protection provides to its users.
McAfee’s antivirus software comes with a wide selection of features, including malware detection, quarantine, and removal, different options for scanning files and applications, and an advanced firewall for home network security.
While this may sound obvious, it’s important to create strong and unique passwords for all your online accounts and devices. A significant percentage of data breaches occur as a result of simple password guessing.
Some tips to follow when creating a password include:
It can also be a good idea to use a password manager, as this will help reduce the risk of your passwords getting leaked or lost. McAfee’s password manager, is particularly convenient thanks to its advanced encryption and multi-factor authentication.
A firewall is a network security system built into your operating system. It monitors incoming and outgoing network traffic to prevent unauthorized access to your network. For it to be able to identify and block these threats, you’ll want to make sure your firewall is enabled on your device. If you’re unsure if your device comes with a firewall, you can benefit from one included in McAfee Total Protection.
Multi-factor authentication (MFA) is an authentication method that requires at least two pieces of evidence before granting access to an app or website. Using this method as much as possible can add another layer of security to your applications and reduce the likelihood of a data breach.
Your choice of browser is an important part of implementing internet security measures. In fact, web browsers vary widely in terms of the security features that they offer, with some offering just the basics and others providing a more complete range of features. Ideally, you should opt for a web browser that offers the following security features:
As children grow older, their internet use becomes more extensive. This can also increase their exposure to various security threats. To keep them safe online, educate them about the risks associated with web browsing and introduce them to some of the best practices for avoiding online threats like not sharing passwords.
Explain which information should be shared and which information should be kept private and instruct them to never click on links from unknown sources.
You should also take a more active approach to protect your children by setting parental controls on certain websites. For instance, you can use YouTube’s parental controls to filter any inappropriate content and keep a child-friendly interface.
The following tips can help you stay on the safe side in regard to internet security.
While malware attacks are common, their prevalence shouldn’t deter you from browsing the internet as usual. Adhering to the internet security best practices outlined in this article can help keep you safe from the majority of security threats that you might encounter online.
For added security, consider using an all-in-one antivirus solution like McAfee+. This is one of the most effective ways to safeguard your devices from online threats.
Let McAfee handle your security while you focus on enjoying the web.
The post What Is Internet Security? appeared first on McAfee Blog.
The internet has changed our lives in more ways than we can count. These days, anything we desire — whether it’s knowledge, career opportunities, or consumer products — is seemingly just a few clicks away from us.
And while it’s safe to say the impact of the internet has been an overall net positive, it’s also worth mentioning that its widespread adoption has introduced a number of new challenges we haven’t had to tackle before. Chiefly among them is the need to safeguard our personal data from the prying eyes of uninvited strangers.
These external threats on our data come in the form of malicious software, such as Trojan horses. Trojans are a type of malware that relies on social engineering to infect the device of an unsuspecting target. They get their name from the story of Odysseus when he hid his Greek soldiers inside a wooden horse to get inside the city of Troy.
Basically, Trojans infiltrate computer systems by masquerading as legitimate programs that are unwittingly downloaded and installed by the users. Hackers often use trojans to steal sensitive data such as medical, personal, or financial information. They are one of the most common types of malicious programs and can pose a threat to computer systems if left undetected.
In this article, we go over how to detect a Trojan infection and discuss some of the most effective ways to check for a Trojan on a Windows PC.
Like any computer virus infection, a system that’s infected with a Trojan horse can display a wide range of symptoms. Here are the main signs you should look out for.
Now that you’re familiar with some of the common symptoms of a Trojan infection, let’s delve into how you can check for it on your PC.
The first step you should consider is scanning your PC using an antivirus program. These anti-malware programs are an integral component of cybersecurity and should be the first thing you turn to when you’re trying to detect and remove Trojans.
There are plenty of malware scan options to choose from, with antivirus software included in McAfee® Total Protection being one of the most comprehensive and functional security software you can use.
It offers real-time protection from all types of malicious software threats, including viruses, rootkits, spyware, adware, ransomware, backdoors, and, last but not least, Trojans. McAfee virus protection comes with several valuable features, such as on-demand and scheduled scanning of files and apps, an advanced firewall for home network security, and compatibility with Windows, MacOS, Android, and iOS devices.
The next option you should explore is to search for Trojans in “safe mode.” This is an effective method of Trojan detection since safe mode only runs the basic programs needed for Microsoft Windows operation, making it easy to spot any unfamiliar or suspicious programs.
Here’s how you can search for Trojans in safe mode:
A simple yet effective way to detect unfamiliar applications or suspicious activity in your system is to check the processes in Windows Task Manager. This will allow you to see if there are any unauthorized malicious programs running in the background.
To check a list of all the active processes that are currently running on your PC, press Ctrl+Alt+Del and click on the “Processes” tab. Check the list of active applications and disable the process of apps without verified publishers or ones you don’t remember downloading and installing.
Another method you can try is to scan your PC using built-in Windows virus and threat protection tools. Microsoft Defender (called Windows Defender Security Center in older versions of Windows 10) can perform virus scans and detect various types of malware.
A dedicated antivirus software like McAfee virus protection can also detect and remove malware. Our program comes with a full range of features that are specifically designed to recognize and remove all forms of threats from your system.
Computer security shouldn’t be something you lose sleep over. As long as you’re using a complete virus protection tool like McAfee antivirus software, you can enjoy a stress-free browsing experience.
McAfee virus protection software is especially effective when it comes to scanning for Trojans and other types of malware and removing them before they can cause any damage to your computer system. With real-time, on-demand, and scheduled scanning of files and applications at your disposal, we’ll help you detect any emerging threat in a timely manner.
See how McAfee Total Protection can make your digital life that much more rewarding and check out our Personal Data Cleanup service, which regularly scans some of the riskiest data broker sites to help remove your personal information from the net and protect your identity from theft.
The post Best Ways to Check for a Trojan on Your PC appeared first on McAfee Blog.
A virtual private network (VPN) is a tool that enables users to protect their privacy while using an internet connection. VPNs create an encrypted tunnel — a private link between your device and the VPN server.
Essentially, this private link or tunnel keeps external influences out and allows your data to travel in an encrypted manner, enhancing security. The network’s privacy also makes sure your Internet Protocol (IP) address and browsing history is hidden online.
[Text Wrapping Break]VPNs use several VPN protocols like OpenVPN, IPSec/IKEv2, PPTP, SSTP, and WireGuard to protect you. In particular, McAfee® Safe Connect VPN supports the OpenVPN protocol, which is an open-source and highly secure protocol running on TCP or UDP internet protocol and used by many VPN providers globally. [Text Wrapping Break][Text Wrapping Break]Read on to know more about how VPNs work and learn to install one.
The best way to stay secure online is to minimize your digital footprint. A good VPN service allows you to do exactly this, acting as an additional layer of protection for your online activities.
The primary function of a VPN is encryption. Most websites and online browsers already have some form of encryption. For example, when you purchase something on Amazon, you have to enter your credit card details and address. Encryption creates a private tunnel for data transmission between your device and Amazon to make sure no one else can watch what you’re doing.
A VPN app does the same thing with an added level of security. The data that you pass to a VPN server is anonymized before it goes to the internet. In short, your device establishes an encrypted connection with the VPN server instead of connecting directly through the internet. So, the encryption protects your data and digital footprint from anyone outside the “private tunnel” between you and the secure VPN server.
Additionally, VPNs allow you to change or hide your IP address. An IP address is a number linked to a particular computer and network. Changing your IP address can trick the servers into thinking you’re connecting from a different geographical location. This can help improve security and provide additional benefits discussed below.
You can also use a VPN to hide your IP address. This may be helpful if you’re trying to access content from other countries (for example, Netflix may have different content in different countries) or trying to keep your internet search history away from the prying eyes of a third-party like your internet service provider or a government.
Using a VPN can help improve your online security. Nearly every internet activity — website and social media browsing, paying bills, online shopping, data sharing, and more — can be tracked by others. [Text Wrapping Break][Text Wrapping Break]Read on to learn about who typically uses a VPN and understand whether you should consider installing one.
Given the extra security that VPN connections provide, you can gain something from using a VPN client. So, if you’re an individual concerned about your online privacy or just want to browse online anonymously — consider using a VPN. A VPN enables you to use the internet without third parties seeing your identity or identifying you via your search history since they don’t know what you were searching about or using the internet for.
Big tech has had a long history of tracking private data for their gains. These companies regularly bundle data into coherent profiles and sell it to third parties. Additionally, they use private data to demonstrate targeted advertisements or manipulative content that makes you more likely to purchase their products. [Text Wrapping Break][Text Wrapping Break]So, it’s worthwhile to use a VPN if you regularly shop online or bank online. A VPN gives you that additional protection that can help prevent hackers or malicious third parties from accessing your information.[Text Wrapping Break][Text Wrapping Break]VPNs are excellent mechanisms for you to protect your privacy online. And you should consider your personal context and conduct thorough research to find the best VPN for your needs.
VPNs are particularly helpful if you travel a lot, either for business or for leisure. While traveling, it’s inevitable that you connect to random or unknown Wifi networks and it may be the case that these networks are spying on you. However, if you’re using a VPN to browse the web, these WiFi networks can’t track you or your search history. This ensures you maintain anonymity and are safe while using the internet.
Yes, an additional layer of protection to your online activities is always good practice. A VPN allows individuals using a personal computer to stay vigilant, protect their data, and maintain anonymity while allowing them to still enjoy their online experience.
