Login
If you want to protect your identity, finances, and privacy online, you have a pretty powerful tool at hand. It’s online protection software. Today’s protection is built to get that job done.
For starters, online protection has evolved tremendously over recent years, making it more comprehensive than ever. It goes far beyond antivirus. And it protects more than your devices. It protects you. Your identity. Your finances. Your privacy.
Given how much of daily life has shifted to our computers and phones, like our finances and shopping, there’s a strong case for getting comprehensive online protection in place.
Granted, we’re an online protection company. And of course, we hope you’ll give our protection like McAfee+ a close look. With that, a quick rundown of what it can do for you and your identity, finances, and privacy helps. In all, it shows just how comprehensive this protection gets.
You can keep tabs on your identity.
This form of protection starts with Identity Monitoring. It checks the dark web for your personal info, including email, government IDs, credit card and bank account numbers, and more. If any of it shows up on the dark web, it sends you an alert with guidance that can help protect you from identity theft.
Should the unexpected happen, our Identity Theft Coverage & Restoration can get you on the path to recovery. It offers up to $2 million in coverage for legal fees, travel, and funds lost because of identity theft. Further, a licensed recovery pro can do the work for you, taking the necessary steps to repair your identity and credit.
Another way identity thieves get what they want is through scam texts, emails, and messages. You can keep clear of their shady links with our new AI-powered Scam Protection. It automatically detects links that can send you to scam sites and other destinations that steal personal info. If you accidentally click? Don’t worry, we can block risky sites if you click on a suspicious link in texts, emails, social media, and more.
You can monitor your financial big picture all in one place.
As you conduct so many of your finances online, it only makes sense that you can keep tabs on them just as easily. Features like our Credit Monitoring keep an eye on changes to your credit score, report, and accounts with timely notifications and guidance so you can take action to tackle identity theft.
And if you spot something out of the ordinary, our Security Freeze can quickly stop unauthorized access. It freezes credit card, bank, and utility accounts and prevents thieves from opening new ones in your name.
Rounding things out, you also have transaction monitoring features. They track transactions on credit cards and bank accounts — shooting you a notice if unusual activity occurs. They also track retirement accounts, investments, and loans for questionable transactions. Finally, further features can help prevent a bank account takeover and keep others from taking out short-term payday loans in your name.
You can lock down your privacy.
Several features get the job done. Our Social Privacy Manager helps you adjust more than 100 privacy settings across your social media accounts in only a few clicks. This way, your personal info is only visible to the people you want to share it with.
Another big intrusion on your privacy comes at the hands of online data brokers. They drive a multi-billion-dollar industry by collecting, batching, and selling people’s personal info. To anyone. That includes hackers, spammers, and scammers who use it to their own ends. Yet you can get your info removed from some of the worst offenders out there. Personal Data Cleanup scans data broker sites and shows you which ones are selling your personal info and helps you remove it.
Another great tool for protecting your privacy comes in the form of a VPN. As a “virtual private network,” it encrypts your activity. Think of a VPN as a private tunnel for your internet traffic. It hides your search habits and history from those who might use that info to build a profile of you — whether to serve up targeted ads or to steal personal info for identity theft. In all, a VPN gives you one of the most secure ways you can go online.
The post How to Protect Your Identity, Finances, and Security Online appeared first on McAfee Blog.
The number of people who use VPNs (virtual private networks) continues to mushroom. Recent research shows that 46% of American adults now use a VPN — 23% of which use it for strictly personal purposes.[i] Within that mix, 43% said they use a free VPN service. Yet “free” VPNs often come with a price. Typically at the expense of your privacy.
A personal VPN establishes a secure tunnel over the internet, offering you both privacy and freedom from IP-based tracking. It protects your identity and financial info by encrypting, or scrambling, the data that flows through the tunnel. Moreover, it can mask your true location, making it appear as though you are connecting from somewhere else.
Sometimes a VPN is included in more robust security software, as it is in our McAfee+ plans. It’s also, but often it is a standalone tool, that is offered for a monthly subscription rate or for free. While it might be tempting to go for a free option, there are some serious considerations that you should take to heart.
Because free VPNs don’t charge a subscription, many make revenue indirectly through advertising. This means that users get bombarded with ads. And they get exposed to tracking by the provider. In fact, one study of 283 free VPN providers found that 72% included trackers.[ii] The irony is worth pointing out. Many people use VPNs to shroud their browsing from advertisers and other data collectors. Meanwhile, free VPNs often lead to that exact kind of exposure.
But beyond the frustration of ads, slowness, and upgrade prompts is the fact that some free VPN tools include malware that can put your sensitive info at risk. The same study found that 38% of the free VPN applications in the Google Play Store were found to have malware, such as keyloggers, and some even stole data from devices.
Also concerning is how these free providers handle your data. In one worrying case, security researchers uncovered seven VPN providers that gathered user logs despite pledges not to.[iii]
Clearly, many so-called “free” VPNs aren’t free at all.
VPNs are critical tools for enhancing our privacy and shouldn’t be an avenue opening the door to new risks. That’s why your best bet is to look for a paid VPN with the following features:
Unlimited bandwidth — You want your network connection to stay secure no matter how much time you spend online.
Speedy performance — We all know how frustrating a sluggish internet connection can be when you are trying to get things done. Whether connecting for productivity, education, or entertainment, we’re all dependent on bandwidth. That’s why it’s important to choose a high-speed VPN that enhances your privacy, without sacrificing the quality of your connection.
Multiple device protection — These days many of us toggle between mobile devices, laptops, and computers, so they should all be able to connect securely.
Less battery drain — Some free mobile VPNs zap your battery life, making users less likely to stay protected. You shouldn’t have to choose between your battery life and safeguarding your privacy.
Ease of use — For technology to really work, it has to be convenient. After all, these technologies should power your connected life, not serve as a hindrance.
Fortunately, we don’t have to sacrifice convenience, or pay high prices, for a VPN that can offer a high level of privacy and protection. A comprehensive security suite like McAfee+ includes our standalone VPN with auto-renewal and takes the worry out of connecting, so you can focus on what’s important to you and your family, and enjoy quality time together.
[i] https://www.security.org/resources/vpn-consumer-report-annual/
[ii] https://www.icir.org/vern/papers/vpn-apps-imc16.pdf
[iii] https://www.pcmag.com/news/7-vpn-services-found-recording-user-logs-despite-no-log-pledge
The post How Free VPNs Come With a Price appeared first on McAfee Blog.
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called “likely the world’s largest botnet ever.” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.
The Cloud Router homepage, which was seized by the FBI this past weekend. Cloud Router was previously called 911 S5.
On May 24, authorities in Singapore arrested the alleged creator and operator of 911 S5, a 35-year-old Chinese national named YunHe Wang. In a statement on his arrest today, the DOJ said 911 S5 enabled cybercriminals to bypass financial fraud detection systems and steal billions of dollars from financial institutions, credit card issuers, and federal lending programs.
For example, the government estimates that 560,000 fraudulent unemployment insurance claims originated from compromised Internet addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion.
“Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5,” the DOJ wrote. “Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5.”
From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States.
911 S5 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.
911 S5’s reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that “last mile” of cybercrime. Namely, the ability to route one’s malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied.
The prices page for 911 S5, circa July 2022. $28 would let users cycle through 150 proxies on this popular service.
KrebsOnSecurity first identified Mr. Wang as the proprietor of the popular service in a deep dive on 911 S5 published in July 2022. That story showed that 911 S5 had a history of paying people to install its software by secretly bundling it with other software — including fake security updates for common programs like Flash Player, and “cracked” or pirated commercial software distributed on file-sharing networks.