VPNs provide more benefits than just serving as an additional layer for cybercriminals to pass through.
Depending on the VPN you’re using, it can be a straightforward process to connect a VPN to your Mac, Windows, iPhone, or Android mobile device. McAfee’s VPN works with multiple platforms and operating systems, including Microsoft Windows, macOS, Android, and iOS.
Use this guide to quickly set up a VPN with your device in a few simple steps.
With McAfee +, you can minimize your digital footprint through a secure connection channel without compromising your browsing experience. Connect to public networks, make financial transactions online, and keep your personal data safe with McAfee.
With our bank-grade AES-256 bit encryption technology and automatic protection, McAfee VPN protection can help safeguard all your online activities — allowing you to enjoy the internet the way it was meant to be enjoyed.
Explore our full suite of cybersecurity tools included in McAfee +, including our newest service, Personal Data Cleanup. We can help find and remove your personal data on some of the riskiest data broker sites.
The post What’s the Meaning of VPN? VPN Defined appeared first on McAfee Blog.
Malicious software, or “malware,” refers to any program designed to infect and disrupt computer systems and networks. The risks associated with a malware infection can range from poor device performance to stolen data.
However, thanks to their closed ecosystem, built-in security features, and strict policies on third-party apps, Apple devices tend to be less prone to malware infections compared to their Android counterparts. But it’s important to note that they’re not completely without vulnerabilities.
Several iPhone viruses could infect your smartphone and affect its functionality, especially if you jailbreak your iPhone (that is, opening your iOS to wider features, apps, and themes).
This article covers how you can detect malware infections and how to remove viruses from your device so you can get back to enjoying the digital world.
Malware can affect your iPhone in a variety of ways. Here are a few telltale signs that your iPhone might have an unwelcome visitor.
If you notice any of the signs above, it’s a good idea to check for malware. Here are some steps you can take.
If you’ve confirmed malware on your iPhone, don’t worry. There’s still time to protect yourself and your data. Below is an action plan you can follow to remove malware from your device.
In many cases, hackers exploit outdated versions of iOS to launch malware attacks. If you don’t have the latest version of your operating system, it’s a good idea to update iOS to close this potential vulnerability. Just follow these steps:
It might sound simple, but restarting your device can fix certain issues. The system will restart on its own when updating the iOS. If you already have the latest version, restart your iPhone now.
If updating the iOS and restarting your device didn’t fix the issue, try clearing your phone’s browsing history and data. If you’re using Safari, follow these steps:
Keep in mind that the process is similar for Google Chrome and most other popular web browsers.
Malicious software, such as spyware and ransomware, often end up on phones by masquerading as legitimate apps. To err on the side of caution, delete any apps that you don’t remember downloading or installing.
The option to restore to a previous backup is one of the most valuable features found on the iPhone and iPad. Essentially, this allows you to restore your device to an iCloud backup made before the malware infection.
Here’s how:
If none of the steps above solves the problem, a factory reset might be the next order of business. Restoring your phone to factory settings will reset it to its out-of-factory configuration, deleting all of your apps, content, and settings in the process and replacing them with original software only.
To factory reset your iPhone, follow these steps:
The best way to protect your iOS device is to avoid malware in the first place. Follow these security measures to safeguard your device:
If you have an iPhone and are like most other people, you probably use your device for almost everything you do online. And while it’s amazing to have the internet in the palm of your hands, it’s also important to be aware of online threats like malware, which can put your digital life at risk.
The good news is that McAfee has your back with our award-winning and full-scale mobile security app. McAfee Mobile Security provides full protection against various types of malware targeting the Apple ecosystem. With safe browsing features, a secure VPN, and antivirus software, McAfee Security for iOS delivers protection against emerging threats, so you can continue to use your iPhone with peace of mind.
Download the McAfee Security app today and get all-in-one protection.
The post A Guide to Remove Malware From Your iPhone appeared first on McAfee Blog.
When it comes to passwords, most of us would love nothing more than to set it and forget it. But that’s exactly what hackers are hoping for — in fact, it makes their job a lot easier. This means the best line of defense is frequent password changes.
But how often should you create new passwords? Cybersecurity experts recommend changing your password every three months. There may even be situations where you should change your password immediately, especially if a cybercriminal has access to your account.
This article explores those exact situations and covers some of the best password practices you can use to help safeguard these important combinations of letters and numbers.
There are some situations where you’ll want to change your password immediately.
If you think someone has hacked your account, it’s important to act fast and change your password. Did everyone in your address book get a strange email that looks like it’s from you? Change your email password. Are your Facebook friends getting a new friend request from you? Something’s not right, so you’ll want to change your password.
This can help limit the amount of time a cybercriminal has access to your account.
If there’s a password breach at work or within a company you do business with, you’ll want to change the password for any affected accounts. If you use that password for any other websites, you’ll definitely want to change your password to those accounts. If hackers get access to your password, they may try it on multiple websites to see what else they can steal.
As much as possible, try to avoid logging into your secure accounts on public Wi-Fi, such as at a library or cafe. Generally, an unsecure network means your online activity is public. If you need to use an unsecure network, change your password once you’re on a secure network.
It can also be a good idea to look into a smart VPN like McAfee Secure VPN, which automatically turns on to protect your personal data and credit card information even if you need to use public Wi-Fi.
Your personal information could be at risk if malware infects your computer. If you have quality antivirus software (like what’s included in McAfee Total Protection) and it detects malware, you’ll want to change your passwords from another device.
If you no longer have contact with someone, there’s no need for them to remain on your Netflix or Amazon account. There’s also no need for an ex to share a bank account or have mobile app access. Create new passwords when you’re no longer sharing an account with someone.
You may have an account you haven’t used in a year, such as from an online retailer. Change old passwords for seldom-used accounts and close the account if you don’t intend to use it again.
A good password can make it more difficult for hackers to access your accounts. But what exactly makes a strong password? Here are a few criteria.
A cybercriminal may use a variety of strategies to access your passwords. Here are some of their most common tactics.
When it comes to keeping your data secure, password complexity is just the beginning. Here are a few additional tips for keeping your passwords safe.
Review the passwords for all of your accounts. Make sure you’re not using any for multiple websites. See if your passwords are guessable. Do they include personal information like birthdays or addresses? If you find passwords that are weak or repeated, change those first.
Set up multi-factor authentication for important accounts, such as with financial institutions. Logging into a website with two-factor authentication requires you to enter a code sent by text or email in addition to a username and password.
Some accounts require multi-factor authentication with biometric factors for added security, such as a thumbprint or face scan. Using multi-factor authentication with long, complicated passwords can make an account more secure.
A password manager like McAfee True Key can help prevent unauthorized access to your online accounts by protecting your passwords with strong encryption. It also comes with a password generator to help you create complex passwords while storing them safely.
If you have old or weak passwords or use them on multiple sites, a password manager can generate new ones. It’ll then keep track of them and sign you in to apps and websites — with you only having to remember one master password.
Let McAfee True Key help you defend your personal data. The password management software makes dealing with passwords secure and easy.
McAfee True Key stores your passwords on your device using the strongest encryption available. Once you use a master password to log into True Key, it’ll auto-fill your passwords for any apps or websites you visit. For added convenience, True Key securely syncs your information across all of your devices so you can access it wherever you need it.
While McAfee manages your secure passwords, you can continue enjoying the internet the way it was intended — free from hackers.
The post How Often Should You Change Your Passwords? appeared first on McAfee Blog.
Password protection is one of the most common security protocols available. By creating a unique password, you are both proving your identity and keeping your personal information safer. However, when every account you have requires a separate password, it can be an overwhelming task. While you should be concerned about the safety of your data, you also want to avoid the frustration of forgetting your password and being blocked from the information you need. However, the benefits of using strong, unique passwords outweigh the occasional inconvenience.
The main benefit of a strong password is security. Hackers work quickly when they are trying to access accounts. They want to steal as much information as they can in as short a time as possible. This makes an account with a strong password less inviting because cracking the code is much more involved.
A strong password also limits the damage that hackers can do to your personal accounts. A common strategy involves cracking the passwords of less secure sites with limited personal information. The hackers hope that they can use the password from your gym membership app to access information in your online banking account. Strong password protection prevents this situation.
When someone is registering an online account, it can be tempting to blaze through the password process. In order to move quickly, there are several poor password practices that people employ.
A password is considered strong when it is difficult for a hacker to crack it quickly. Sophisticated algorithms can run through many password combinations in a short time. A password that is long, complex and unique will discourage attempts to break into your accounts.
If you want a password that is memorable but strong, you can easily turn a phrase into a layered, complex password. In this process, it is important to note that you should not use personal information that is available online as part of your phrase.
Now, you have a password that you can remember while challenging the algorithms hackers use.
When you consider the number of accounts you need to protect, coming up with a properly layered password is a time-consuming task. Even if you are able to decide on a memorable phrase, there are just too many accounts that need passwords. A password manager is a helpful tool to keep you safe while you are online. It acts as a database for all of your passwords. Each time you create a new code, it stores it so that you can automatically enter it later. You only need to remember a single password to access the tools of your manager.
Most managers can also do the work of creating complex, layered passwords for your accounts. These will be a string of random numbers, letters and characters. They will not be memorable, but you are relying on the manager to do the memorizing. These machine-generated passwords are especially helpful for accounts you rarely access or that do not hold significant information.