Ten days later, 911 S5 closed up shop, claiming it had been hacked. But experts soon tracked the reemergence of the proxy network by another name: Cloud Router.
The announcement of Wang’s arrest came less than 24 hours after the U.S. Department of the Treasury sanctioned Wang and two associates, as well as several companies the men allegedly used to launder the nearly $100 million in proceeds from 911 S5 and Cloud Router customers.
Cloud Router’s homepage now features a notice saying the domain has been seized by the U.S. government. In addition, the DOJ says it worked with authorities in Singapore, Thailand and Germany to search residences tied to the defendant, and seized approximately $30 million in assets.
The Cloud Router homepage now features a seizure notice from the FBI in multiple languages.
Those assets included a 2022 Ferrari F8 Spider S-A, a BMW i8, a BMW X7 M50d, a Rolls Royce, more than a dozen domestic and international bank accounts, over two dozen cryptocurrency wallets, several luxury wristwatches, and 21 residential or investment properties.
The government says Wang is charged with conspiracy to commit computer fraud, substantive computer fraud, conspiracy to commit wire fraud, and conspiracy to commit money laundering. If convicted on all counts, he faces a maximum penalty of 65 years in prison.
Brett Leatherman, deputy assistant director of the FBI’s Cyber Division, said the DOJ is working with the Singaporean government on extraditing Wang to face charges in the United States.
Leatherman encouraged Internet users to visit a new FBI webpage that can help people determine whether their computers may be part of the 911 S5 botnet, which the government says spanned more than 19 million individual computers in at least 190 countries.
Leatherman said 911 S5 and Cloud Router used several “free VPN” brands to lure consumers into installing the proxy service, including MaskVPN, DewVPN, PaladinVPN, Proxygate, Shield VPN, and ShineVPN.
“American citizens who didn’t know that their IP space was being utilized to attack US businesses or defraud the U.S. government, they were unaware,” Leatherman said. “But these kind of operations breed that awareness.”
The U.S. Department of the Treasury today unveiled sanctions against three Chinese nationals for allegedly operating 911 S5, an online anonymity service that for many years was the easiest and cheapest way to route one’s Web traffic through malware-infected computers around the globe. KrebsOnSecurity identified one of the three men in a July 2022 investigation into 911 S5, which was massively hacked and then closed ten days later.
The 911 S5 botnet-powered proxy service, circa July 2022.
From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States.
911 built its proxy network mainly by offering “free” virtual private networking (VPN) services. 911’s VPN performed largely as advertised for the user — allowing them to surf the web anonymously — but it also quietly turned the user’s computer into a traffic relay for paying 911 S5 customers.
911 S5’s reliability and extremely low prices quickly made it one of the most popular services among denizens of the cybercrime underground, and the service became almost shorthand for connecting to that “last mile” of cybercrime. Namely, the ability to route one’s malicious traffic through a computer that is geographically close to the consumer whose stolen credit card is about to be used, or whose bank account is about to be emptied.
In July 2022, KrebsOnSecurity published a deep dive into 911 S5, which found the people operating this business had a history of encouraging the installation of their proxy malware by any means available. That included paying affiliates to distribute their proxy software by secretly bundling it with other software.
A cached copy of flashupdate dot net, a pay-per-install affiliate program that incentivized the silent installation of 911’s proxy software.
That story named Yunhe Wang from Beijing as the apparent owner or manager of the 911 S5 proxy service. In today’s Treasury action, Mr. Wang was named as the primary administrator of the botnet that powered 911 S5.
“A review of records from network infrastructure service providers known to be utilized by 911 S5 and two Virtual Private Networks (VPNs) specific to the botnet operation (MaskVPN and DewVPN) showed Yunhe Wang as the registered subscriber to those providers’ services,” reads the Treasury announcement.
Update, May 29, 12:26 p.m. ET: The U.S. Department of Justice (DOJ) just announced they have arrested Wang in connection with the 911 S5 botnet. The DOJ says 911 S5 customers have stolen billions of dollars from financial institutions, credit card issuers, and federal lending programs.
“911 S5 customers allegedly targeted certain pandemic relief programs,” a DOJ statement on the arrest reads. “For example, the United States estimates that 560,000 fraudulent unemployment insurance claims originated from compromised IP addresses, resulting in a confirmed fraudulent loss exceeding $5.9 billion. Additionally, in evaluating suspected fraud loss to the Economic Injury Disaster Loan (EIDL) program, the United States estimates that more than 47,000 EIDL applications originated from IP addresses compromised by 911 S5. Millions of dollars more were similarly identified by financial institutions in the United States as loss originating from IP addresses compromised by 911 S5.”
The sanctions say Jingping Liu was Yunhe Wang’s co-conspirator in the laundering of criminally derived proceeds generated from 911 S5, mainly virtual currency. The government alleges the virtual currencies paid by 911 S5 users were converted into U.S. dollars using over-the-counter vendors who wired and deposited funds into bank accounts held by Liu.
“Jingping Liu assisted Yunhe Wang by laundering criminally derived proceeds through bank accounts held in her name that were then utilized to purchase luxury real estate properties for Yunhe Wang,” the document continues. “These individuals leveraged their malicious botnet technology to compromise personal devices, enabling cybercriminals to fraudulently secure economic assistance intended for those in need and to terrorize our citizens with bomb threats.”
The third man sanctioned is Yanni Zheng, a Chinese national the U.S. Treasury says acted as an attorney for Wang and his firm — Spicy Code Company Limited — and helped to launder proceeds from the business into real estate holdings. Spicy Code Company was also sanctioned, as well as Wang-controlled properties Tulip Biz Pattaya Group Company Limited, and Lily Suites Company Limited.
Ten days after the July 2022 story here on 911 S5, the proxy network abruptly closed up shop, citing a data breach that destroyed key components of its business operations.
In the months that followed, however, 911 S5 would resurrect itself under a different name: Cloud Router. That’s according to spur.us, a U.S.-based startup that tracks proxy and VPN services. In February 2024, Spur published research showing the Cloud Router operators reused many of the same components from 911 S5, making it relatively simple to draw a connection between the two.
The Cloud Router homepage, which according to Spur has been unreachable since this past weekend.
Spur found that Cloud Router was being powered by a new VPN service called PaladinVPN, which made it much more explicit to users that their Internet connections were going to be used to relay traffic for others. At the time, Spur found Cloud Router had more than 140,000 Internet addresses for rent.
Spur co-founder Riley Kilmer said Cloud Router appears to have suspended or ceased operations sometime this past weekend. Kilmer said the number of proxies advertised by the service had been trending downwards quite recently before the website suddenly went offline.
Cloud Router’s homepage is currently populated by a message from Cloudflare saying the site’s domain name servers are pointing to a “prohibited IP.”
In January 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a directive (with an update in February) mandating that all U.S. Federal agencies take Ivanti systems offline… Read more on Cisco Blogs
Security service edge (SSE) technology was created to protect remote and branch users with a unified, cloud-delivered security stack. To understand how SSE solutions protect organizations and their… Read more on Cisco Blogs
You can almost feel it in the air. Wi-Fi is everywhere. And if you tap into public Wi-Fi, do it with a VPN.
The keyword in public Wi-Fi is “public.” That means anyone else on the network can see what you’re connecting to and what data you’re passing along, with a little effort. Your credit card number while you shop. Your password when you bank. That confidential contract you just sent to a client. And your logins for social media too. It’s all an open book to anyone who has the tools to snoop.
What tools let them snoop? Network analyzers, or packet sniffers as many call them, can read the data traffic that travels across a network. And because public Wi-Fi networks are open, so is the data traffic — loaded with your credentials, personal info, and so on. A bad actor can gather up data with a packet sniffer, analyze it, and pluck out the sensitive bits of information that are of value.