For critical accounts like your bank account or a work-related account, it can be helpful to keep an offline list of your passwords. Complex passwords are meant to be difficult to remember. You may recall the phrase but not all the detailed changes that make it layered. Keeping a document on a zip drive or even in a physical paper file or journal will allow you to access your information if your hardware fails or you are switching to a new system.
Cracking passwords is just one of the strategies hackers use to steal information. In addition to using strong passwords, it is important to employ comprehensive security software. Strong passwords will help protect your online accounts. Strong overall security will keep your hardware and network safe from danger.
The post Strong Password Ideas to Keep Your Information Safe appeared first on McAfee Blog.
Our phones store a lot of personal data, including contacts, social media account details, and bank account logins. We use our smartphones for everything under the sun, from work-related communication to online shopping.
However, like computer viruses, our phones can be vulnerable to malware. Viruses are a type of malware that replicate themselves and spread throughout the entire system. They can affect your phone’s performance or, worse, compromise your sensitive information so that hackers can benefit monetarily.
In this article, we give you a rundown of viruses that can infect your phone and how you can identify and eliminate them. We also provide some tips for protecting your phone from viruses in the first place.
iPhones and Android devices run on different operating systems. So, there are differences in the viruses that affect each type of mobile device and how resistant each operating system is to viruses.
Viruses have a harder time penetrating iOS because of its design (although iOS hacks can still happen). By restricting interactions between apps, Apple’s operating system limits the movement of an iPhone virus across the device. However, if you jailbreak your iPhone or iPad to unlock tweaks or install third-party apps, then the security restrictions set by Apple’s OS won’t work. This exposes iPhone users to vulnerabilities that cybercriminals can exploit.
While Android phones are also designed with cybersecurity in mind, their reliance on open-source code makes them an easier target for hackers. Android devices allow users to access third-party apps not available in the Google Play Store.
Cybercriminals today are sophisticated and can launch a variety of cyberattacks on your smartphone. Some viruses that can infect your phone include:
Smartphones and computers get viruses in a similar way. The most common include:
Now that you know how your phone could be the target of a virus, look out for these seven signs to determine if your device has been infected with malicious software.
Most pop-up ads don’t carry viruses but are only used as marketing tools. However, if you find yourself shutting pop-up ads more often than usual, it might indicate a virus on your phone.
Don’t open any apps in your library that you don’t remember installing. Instead, uninstall them immediately. These apps tend to carry malware that’s activated when the app is opened or used.
Your phone isn’t built to support malware. When you accidentally download apps that contain malware, the device has to work harder to continue functioning. In this case, your phone might be overheating.
If your contacts receive unsolicited scam emails or messages on social media from your account, especially those containing suspicious links, a virus may have accessed your contact list. It’s best to let all the recipients know that your phone has been hacked so that they don’t download any malware themselves or forward those links to anybody else.
An unusually slow-performing device is a hint of suspicious activity on your phone. The device may slow down because it needs to work harder to support the downloaded virus. Alternatively, unfamiliar apps might be taking up storage space and running background tasks, causing your phone to run slowly.
Be sure to follow up on charges on your credit card or transactions in your banking statements that you don’t recognize. It could be an unfamiliar app or malware making purchases through your account without your knowledge.
A sudden rise in your data usage or phone bill can be suspicious. A virus might be running background processes or using your internet connection to transfer data out of your device for malicious purposes.
An unusually quick battery drain may also cause concern. Your phone will be trying to meet the energy requirements of the virus, so this problem is likely to persist for as long as the virus is on the device.
You may have an inkling that a virus is housed inside your phone, but the only way to be sure is to check.
An easy way to do this is by downloading a trustworthy antivirus app. The McAfee Mobile Security app scans for threats regularly and blocks them in real time. It prevents suspicious apps from attaching themselves to your phone and secures any public connections you might be using.
If you detect a virus on your iPhone or Android device, there are several things you can do.
It’s never too late to start caring for your phone. Follow these tips to stay safe online and help reduce the risk of your phone getting a virus.
McAfee Mobile Security is committed to keeping your mobile phone secure, whether it’s an iPhone or Android device. In addition to regularly scanning your phone to track suspicious activity, our technology responds to threats in real time. Our comprehensive tools also secure your internet connections and let you browse peacefully. Using our app makes sure that your phone and data are protected at all times.
So, what are you waiting for? Download McAfee Mobile Security today!
The post 7 Signs Your Phone Has a Virus and What You Can Do appeared first on McAfee Blog.
Here’s one way you can help reduce your chances of identity theft: remove your personal information from the internet.
And chances are, you have more personal information posted online than you think.
According to the U.S. Federal Trade Commission (FTC), consumers registered 1.4 million identity theft complaints in 2021, all part of a year where consumers reported losing $5.8 billion to fraud overall—a 70% increase over the year prior.
What fuels all this theft and fraud? Access to personal information.
Scammers and thieves can get a hold of personal information in several ways, such as through phishing attacks that lure you into handing it over, malware that steals it from your devices, by purchasing your information on dark web marketplaces, or as a result of information leaked in data breaches, just to name a few.
However, scammers and thieves have other resources to help them commit theft and fraud—data broker sites, places where personal information is posted online for practically anyone to see. Which makes removing your info from them so important, from both an identity and privacy standpoint.
Think of data broker sites as huge repositories of personal information. Search your name and address online and you’ll see. You’ll likely find dozens of sites that turn up information about you, some of which offer a few pieces for free and others that offer far more information for a price.
Data brokers collect and then aggregate personal information from several sources, including:
Data brokers also buy personal information from other data brokers. As a result, some data brokers have thousands of pieces of data for billions of individuals worldwide.
What could that look like? A broker may know how much you paid for your home, your education level, where you’ve lived over the years and who your lived with, your driving record, and possibly your political leanings. A broker may also know your favorite flavor of ice cream and your preferred over-the-counter allergy medicine thanks to information from loyalty cards. Further, they may also have health-related information from fitness apps. The amount of personal information can run that broadly, and that deeply.
With information at this potential level of detail, it’s no wonder that data brokers rake in an estimated at $200 billion U.S. dollars worldwide every year.
On the legitimate side, it’s used by advertisers to create targeted ad campaigns. With information sold by data brokers, they can generate lists based on highly specific criteria, such as shopping histories, personal interests, and even political leanings as mentioned above. Likely without you being aware of it—and likely with no way to contest that information if it’s incorrect.
Other legitimate uses include using these sites for background checks. Law enforcement, reporters, and employers will use data brokers as a starting point for research because the leg work has largely been done for them. Namely, data brokers have aggregated a person’s information already, which is an otherwise time-consuming process.
If this seems a little shady, it’s still legal. As of now, the U.S. has no federal laws that regulate data brokers or require data them to remove personal information if requested. A few states, such as Nevada, Vermont, and California, have legislation in place aimed at protecting consumers. Meanwhile, the General Data Protection Regulation (GDPR) in the European Union has stricter rules about what information can be collected and what can be done with it. Still, the data broker economy thrives.
On the darker side, scammers and thieves use personal information for identity theft and fraud. With enough personal information gathered from enough sources, they can create a high-fidelity profile of their victims. One that gives them enough information to open new accounts in their name.
So, from the standpoint of both privacy and identity, cleaning up your personal information online makes a great deal of sense.
Let’s review some ways you can remove your personal information from data brokers and other sources on the internet.
The process starts with finding the sites that have your information. From there, you can request to have it removed. Yet as mentioned above, there are dozens and dozens of these sites. Knowing where to start is a challenge in of itself, as is manually making the requests once you have identified the sites that post and sell information about you.
Our Personal Data Cleanup can do the work for you. Personal Data Cleanup scans some of the riskiest data broker sites and shows you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites and can even manage the removal for you depending on your plan. It also monitors those sites, so if your info gets posted again, you can request its removal again.
As of September 2022, Google accounts for just over 92% of search engine market share worldwide. Aside from being a search engine, Google offers a myriad of other services and applications, such as Gmail and Google Maps. While Google offers plenty of tools for productivity, travel, work, and play for free, they still come at a cost—the gathering and analysis of your personal information.
You can limit the data Google associates with you by removing your name from Google search results with a removal request. This will disable anyone online from getting any results if they search your name. (Note that this will not remove your information from the original sites and sources where it’s posted.) Moreover, Google collects all your browsing data continuously. You have the option to turn on “Auto Delete” in your privacy settings to ensure that the data is deleted regularly and help limit the amount of time your sensitive data stays vulnerable.
You can also occasionally delete your cookies or use your browser in incognito mode to prevent websites from being tracked back to you. Go to your Google Chrome settings to clear your browser and cookie history.
As discussed above, data brokers can collect information from public social media profiles. You can minimize your presence on social media to the bare minimum. Make a list of the ones you use or have used in the past. If there are old accounts that you no longer use or websites that have gone by the wayside like Myspace or Tumblr, you may want to deactivate them or consider deleting them entirely.
For social media platforms that you still may use regularly, like Facebook and Instagram, consider adjusting your privacy settings to ensure that your personal information on these social media platforms is the bare minimum. For example, on Facebook you can lock your profile, while on Instagram you can stay private.
If you’ve ever published articles, written blogs, or created any content online, it might be a good time to consider taking it down if it is no longer serving a purpose. Depending on what you’ve posted, you may have shared personal details about your life. Additionally, you might be mentioned by other people in various social media posts, articles, or blogs. It is worth reaching out to these people to request them to take down posts with sensitive information.
Social media and online articles that host your personal information are often used when businesses or hackers are doing “internet scrapes” to find better ways to use your targeted information. Asking your friends or third-party sites to remove that information can help protect your privacy.
Another way you can tidy up your digital footprint online involves deleting all the unnecessary phone apps that you no longer need or use. Even when apps are not open or in use, they may be able to track personal information such as your real-time location and even your payment details if you have a paid subscription to the app.
Some apps even sell this data as it can be extremely advantageous to other companies, which they use to target certain consumer segments and profiles for advertising. Try to share as little information with apps as possible if you’re looking to minimize your online footprint, and provide them access to your photos, contacts, and location only on as-needed basis and only when the app is in use. Your phone’s app and location services settings will give you the tools to do it.
In addition to the steps above, comprehensive online protection software can keep you more private and minimize your risk of cybercrime. It can include:
So while it may seem like all this rampant collecting and selling of personal information is out of your hands, there’s plenty you can do to take control. With the steps outlined above and strong online protection software at your back, you can keep your personal information more private and secure.
The post 5 Steps to Removing Your Personal Information From the Internet appeared first on McAfee Blog.
Whether using the internet for play or work, you want to spend your time online enjoying the peace of mind that comes with having a secure network.
You don’t want to contend with someone taking your personal data — whether it’s credit card information, passwords, or bank account details — via malware or a data breach on your Android, Windows, or Apple iOS device.
Fortunately, with some sensible precautions and simple steps, you can use your connected devices productively without worrying about cybercriminals and malicious software. This article explains how to stop hackers from getting access to your sensitive data.
You can take steps to protect your different computing and mobile devices and operating systems. These steps can be divided into technological solutions and the right awareness and information to provide a comforting measure of self-protection.
It’s like learning karate for self-defense, giving you confidence as you negotiate the wider world (and hoping that you never have to use it).
When it comes to identity protection software, McAfee provides a proven solution with our identity protection and privacy services. The protection includes alerts if your sensitive information is found on the dark web (up to 10 months sooner than other providers), personal data cleanup from sites gathering and selling your information, and an unlimited virtual public network (VPN) service that protects your privacy as you use public Wi-Fi networks.
You’ll also get up to $1 million in identity theft coverage and hands-on restoration support to help you reclaim your identity.
Simple, obvious passwords and passcodes (like your street address, your birthday, your kids’ or pets’ names, or “1234” or “abcd”) are easy for cybercriminals to crack, giving them unwanted access to your private data.
The stronger your password, the better your protection. Some best password practices include:
It’s important not to be a standing target. Just as you should use different passwords for everything, you should regularly change your passwords. You should do this a few times a year (although some cyber experts say this might not be necessary if you have a long and very complicated password).
If you have a number of passwords that you update often, it might be worth getting a password manager like McAfee True Key to keep track of them. Not only will you not be faced with remembering all your different passwords or writing them down (also a no-no), but it can also help you create and store unique passwords.
The software uses the strongest encryption algorithms available to protect your passwords, scrambling them so no one else can access them. It’ll also suggest new passwords and automatically log you into your online accounts with just one master password.
Another important line of defense is multi-factor authentication (sometimes known as two-factor authentication). This system uses a password and a second piece of verification — often an SMS message sent to your Android device or iPhone — to authenticate your identity.
This provides hard-to-beat protection even if a hacker has your password. Besides receiving SMS codes, there are also code-generating apps and physical security keys.
Thinking before you click on an email or text is a very important defense against phishing scams. Your bank won’t send you an email or text notifying you that there’s been suspicious activity on your account.
Does getting a large refund from your phone company sound too good to be true? It is. Similarly, the Internal Revenue Service (IRS) won’t text to tell you that you owe them money, and princes aren’t going to give you a fortune out of the blue.
Internet users beware: If you’re not absolutely certain that the text message you received is from a legitimate and trusted source, delete it. You can always contact the business or person directly to confirm that the message is legit.
Any operating system or app you use is open to malicious cyberattacks. This is why you should keep all your software up to date with the latest versions. Software developers are continually fixing holes in their products and offering cybersecurity patches to make them as safe and hacker-proof as possible.
Make sure your software, firmware, and security settings are up to date on your home’s Wi-Fi router, as well. You can often change your settings to allow for automatic updates.
Sure, who doesn’t like to go to a cafe, library, or hotel lobby to use the free Wi-Fi? But security is often weak in these public networks. If you open your online banking account or access personal information, you may unwittingly be giving a personal invitation to eavesdropping cybercriminals.
This is where the bank-grade level of protection of McAfee Secure VPN comes in, which automatically turns on when you need it and keeps you safe on public Wi-Fi networks.
Even if your device does get hacked, you can protect vital information on your Windows or macOS system with an encryption program like BitLocker or FileVault. You can protect any hard drive you use, including portable ones and USB keys.
It’s also a good idea to only shop at encrypted websites marked with the prefix “HTTPS” in their URLs.
One of the best ways to surf the web in comfort while keeping hackers at bay is with the comprehensive solutions provided by McAfee Total Protection.
Your protection includes proactive measures (meaning we’ll guide you to the best choices for prevention), early detection, and expert identity theft support.
This means you’ll get identity monitoring, up to $1 million in identity theft coverage, lost wallet protection, premium antivirus software, a secure VPN, and personal data removal. In particular, our Personal Data Cleanup service will help find and remove your personal information from data broker websites and people search sites.
With McAfee, you don’t have to be afraid of hackers. Let us deal with them.
The post How to Stay One Step Ahead of Hackers appeared first on McAfee Blog.
Your digital footprint grows with every internet account you make. While your old Tumblr account may be fun for reminiscing, dormant accounts are actually one of the most significant sources of user data on the internet. These accounts can be used by data brokers or third parties to access your personal information.
To improve your data security, it’s good practice to remove public-facing information by deleting unused accounts. Simply put, having less personal data stored on the internet reduces the risk of theft and/or non-consensual data usage.
Deleting, canceling, unsubscribing, or removing your account can be a long process, depending on the service. This article will walk you through the simplest ways to delete unwanted accounts from various social media platforms.
Deleting unwanted accounts protects your information and prevents the monetization of your data. Your internet accounts often hold personal information like your name, age, email, or home address. What’s more alarming is that some platforms may even have credit card details, phone numbers, and bank account information.
When left unattended, internet accounts become vulnerable to being suspended or taken over by the platform. This means that if your accounts are left inactive for too long, you might be handing some or all of your data over to the tech platform.
For example, even if you believe an old Google account doesn’t have any sensitive information stored, it may be linked to other platforms you use (like Amazon or Google services like Gmail and Google Play). This exposes all of these accounts to several data privacy vulnerabilities.
Moreover, a recent survey found that 70% of surveyed adults admitted using the same password for more than one service. People who don’t use password managers or reuse passwords are at a greater security risk than others, as multiple accounts can become compromised at once. Whether the platform is now out of service or you are cutting down on your app usage, deleting dormant accounts will minimize security threats and safeguard your data.
Every platform has a different process for deleting accounts: Some take only a few clicks to complete and others are a little longer. Companies usually don’t want a user to stop using their services, so account deletion pages are often hidden in a complex web of tabs that you have to navigate.
In addition, some subscription services might require that you send an email to customer support to close your account. You can go to justdelete.me, an online directory that lets you access direct links to account deletion pages of various web services.
Remember to download your personal information and data before pulling the plug on your account. Most platforms let you download your data before initiating a deletion request, which saves you from losing important details and files. It is also important to check whether your Google account is used for your YouTube channel or connected to other online accounts.
To help you get rid of accounts you no longer use, we’ve broken down deleting accounts from some of the most popular social networks. The steps described below are for a desktop browser and may not apply to Android or iOS devices (unless specified).
Facebook’s user privacy policy enables it to store a large amount of user information, including personal messages, posts, search history, name, age, birthdate, and even metadata from posted photos and videos.
Follow these simple steps to delete your Facebook account:
LinkedIn collects information on users and uses it for targeted advertising. As a result, it amasses quite a lot of your data, from professional details to personal preferences and even your online behavior trail.
Follow these simple steps from your desktop to delete your account:
It’s simple to delete your Twitter account, but you’ll have to wait 30 days for your data and tweets to clear. To delete your account, you first need to deactivate it.
Once you’ve decided to delete your account from the micro-blogging site, follow these steps from your desktop:
Remember to revoke third-party access to your Twitter account to avoid having your account reactivated in the 30 days following deactivation.
Since Facebook and Instagram are both owned by Meta, they share a lot of data for targeted advertising. You can adjust the privacy settings of your Instagram account from the mobile app, but you will need to log in from a web browser like Chrome to delete your account.
To delete your Instagram account:
Your information and data will be permanently deleted after 30 days and you won’t be able to retrieve it. However, completing a deletion process may take up to 90 days.
Tumblr has a fairly simple process to delete your account:
Follow these steps to delete your account from the popular picture-sharing platform:
Pinterest servers continue to store your data after deletion, but your information won’t be visible to other users.
There are different steps to deleting your email account depending on which email service you use. Backing up email data usually takes more time because of the sheer volume of data a mail account can hold.
Complete the following steps to delete your Google account:
Here’s what you need to do to delete your Yahoo email account:
Deleting your Yahoo account also deletes the linked information from Yahoo’s other services.
Follow these steps to delete your Microsoft account on Outlook 2010, 2013, or 2016:
Leaving old information scattered across the internet makes you susceptible to identity theft. There are multiple ways to keep your identity and data secure online, including McAfee’s Total Protection plan.