This is where a VPN comes in. It makes any network private. Even on public Wi-Fi.
Let’s take a look at what a VPN is, how it works, and why it’s your friend on public Wi-Fi.
A VPN is an app that you install on your device to help keep your data safe as you browse the internet. When you turn on your VPN app, your device makes a secure connection to a VPN server that routes internet traffic. Securely. This keeps your online activity private on any network, shielding it from prying eyes. Thus, while you’re on a VPN, you can browse and bank with the confidence that your passwords, credentials, and financial information are secure. If any malicious actors attempt to intercept your web traffic, they’ll only see garbled content, thanks to your VPN’s encryption functionality.
Every internet connection is assigned a unique set of numbers called an IP address, which is tied to information such as geographic location or an Internet Service Provider (ISP). A VPN replaces your actual IP address to make it look like you’ve connected to the internet from the physical location of the VPN server, rather than your real location. This is just one reason so many people use VPNs.
To change your IP address, you open your VPN app, select the server location you’d like to connect to, and you’re done. You’re now browsing with a new IP address.
An ideal case for using a VPN is when you’re using public Wi-Fi at the airport, a café, hotel, or just about any place “free Wi-Fi” is offered. The reason being is that these are open networks, and any somewhat enterprising cybercriminal can tap into these networks and harvest sensitive information as a result. One survey showed that 39% of internet users worldwide understand public Wi-Fi is unsafe, yet some users still bank, shop, and do other sensitive things on public Wi-Fi despite the understood risks.
Further, you have your privacy to consider. You can use a VPN to help stop advertisers from tracking you. Searches you perform and websites you visit won’t get traced back to you, which can prevent advertisers from gleaning information about you and your online habits in general. Moreover, some ISPs collect the browsing history of their users and share it with advertisers and other third parties. A VPN can prevent this type of collection as well.
A VPN protects your search history through the secure connection you share. When you search for a website, or type a URL into your navigation bar, your device sends something called a DNS request, which translates the website into the IP address of the web server. This is how your browser can find the website and serve its content to you. By encrypting your DNS requests, a VPN can hide your search habits and history from those that might use that info as part of building a profile of you. Others might use this info in a wide variety of ways, from legitimately serving targeted ads to nefarious social engineering.
Note that a VPN is quite different and far, far more comprehensive than using “Private Mode” or “Incognito Mode” on your browser. Those modes only hide your search history locally on your device—not from others on the internet, like ISPs and advertisers.
No, a VPN can’t make you anonymous. Not entirely anyway. They help secure what you’re doing, but your ISP still knows when you’re using the internet. They just can’t see what you’re doing, what sites you visit, or how long you’ve been on a site.
Apple’s Private Relay is similar to a VPN in that it changes your IP address so websites you visit can’t tell exactly where you are. It works on iOS and Macs as part of an iCloud+ subscription. Yet there is one important distinction: it only protects your privacy while surfing with the Safari browser.
Per Apple, it works like this:
When Private Relay is enabled, your requests are sent through two separate, secure internet relays. Your IP address is visible to your network provider and to the first relay, which is operated by Apple. Your DNS records are encrypted, so neither party can see the address of the website you’re trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested, and connects you to the site. All of this is done using the latest internet standards to maintain a high-performance browsing experience while protecting your privacy.
Check to see if Apple Private Relay is available in your country or region. If you travel somewhere that Private Relay isn’t available, it’ll automatically turn off and will notify you when it’s unavailable and once more when it’s active again. You can learn more about it here , and how you can enable it on your Apple devices.
Private Relay only works with Safari on iOS and macOS as part of an iCloud+ subscription. Even if you are using an Apple device, a VPN is still a good idea because it’ll protect the information that your device sends outside of Safari — such as any info passed along by your apps or any other browsers you might use.