Total Protection lets you choose from multiple affordable subscription models that provide comprehensive security against identity theft and potential data breaches and offers web protection and several related benefits. In addition, having access to 24/7 online security experts and a 30-day money-back guarantee make the Total Protection plan an easy, reliable, and safe choice. You can also have peace of mind with McAfee’s Personal Data Cleanup feature where our teams will work to find your personal information online and assist in removing it.
The post How to Delete Old Accounts Containing Personal Information appeared first on McAfee Blog.
We all love to spend time surfing the web — whether we’re shopping, paying bills, or reacting to funny memes. The internet has also allowed many of us to keep working from home even during the pandemic.
The internet is great, but the best way to keep enjoying it is to know where and how bad actors can pop up in our computer systems.
One way is through the use of ransomware, which is a type of malware that threatens users with blocked access or doxing (exposing personal information) if they don’t pay money to the cybercriminals who sent the malicious software.
We’ll explain what ransomware is, how it works, and how to defend against it so you can stay one step ahead and continue enjoying life online.
Ransomware is malware that uses encryption to hold your information at ransom. This might mean you can’t access critical data in files, databases, or applications. The cybercriminal will then usually demand a ransom to provide access.
Often, ransomware includes a deadline to add a sense of urgency to the threat. Typical ransomware attacks might suggest that your data will be lost or published on the web for the world to see if you don’t pay. Ransom demands generally ask for payment in Bitcoin or some other form of cryptocurrency, where transactions are less regulated and traceable.
Unfortunately, ransomware is often designed to spread across a network and target database and file servers — quickly paralyzing an entire organization. Ransomware attacks represent a growing problem, generating billions of dollars in payments to cybercriminals and inflicting damage and expenses for businesses and governmental organizations.
However, if you have a basic understanding of how ransomware works, you can take steps to protect yourself.
Ransomware uses asymmetric encryption, which uses a mixture of symmetric and asymmetric encryption methods to make it more difficult to decrypt ransomed data files. Put simply, cybercriminals using asymmetric encryption generate a public key to encrypt files and a separate but private key to decrypt the same files. As a result, the victim has to rely on the hacker for the decryption key — for a price, of course — because the private key to decrypt the files is stored on the attacker’s server.
The attacker then makes the private key available to the victim only after the ransom is paid, although this isn’t always the case, as seen in recent ransomware campaigns. Without access to the private key, it can be difficult to decrypt the files being held for ransom.
Many forms of ransomware exist. Often, ransomware (and other malware) is distributed using email spam campaigns or through targeted attacks. Malware needs an attack vector, which is how a cybercriminal gains access to a device to deliver malicious software. This might take the form of an email attachment, webpage, pop-up window, or even instant message. After malware establishes its presence, though, it’ll stay on the system until it finishes its task.
After a successful exploit, ransomware drops and executes a malicious binary on the infected system. This binary then searches and encrypts valuable files, such as Microsoft Word documents, images, databases, and so on. The ransomware may also exploit system and network vulnerabilities to spread to other systems and possibly across entire organizations.
Once files are encrypted, ransomware prompts the user for a ransom to be paid within 24 to 48 hours to decrypt the files, or they’ll be lost forever. If a data backup is unavailable or those backups are encrypted, the victim might have to pay the ransom to recover their personal files.
Cyberattacks, including different types of ransomware, occur and evolve all the time, but there are several ways to avoid them.
It all starts with looking to the past to protect your sensitive data in the future. In the next few sections, we’ll cover how hackers have engaged in extortion across computer systems over the years.
CryptoLocker was one of the earliest adopters of this type of malware — demanding a ransom payment in cryptocurrency for a user to get their data back. In fact, it was probably the first time many people had heard the term “ransomware.”
In 2013, CryptoLocker attacked through an email attachment that looked like the tracking notifications of shipping companies like UPS and FedEx. It resulted in more than 250,000 infected computer systems and up to $27 million in extorted money.
Although a decryption key has existed for CryptoLocker since 2014, it can still cause problems for users who may not recognize the presence of the ransomware before opening the attachment.
In 2017, Wannacry took the “worm” approach to ransomware, spreading across Windows PCs through shared networks. At the time, the ransomware turned everything on the computer into encrypted data, with the hackers threatening not to return the data until the ransom was paid (in this case, cryptocurrency). Estimates point to over 200,000 computers being infected around the world.
A killswitch was created to help operating systems infected with WannaCry, but the hacking group is still out there posing new threats.
The Kaseya ransomware attacks occurred on July 2, 2021, and led to an FBI response because this represented a global cybercrime event. In this instance, though, the ransomware group REvil made damaging use of vulnerabilities found in the on-premises software of Kaseya VSA. The hackers then demanded $70 million in Bitcoin.
The company managed many service providers, so the attack affected all of the downstream customers of those service providers. In fact, the malware attack may have affected around 1,500 organizations across the world.
The good news is that patches have now been developed for affected servers.
You might not immediately think of the world’s largest meat supplier as being one of the victims of ransomware, but that’s exactly what happened to JBS Foods.
Threatening to disrupt the food supply chain in May 2021, organized cybersecurity attacks by REvil targeted JBS’s North American and Australian plants, encrypting data that was then ransomed for over $11 million worth of Bitcoin by the company.
On May 7, 2021, hackers made malicious use of a single leaked password belonging to a virtual private network (VPN) account associated with the Colonial Pipeline Company.
Even though the breached account had been dormant for some time, it was still successfully used as an entry point to the Colonial network. The password to this account was linked to a batch of compromised passwords on the dark web, leading officials to believe it could have been an employee who re-used the same password for other accounts.
This major cybersecurity event showcases the ways that ransomware can set up camp inside computer systems without the use of phishing.
Being proactive is one of the best things you can do to safeguard against ransomware attacks. This means thinking ahead to what vulnerabilities may exist in your current computer network setup and addressing them before they’re used for cyber extortion.
There are several ways you can help reduce your exposure to cybercriminals by simply being alert to where they usually get in. The following sections offer information on how to set up the best possible defense against ransomware.
The best way to avoid the threat of being locked out of your critical files is to ensure that you always have backup copies of them, preferably in the cloud and on an external hard drive. This way, if you do get a ransomware infection, you can wipe your computer or device free and reinstall your files from backup. This protects your data, and you won’t be tempted to reward the malware authors by paying a ransom. Backups won’t prevent ransomware but they can help mitigate the risks.
Make sure your backup data isn’t accessible for modification or deletion from the systems where the data resides. Ransomware will look for data backups and encrypt or delete them so they can’t be recovered, so it’s important to use backup systems that don’t allow direct access to backup files.
Make sure all of your computers and devices are protected with comprehensive security software and keep all of your software up to date. Make sure you update your devices’ software early and often, as patches for flaws are typically included in each update.
Be careful where you click. Don’t respond to emails and text messages from people you don’t know and only download applications from trusted sources. This is important since malware authors often use social engineering to try to get you to install dangerous files.[Text Wrapping Break]
Avoid using public Wi-Fi networks since many of them aren’t secure and cybercriminals can snoop on your internet usage. Instead, consider installing a VPN like McAfee Secure VPN, which provides you with a secure connection to the internet no matter where you go.[Text Wrapping Break]
Keep current on the latest ransomware threats so you know what to look out for. In the case that you do get a ransomware infection and haven’t backed up all of your files, know that some decryption tools are made available by tech companies to help victims.
Ransomware attacks don’t have to spell disaster if you catch them in time and know what to do. If you suspect you’ve been hit with a ransomware attack, it’s important to act quickly.
Fortunately, there are several steps you can take to address ransomware issues quickly and have your computer systems return to business as usual in no time.
We’ve all spent more time online recently in the wake of the pandemic, and no one needs cybersecurity issues on their plates during this or any other time. The good news is that antivirus software is evolving rapidly and there are plenty of steps you can take to shield your computer systems from needless attacks like ransomware.
One surefire way to get peace of mind against hacker groups is to put your trust in the expert care of Total Protection services from McAfee. All of our plans come with a private VPN, antivirus protection, and safe-browsing features. This means you can live your connected life free from threats like ransomware, malware, and more.
With multiple affordable plans, there’s a McAfee protection plan for every person. It’s a small price to pay for staying one step ahead of ransomware attacks.
The post What Are Ransomware Attacks? An In-Depth Guide appeared first on McAfee Blog.
Smartphones and personal computers have enhanced our lives in so many ways that it can be hard to even imagine a world without them. The internet is an awesome place with endless opportunities and possibilities, but it’s also home to some seedy characters that can expose us to certain risks, like malvertising.
Malvertising, which is short for malicious advertising, attacks and compromises systems by spreading advertisements injected with malicious code. Legitimate advertising networks can then display these malicious advertisements without even knowing they’re infected.
In this article, we’ll take a closer look at what malvertising is and what you can do to secure your data and keep your information safe online. We’ll also provide some examples so you can fully understand how malvertising might be used.
Having a thorough understanding of malvertising is the first step toward keeping the internet a safe place for you and your family.
Since malvertising disguises malicious code inside legitimate online advertising, ad networks may find it hard to stop malvertising from appearing as legitimate ads.
Viewing malvertisements can put your personal information at risk, such as your identification information, contact details, and financial data. It can also alter or delete your information, hijack your computer functions, spy on your computer activities, and steal your data. And this all can happen without your knowledge.
The type of risk, though, depends on the programs that the malvertising successfully downloads onto your device. These programs can include:
Cybercriminals use various methods to inject infected code into online ads. Below are some examples of the types of malvertising that can pose a risk to your cybersecurity and exploit vulnerabilities on your devices.
Even highly reputable and popular websites, such as The New York Times, the BBC, Spotify, and AOL, have been targeted in the past by malicious ads, putting billions of visitors at risk. Any website can become a target.
Malvertising is often confused with ad malware. Both are forms of malware and involve infected advertisements, but they’re fundamentally different.
Malvertising uses malicious code that can cause harm to anyone viewing the infected advertisement, while adware is used to target individuals by forcing ads onto their devices to generate clicks. Users can get bombarded with pop-up ads, which can affect their devices. Adware also collects browsing information to sell to advertisers. This is often referred to as browser hijacking.
How to avoid malvertising as a web user
Taking the necessary steps to protect your online activities and personal identifying information can help shield you from malvertising attacks. Massive volumes of online ads are displayed every day, so it’s never been more important to safeguard yourself against any shady activity on the internet.
Taking a few steps can help you avoid malvertising and minimize your risk of identity theft.
With so much sensitive information being shared online, it’s never been more important to take the necessary steps to help keep your data and privacy safe.
McAfee Total Protection services can help increase cybersecurity on your devices and keep your identity private from hackers. We offer all-in-one protection so you can get the peace of mind you deserve while enjoying the internet.
All products include identity monitoring, automated privacy using a virtual private network (VPN), a password manager, a firewall, and much more. We also offer identity restoration assistance and up to $1 million in identity theft coverage to help relieve the burden of data breaches.
Get comprehensive identity protection from McAfee and get back to surfing the internet with confidence.
The post What Is Malvertising and How Do You Avoid It? appeared first on McAfee Blog.
There’s no denying that the internet fills a big part of our days. Whether playing, working, or studying, we rely on staying connected. But just as there’s a lot of good that comes with the internet, it can also make us susceptible to cybercriminals.
This is especially true if you’re using your phone on public Wi-Fi. Anyone with access to the public network can see your online activity, including hackers.
Fortunately, by keeping your personal information and data secure, you can continue to live your best life online. Advanced security and privacy tools like virtual private networks (VPNs) can shield your identity online, allowing you to browse online without worrying about hackers.
In this article, we’ll show you how to set up a VPN on your Android device manually or use a VPN app like McAfee’s Safe Connect VPN.
Using a VPN with your Android phone can be a smart move that allows you to live a fully connected life without risking catching the eyes of cybercriminals.
A VPN essentially hides your online presence and encrypts your information so that no one can steal sensitive data, like credit card details and passwords. It maximizes privacy and safety by sending your encrypted information through a tunnel to VPN servers in various locations globally. It’s so effective that not even your internet provider, search engine, or other third parties can take a peek at your data.
If you like video streaming on your smartphone but often run into geo-restricted content, you’ll also find a VPN useful. It changes your IP address, allowing you to access blocked content on platforms like YouTube and Netflix.
If you have an Android smartphone, you can use its built-in VPN client or legacy VPN. The integrated VPN uses several protocol suites, including PPTP, L2TP, and IPSec, to deliver a secure internet connection.
However, you’ll have to configure the built-in VPN manually, which can be hard. So, if you’re not that tech-savvy, a VPN app can be a good option. McAfee Security for Mobile is one such app available on the Google Play Store.
You might also want to opt for an app when:
Depending on your connection requirements and tech skills, we’ll walk you through how to set up your VPN manually or through an app.
Setting up a VPN manually by adjusting the VPN settings is one way to get the job done. This approach allows you to connect your device to a VPN server by entering configuration details.
You can set up the VPN manually via the user interface (UI) on your Android phone. The UI plays a big role in setting up and controlling the VPN solution. When the VPN is active, your mobile device system notifies you through the home screen.
To get your VPN up and running on your Android operating system, you’ll need to find the “Settings” menu on your device.
If you want to set up a VPN quickly and easily, your best bet is to install a VPN app on your mobile device. For instance, you can simply download McAfee’s Mobile Security app from the Google Play Store and register an account, allowing you to log in and start enjoying full protection.
Once you choose a VPN provider and sign up for a subscription plan (if paid), you’re ready to set up your VPN using the Android app. While the setup process can differ slightly depending on the VPN, here’s the process for setting up McAfee’s Safe Connect VPN app:
Now that you know about various steps to install a VPN on an Android device, consider investing in the award-winning McAfee Mobile Security App. This service comes with useful security tools for browsing the net on mobile devices and privacy protection for your Wi-Fi network. You can count on the award-winning software to secure your phone and the data it sends over the internet.
In addition to keeping your connection private, the software detects unwanted visitors and malicious apps. McAfee Mobile Security integrates an antivirus VPN that scans your device for cyberthreats and neutralizes them. The software delivers robust protection against evolving threats and gives you peace of mind.
Start protecting your digital life and securing your network traffic by signing up for McAfee Security for Mobile today.
The post How to Set Up a VPN on an Android appeared first on McAfee Blog.
Your smartphone comes with built-in location services, which are useful if you lose it or if you use an app that needs to know your location. But what if you don’t want your phone to be tracked? Can the phone be located if you turn off location services? The answer is yes, it’s possible to track mobile phones even if location services are turned off.
Turning off the location service on your phone can help conceal your location. This is important if you don’t want third parties knowing where you are or being able to track your movement. However, a smartphone can still be tracked through other techniques that reveal its general location.
This article explains how your phone can be tracked and what you can do to enhance your mobile security.
Whether you have an iOS or Android phone, there are ways it can be tracked even if location services are turned off. You may have used some of these yourself to find a lost or stolen phone. For example, the Find My iPhone app uses Bluetooth to help you find an iPhone even if it’s offline.
If you have an Android phone and the Find My Device app, you can log in to your Google account and use Google Maps to check your phone’s location history.
Here are four ways that your phone could be tracked:
The United States has more than 307,000 cell towers. When you use your phone, signals travel back and forth to the nearest cell tower. Cell carriers can calculate the general area of your phone by measuring the time it takes for a signal to travel back and forth.
Carriers use cell tower triangulation for a more accurate reading, which combines location data from three cell towers. This technology was developed to help 911 operators locate callers. It pinpoints the phone’s location within a 300-meter area.
A smartphone that has Wi-Fi enabled communicates with nearby Wi-Fi networks even if it’s not connected to one. Your device automatically scans Wi-Fi access points nearby and notes the signal strength.
When using public Wi-Fi, the provider commonly asks you to agree to location tracking. That Wi-Fi provider will then record your location whenever you’re in range of one of its hot spots.
To use public Wi-Fi while protecting your privacy, it’s a good idea to connect with a VPN like McAfee’s Safe Connect VPN. This software protects your data using bank-grade encryption to keep your online activity private. The VPN also keeps your IP address and physical location private.
Cell site simulators — otherwise known as stingrays— mimic cellphone towers. They trick your phone into pinging it, transmitting its location, and identifying information. Stingrays cause cellphones to connect to them rather than to legitimate cell towers by transmitting a stronger signal than that from the cell towers.
Law enforcement officers often use stingrays to locate and track the movement of potential suspects. While attempting to connect to a specific individual, stingrays connect data from all phones in the vicinity of the device.
A device that is infected with malware or spyware can track your location even if your location settings are turned off. Malware can also record your online activities, allow cybercriminals to steal personal information, or slow down your operating system.
To help protect your mobile device, consider getting a comprehensive security tool like McAfee Security for Mobile. It works for both Android and iOS devices and comes with an antivirus app that scans for threats and malware and blocks them in real-time.
While many reasons for tracking a phone’s location information are benign — such as seeing where a loved one might be — scammers and hackers may track phones in an attempt to steal personal data.
Luckily, some telltale signs can help you spot whether your phone is being tracked.
When your phone has spyware, the program continuously runs in the background and drains your battery. A battery that is losing power faster than normal is either due to an old battery or spyware.
Check your battery health to see if it is still strong. If you use an iPhone, follow these steps to check battery health. You’ll see a maximum capacity score that shows your battery power compared to when it was new. An older phone with a battery capacity of 75% could explain why your battery loses power throughout the day. If your battery capacity is 95% or 100% and it drains quickly, however, a virus could be to blame.
It’s a slightly different process to check the battery health on an Android device. Depending on the phone brand, you may need to download an app.
Using apps with high processing demands can cause your mobile device to heat up. A spyware app that tracks your device’s location will use GPS, which causes the phone to work harder and overheat. If you’re using your smartphone normally and it overheats, it could be a sign of malware.
If there are unfamiliar apps on your phone, someone may have tampered with it. The mystery app could be spyware.
If your phone launches activities that you didn’t initiate, an app might be running in the background. In some cases, malware needs to reboot your phone to install updates or change the phone’s settings.
A phone that automatically restarts lights up for no reason or makes noises during calls or texts could be infected with malware.
Here are answers to some common questions about phone tracking.
A phone that is turned off is difficult to track because it stops sending signals to cell towers. However, the service provider or internet provider can show the last location once it’s switched back on.
Even without cell service, Android devices and iPhones can be tracked. Your phone’s mapping apps can track your phone’s location without an internet connection.
The GPS works in two ways: It uses Assisted GPS or A-GPS when you have a data connection. This uses the locations of cellphone towers and known Wi-Fi networks to figure out where you are. It also uses data from GPS satellites for more precise information. The A-GPS needs data service to work, but the GPS radio can receive satellite information without data service.