An unlimited VPN with bank-grade encryption comes as part of your McAfee+ subscription and provides the security and privacy benefits above with bank-grade encryption. Additionally, it turns on automatically any time you connect to an unsecured Wi-Fi network, which takes the guesswork out of when you absolutely need to use it.
In all, our VPN makes it practically impossible for cybercriminals or advertisers to access so that what you do online remains anonymous, so you can enjoy your time online with confidence.
The post On Public Wi-Fi, a VPN is Your Friend appeared first on McAfee Blog.
The first of August marks the celebration of World Wide Web Day – a day dedicated to the global network that powers our online activity, creating a wealth of knowledge at our fingertips. The World Wide Web (WWW) has revolutionized the way we communicate, learn, and explore, becoming an integral part of our daily lives. With the importance of the internet only growing stronger, it’s only fitting to honor the World Wide Web with a special day of commemoration. But with the internet comes risks, and it’s important to make sure your family is protected from potential threats. Here are some tips and tricks to keep your family safe online.
Phishing scams are a type of fraud that involves sending emails or other messages that appear to be from a legitimate source. The goal of these messages is to trick users into providing personal information such as passwords, credit card numbers, and bank account details. To protect against phishing scams, teach your family to:
Identity theft is a crime in which someone uses another person’s personal information to commit fraud or other crimes. Teach your family to protect against identity theft by:
A virtual private network (VPN) is a type of technology that provides a secure connection to a private network over the internet. A VPN can help protect your family’s online activity by encrypting the data and hiding your online activity from others. To ensure your family’s online safety, teach them to:
Strong passwords are an important part of online security. Teach your family to create strong passwords and to never share them with anyone. Additionally, use a password manager to store and manage your family’s passwords. A password manager can help by:
To conclude, celebrations on World Wide Web Day allow us to give thanks for the incredible world of knowledge, commerce, entertainment, communication, and innovation that the internet has provided, and continues to provide for us all. By following these tips and tricks, your family can stay safe online and enjoy all the benefits of the internet. Happy World Wide Web Day!
The WWW has enabled us to achieve so many things that were simply impossible before. From the ability to catch up with friends and family across the globe to finding information about virtually any topic, the power of the internet is remarkable. In fact, the World Wide Web has significantly enriched our lives in countless ways.
Did you know that the first-ever image posted on the World Wide Web was a photo of Les Horribles Cernettes, a parody pop band founded by employees at CERN? It was uploaded in 1992 by Sir Tim Berners-Lee, who used a NeXT computer as the first-ever web server. And although we use the term “surfing the net” regularly, do you know who actually coined the phrase? A librarian by the name of Jean Armour Polly wrote an article titled “Surfing the Internet” in the Wilson Library Bulletin at the University of Minnesota in 1992.
There are many other remarkable facts about the World Wide Web, including its growth over the years. By the start of the year 1993, there were only 50 servers worldwide, but that number had grown to over 500 by October of the same year. Advances in data compression enabled media streaming to happen over the web, which was previously impractical due to high bandwidth requirements for uncompressed media. Although the number of websites online was still small in comparison to today’s figure, notable sites such as Yahoo! Directory and Yahoo! Search were launched in 1994 and 1995, respectively, marking the beginning of web commerce.
On World Wide Web Day, you can celebrate by exploring the capabilities of the internet and discovering how it has changed over the years. Many organizations worldwide host events featuring conversations and interviews with technology leaders, entrepreneurs, and creators. There are also different talks, activities, and discussions online that you can join, allowing you to delve deeper into the history and potential of the World Wide Web. You could even consider running an event at your local business to market the day and celebrate what WWW has done for us all!
The post World Wide Web Day: How to Protect Your Family Online appeared first on McAfee Blog.
Do you remember the days of printing out directions from your desktop? Or the times when passengers were navigation co-pilots armed with a 10-pound book of maps? You can thank location services on your smartphone for today’s hassle-free and paperless way of getting around town and exploring exciting new places.