Yes, your phone can be tracked when it’s in airplane mode. While it does turn off Wi-Fi and cellular services, airplane mode doesn’t turn off GPS (a different technology that sends and receives signals from GPS satellites). You’ll have to disable GPS on your device and turn on airplane mode to prevent your phone from being tracked.
Understanding how your phone can be tracked can help you protect your privacy. For greater peace of mind, though, it can help to have a mobile security tool like McAfee Security for Mobile to keep your Android or Apple device free from spyware.
Our all-inclusive mobile security tool safeguards your digital life by offering safe browsing, a secure VPN, and antivirus software. It actively protects you from malicious apps, like spyware, and unwanted visitors.
With a dedicated mobile security app, you can use your phone the way you want without worrying about cybercriminals tracking your information.
The post Can My Phone Be Tracked If Location Services Are Off? appeared first on McAfee Blog.
A virtual private network (VPN) is a tool that hides your geolocation and protects your privacy while you’re online. It does this by creating an encrypted tunnel from your home network to a VPN provider’s server.
When you buy an internet plan, your internet service provider (ISP) gives your equipment (like your router and modem) an Internet Protocol (IP) address. Your IP address helps you communicate with the broader internet by letting a website you’re on know where data is coming from and where to send it.
In other words, your IP address lets online companies know where you are. Most online businesses store IP addresses for data analysis, but cybercriminals can use your IP to track your activity online, steal your personal information, and target you for scams.
A VPN reroutes your internet through a server address with a different IP than your own. That way, no one online can trace your internet activity back to you. A VPN also encrypts your internet data to protect your personal information.
VPNs aren’t just for desktop computers, though. All sorts of devices — from iPads to smart TVs — can benefit from a VPN connection. If you’re the type of person who handles your finances or does business online using a mobile device, it’s wise to get a VPN to protect yourself.
This article will show you how to choose and install a VPN on your iPhone.
Here are a few of the main ways getting a VPN like McAfee Safe Connect VPN can benefit you:
The best VPN for you depends on your situation and what you plan to do online.
You’ll need a VPN that’s compatible with all of your devices. Many VPNs work with Windows, Android, macOS, Linux, and iOS. However, not all VPNs are compatible with every operating system. For instance, if you have an iPhone but someone else in your home has an Android, it’s important to choose a provider with an app in the Apple App Store and the Google Play Store.
Consider which features you’ll need:
Be careful when choosing a VPN service, though. Some free VPN services will still pass along your information to ad agencies. If online privacy is your main goal, you’ll want to find a VPN that doesn’t store logs of your internet activity or pass along your data.
VPN protocols also matter, and they vary in speed and security. For example, Point-to-Point Tunneling Protocol (PPTP) is a fast protocol, but it’s not as secure as other protocols like OpenVPN or Wireguard. Some VPN providers will let you use multiple protocols.
Finally, look for a VPN that’s easy to use. Some VPNs have convenient features like virtual setup and intuitive interfaces that make using them easier. Some providers will even give you a free trial to test out the VPN before committing to it. Be sure your VPN network also has a reliable support team to help you if you ever have problems.
We’ll show you how to complete VPN setup on your iPhone in the next few sections.
Go to the Apple App store on your iPhone and find an app for the VPN provider you’ve chosen. Tap “Get” and “Install” or double-check to install the app on your phone.
Open the VPN app. Create an account with the VPN provider. Sign up for the service.
You’ll have to enter your passcode after creating your account to allow a change in your phone’s VPN settings and enable the VPN.
You might have to manually configure your VPN if you need access to a private network at a business or school. Here’s how to manually enable a VPN to work on your iPhone:
After you’ve enabled the VPN on your iPhone settings, you’ll have to activate it when you want to use it. Here’s how you can make your VPN active:
Be sure to turn off your VPN whenever you’re not using it so it doesn’t use up your battery. It’s especially important to turn off your VPN if you’re on a limited plan from your provider.
A VPN is a great tool for keeping your internet connection private. When you install a VPN on your iPhone, you can enjoy the internet from anywhere knowing that your personal information has an extra layer of protection against advertisers and hackers.
Whether you use an Android or an iOS device, though, McAfee can help you stay safe online. With McAfee Security for Mobile, you can access quality security tools like a VPN and safe browsing.
Our award-winning app allows you to connect safely and seamlessly to the digital world while keeping unwanted visitors from entering your digital space. Enjoy one of our most comprehensive security technologies while living your best life online.
The post How to Set Up a VPN on an iPhone in 2022 appeared first on McAfee Blog.
The internet makes a lot of things in life easier. You can shop, pay your bills, and even book your next getaway. Unfortunately, the internet is also home to some less-than-savory characters who are looking to take sensitive information for personal gain.
Private information like credit card numbers, driver’s license numbers, phone numbers, and Social Security numbers (SSN) can fall into the wrong hands — leading to identity thieves opening new accounts, taking out loans, and even filing tax returns in their victims’ names.
Fortunately, victims of identity theft and concerned individuals can access several helpful resources designed to respond to or prevent identity theft through the Federal Trade Commission (FTC), such as IdentityTheft.gov. McAfee Identity Protection can also keep personal information secure with 24/7 monitoring and restoration support.
This article will explain some common types of identity theft and the resources you can turn to in case identity theft becomes an issue for you.
The internet is the place to be if you’re looking to shop, connect with others, and get access to all the information you could ever need. Obviously, we spend a lot of time online, and cybercriminals know that.
The good news is that a little information can go a long way in protecting your sensitive data. Some common types of identity theft include:
If you have any reason to believe your identity has been stolen, it’s important to report identity theft or suspicious activity to local police, financial institutions, and credit card companies as quickly as possible. You’ll also want to get a copy of your credit reports from each of the major credit bureaus by visiting annualcreditreport.com and routinely check all of your bank statements.
Identity theft can be scary, but several resources exist to help victims. Some key ID theft resources include the IRS, IdentityTheft.gov, IDtheftcenter.org, Fraud.org, and McAfee Total Protection.
The Internal Revenue Service (IRS) can help with tax-related identity theft. Tax-related identity theft victims may self-report or receive a notice or letter from the IRS about a suspiciously filed tax return. Signs of tax-related ID theft include receiving a tax transcript you didn’t ask for, getting a report of unknown wages or other income, or not being able to e-file because of a matching SSN.
Whether you report identity theft or suspicious activity to the IRS or they tell you, you’ll want to follow instructions to resolve any fraudulent tax issues. You may need to verify your identity with Letter 4883C or complete an Identity Theft Affidavit (Form 14039).
Once everything has been settled, the IRS will tag your account with an identity theft indicator for added protection in the future. In some circumstances, you may even receive an Identity Protection Pin (IP PIN) to use when filing an electronic or paper tax return.
IdentityTheft.gov is a federal resource that can help victims recover from identity theft. The site provides an overview of victim rights, sample letters you can use to dispute any fraudulent credit or debit card charges, and a checklist to track your progress.
IdentityTheft.gov can help with any identity theft, including that related to student loans and fraudulent unemployment insurance claims. You’ll need to explain your situation in great detail to receive a personalized recovery plan.
The Identity Theft Resource Center (ITRC) helps prevent, recover, and protect individuals and businesses from identity theft. This nonprofit organization provides information and assistance at no cost and can help with account takeovers, data breaches, email scams, and other fraudulent account activities. You can also sign up for ID Theft News and stay informed with newsletters and alerts.
Identity theft victims can use the online chat or call to speak with an adviser who can help figure out the next steps to take. They may suggest filing a police report, placing a credit freeze, and/or obtaining free credit report copies from the major credit bureaus, like Experian, TransUnion, and Equifax.
A project of the National Consumers League, Fraud.org collects and shares decades worth of consumer complaints related to fraud. With advocacy, education, and consumer counseling, Fraud.org helps consumers protect themselves from telemarketing and internet fraud.
Fraud.org raises awareness about many types of common and unexpected scams, including phony sweepstakes prizes, government grants and scholarships, online phishing for financial account numbers and other personal information, malware downloads, and the possibility of a financially disastrous ending after falling in love online.
You can sign up for fraud alerts or file a complaint on the secure website and Fraud.org will share your story with their network of law enforcement agencies.
Identity protection with McAfee Total Protection Ultimate provides around-the-clock email address and bank account monitoring, which includes $1 million of ID theft coverage on qualifying losses. As a subscriber, you’ll also gain access to hands-on restoration support to help with reclaiming your identity.
McAfee Total Protection can go wherever you go. Stay in the know on your tablet, laptop, or smartphone and receive critical alerts. The software also provides a Protection Score that can help you secure any weak areas that may leave you open to ID theft.
Use the internet your way and protect your sensitive information with 24/7 account monitoring and alerts. McAfee Total Protection adds an additional layer of security by keeping tabs on up to 60 unique types of personal information. We’ll also guide you through the best choices for prevention and alert you as soon as action is needed.
Get protection from data breaches and malicious software like viruses and malware and benefit from fraud alerts 10 months sooner than our competitors. Get the peace of mind that comes with knowing that McAfee is looking out for you and keeping your identity safe.
The post 5 Ways to Get Victim Assistance for Identity Theft appeared first on McAfee Blog.
So much of our personal and professional lives are online — from online banking to connecting with friends and family to unwinding after a long day with our favorite movies and shows. The internet is a pretty convenient place to be! Unfortunately, it can also be a convenient place for cybercriminals and identity theft.
One way these scammers may try to take advantage of someone is by trying to convince them to give up their personal information or click on links that download things like malware. They might try to appear as a trustworthy source or someone you personally know. This fake online communication is called “phishing.”
As we’ve all heard before, knowledge is power. By understanding what phishing is, how it works, and the signs to look for, you can help minimize your risk and get back to enjoying the internet the way it was intended. Here’s what you should know.
You’ve probably heard of the term “phishing,” but maybe you don’t know what it means. Here’s a quick overview of how it works.
Phishing is a type of cybercrime where scammers send communications that appear to be from trusted sources like a major corporation — basically, they’re trying to play off people’s trust through what is known as social engineering. They might request sensitive information like passwords, banking information, and credit card numbers. Hackers may then use this information to access your credit cards or bank accounts.
The thing with phishing attacks, though, is that they can come through several platforms, including:
We’ve mentioned that phishers are looking to get sensitive information, but what exactly are they after? The kind of information phishing scams are after might include:
Phishing scams can come in many forms, but understanding the common types of phishing attacks can help you keep identity thieves at bay. Here are some to be aware of:
A phishing email is a fraudulent email made to look like it’s from a legitimate company or person. It may ask you to provide personal information or click on a link that downloads malware. For example, an email allegedly from Bank of America notes that due to suspicious activity, you should log into your bank account to verify your information.
Fortunately, there are ways to spot a phishing cyberattack like this.
While some phishing emails are sent to a broad audience, spear phishing emails target specific individuals or businesses. This allows the scammers to research the recipient and customize the message to make it look more authentic.
Examples of spear phishing emails include:
One of the best defenses against spear phishing is to contact the source of an email to verify the request. Call the colleague who’s asking you to do a wire transfer or log onto your Amazon account to check for messages.
For this highly customized scam, scammers duplicate a legitimate email you might have previously received and add attachments or malicious links to a fake website. The email then claims to be a resend of the original. Clicking a malicious link can give spammers access to your contact list. Your contacts can then receive a fake email that appears to be from you.
While clone phishing emails look authentic, there are ways to spot them. They include:
Through vishing or voice phishing, scammers call you and try to persuade you to provide sensitive data. They might use caller ID spoofing to make the call appear to be from a local business or even your own telephone number. Vishing calls are usually robocalls that leave a voicemail or prompt you to push buttons for an operator. The intent is to steal credit card information or personal and financial information to be used in identity theft.
Fortunately, there are signs that give away these attacks. They include:
If you’d like to avoid vishing calls, there are several things you can do. When you don’t recognize the number, don’t answer the phone. Let the call go to voicemail, then block it if it isn’t legitimate. Use a call-blocking app to filter calls coming to your cellphone. To block calls on a landline, check with your service provider regarding the services offered.
Dealing with a cybercriminal is no time to be polite. If you do answer a vishing call, hang up as soon as you realize it. Don’t answer any questions, even with a yes or no. Your voice could be recorded and used for identity theft. If they ask you to push a button to be removed from a call list, don’t do it. You’ll just receive more calls.
If you receive a voicemail and are unsure if it’s legitimate, call the company directly using the phone number on the company website. Don’t call the number in the voicemail.
If you’ve ever received a text pretending to be from Amazon or FedEx, you’ve experienced smishing. Scammers use smishing (SMS phishing) messages to get people to click on malicious links with their smartphones. Some examples of common fraudulent text messages include:
If you receive a smishing text, don’t respond because it’ll cause you to receive more texts. Instead, delete the text and block the number.
Pop-up phishing occurs when you’re on a website and a fake pop-up ad appears. It encourages you to click a link or call a number to resolve the issue. Some of these reload repeatedly when you try to close them or freeze your browser.
Common pop-up scams include:
If you see a scam pop-up ad, don’t click on the ad or try to click the close button within the ad. Instead, close out of the browser window. If your browser is frozen, use the task manager to close the program on a PC. On a Mac, click the Apple icon and choose Force Quit.
Being online makes us visible to a lot of other people, including scammers. Fortunately, there are things you can do if you become a victim of phishing — allowing you to get back to enjoying the digital world. They include:
You deserve to live online freely. But that might mean taking steps to protect yourself from phishing attempts. Here are some ways you can improve your cybersecurity and keep scammers at bay:
You don’t have to stop enjoying the internet just because of phishing attempts. McAfee’s identity theft protection services, including antivirus software, make it possible to enjoy your digital world while staying safe from scammers and identity thieves.
With 24/7 active monitoring of your sensitive data, including up to 60 unique types of personal information, McAfee is all about proactive protection. This means you’ll be alerted 10 months sooner than our competitors — so you can take action before your data is used illegally. We also provide up to $1 million of ID theft coverage and hands-on restoration service in the case of a data breach.
The best part is that you can customize a package to meet your needs, including virus protection, identity theft monitoring, and coverage for multiple devices. We make it safer to surf the net.
The post What Is Phishing? appeared first on McAfee Blog.
Your mobile phone can do so many things, thanks to the wonders of technology. One of those things is having very accurate information about your location. In fact, some apps have to know your location to work.
Of course, you can’t expect Google Maps to function as it should without tracking your location. But you’re right to question why a messaging app like WhatsApp needs to know your whereabouts. When it comes to protecting your online privacy, the less information that third parties have about you, the better.
Keep reading to learn which mobile apps have location tracking and how you can revoke their access.
On an iPhone, apps can track your location, but only after giving them access first. Here’s how to check which apps can monitor your location:
If you have an Android device, you can check what permissions you’ve given to the app following these steps:
You’ll see the GPS tracking permissions you’ve granted. The apps you’ve allowed access to your location all the time will be under “Allowed all the time.” The apps that can track you while you’re using them will be under “Allowed only while in use.” And you’ll find the apps you’ve never granted permission under “Not allowed.”
Remember that some apps need location data to function properly. For instance, a navigation app like Apple Maps isn’t very useful if it doesn’t know where you are.
But whenever you want to turn off location tracking for particular apps, you can simply cancel their access.
If you have an iOS device, follow these steps:
To change the location setting for apps on an Android phone:
There are many reasons apps need to know your location history, such as personalizing your app experience. Not to mention that location tracking apps like Find My iPhone and family location-sharing apps like Life360 are very helpful for family members to keep track of their loved one’s location.
But simply speaking, the main reason apps track your location is because it’s profitable. Your information is sold to marketers, making it easier to show you ads you should be interested in.
This is why it’s always a good idea to check what apps access your location information. So, check them regularly, following the steps laid out above.
Common apps to watch for location tracking include:
Of course, navigation apps need to know your current location so that they can direct you to where you want to go. Getting access to your real-time location allows them to give you turn-by-turn directions. The apps also use a GPS tracker to help you find establishments like restaurants or gas stations nearby.
Ride-hailing apps like Uber and Lyft use your GPS location to let drivers know where to pick you up. Be careful about ride-hailing apps, though, because their tracking features are made to monitor your movement in the background. This means they can access your location all the time, even when the apps aren’t active.
So, if you’re not a regular ride-hail user, check these phone tracking apps when you’re not using them and turn off the location settings until you need them again.
Like most free apps, social media apps collect personal and location data so they can learn who you are. And everything they know about you is used for advertising purposes. This is why you might get “find my friends” suggestions and ads about cafes, stores, and everything else that’s available in your area.
Something to be aware of is that the ways social media apps like Facebook ask for permission to access your location data aren’t always straightforward. For instance, if you’re posting a photo, the app will ask you to “Turn on Location Services” to add a geo-tag. And if you do, they’ve got the green light to track your whereabouts.
When you check the news and weather forecast by using an app, the app asks for your location to provide you with information based on where you are.
Giving these apps your location can help with the user experience since you won’t have to search for local news or weather updates. But not giving the apps access to your phone location doesn’t affect how they operate.
Coupon apps like Flipp want as much information from you as possible to personalize your experience. Location sharing helps these apps provide you with the closest stores to shop and ongoing sales near you.
In the case of coupon apps, geofencing helps in their marketing quite a lot. With geofencing, apps use radio frequency identification (RFID), Wi-Fi, and GPS location to send ads at exactly the right moment to a target device. The ad can be sent as an SMS, email, or app notification when a cellphone enters or leaves a geofence.
An example would be a text message that says, “Today only! Spend $50 and get the item of the day for $0.99!” when a customer enters a grocery store.
Streaming apps like Netflix and Spotify may ask for your location so that you don’t get access to geo-restricted content. For instance, live streaming TV apps need your location to confirm regional blackouts and other features. But other than that, they don’t necessarily need to monitor your location to work.
Car insurance companies have found a way to use technology by offering discounts to clients who allow them to collect personal information and share location data. Some of the information they want include your phone use while driving, how fast you drive, or how sharply you brake. Insurance companies claim that their phone tracker apps collect data to reward good behavior and avoid accidents.
Our mobile phones are one of our most valuable possessions because we rely on them to get us through the day. That’s why it’s important to understand how information about you and your activities is used, shared, and sold.
The good news is that you can protect your digital life with McAfee Mobile Security, which allows you to connect safely and seamlessly to the digital world with a virtual private network (VPN). You’ll also have access to an antivirus app that regularly scans for online threats like malware.
This means you can use public hotspots, make bank transactions, and surf the web in a safe space. McAfee helps protect your credentials and personal information so that you can continue to enjoy the internet your way.
The post What Types of Apps Track Your Location? appeared first on McAfee Blog.