However, location services can prove a hassle to your online privacy when you enable location sharing. Location sharing is a feature on many connected devices – smartphones, tablets, digital cameras, smart fitness watches – that pinpoints your exact location and then distributes your coordinates to online advertisers, your social media following, or strangers.
While there are certain scenarios where sharing your location is a safety measure, in most cases, it’s an online safety hazard. Here’s what you should know about location sharing and the effects it has on your privacy.
Location sharing is most beneficial when you’re unsure about new surroundings and want to let your loved ones know that you’re ok. For example, if you’re traveling by yourself, it may be a good idea to share the location of your smartphone with an emergency contact. That way, if circumstances cause you to deviate from your itinerary, your designated loved one can reach out and ensure your personal safety.
The key to sharing your location safely is to only allow your most trusted loved one to track the whereabouts of you and your connected device. Once you’re back on known territory, you may want to consider turning off all location services, since it presents a few security and privacy risks.
In just about every other case, you should definitely think twice about enabling location sharing on your smartphone. Here are three risks it poses to your online privacy and possibly your real-life personal safety:
Does it sometimes seem like your phone, tablet, or laptop is listening to your conversations? Are the ads you get in your social media feeds or during ad breaks in your gaming apps a little too accurate? When ad tracking is enabled on your phone, it allows online advertisers to collect your personal data that you add to your various online accounts to better predict what ads you might like. Personal details may include your full name, birthday, address, income, and, thanks to location tracking, your hometown and regular neighborhood haunts.
If advertisers kept these details to themselves, it may just seem like a creepy invasion of privacy; however, data brokerage sites may sell your personally identifiable information (PII) to anyone, including cybercriminals. The average person has their PII for sale on more than 30 sites and 98% of people never gave their permission to have their information sold online. Yet, data brokerage sites are legal.
One way to keep your data out of the hands of advertisers and cybercriminals is to limit the amount of data you share online and to regularly erase your data from brokerage sites. First, turn off location services and disable ad tracking on all your apps. Then, consider signing up for McAfee Personal Data Cleanup, which scans, removes, and monitors data brokerage sites for your personal details, thus better preserving your online privacy.
Location sharing may present a threat to your personal safety. Stalkers could be someone you know or a stranger. Fitness watches that connect to apps that share your outdoor exercising routes could be especially risky, since over time you’re likely to reveal patterns of the times and locations where one could expect to run into you.
Additionally, stalkers may find you through your geotagged social media posts. Geotagging is a social media feature that adds the location to your posts. Live updates, like live tweeting or real-time Instagram stories, can pinpoint your location accurately and thus alert someone on where to find you.
Social engineering is an online scheme where cybercriminals learn all there is about you from your social media accounts and then use that information to impersonate you or to tailor a scam to your interests. Geotagged photos and posts can tell a scammer a lot about you: your hometown, your school or workplace, your favorite café, etc.
With these details, a social engineer could fabricate a fundraiser for your town, for example. Social engineers are notorious for evoking strong emotions in their pleas for funds, so beware of any direct messages you receive that make you feel very angry or very sad. With the help of ChatGPT, social engineering schemes are likely going to sound more believable than ever before. Slow down and conduct your own research before divulging any personal or payment details to anyone you’ve never met in person.
Overall, it’s best to live online as anonymously as possible, which includes turning off your location services when you feel safe in your surroundings. McAfee+ offers several features to improve your online privacy, such as a VPN, Personal Data Cleanup, and Online Account Cleanup.
The post 3 Reasons to Think Twice About Enabling Location Sharing appeared first on McAfee Blog.
With the number of cyber threats and breaches dominating the headlines, it can seem like a Herculean task to cover all your cybersecurity bases. We’re aware that there are ten sections on this cybersecurity awareness checklist, but it won’t take hours and hours to tick every box. In fact, some of these areas only require you to check a box on your device or invest in the cybersecurity tools that will handle the rest for you. Also, you may already be doing some of these things!
It’s easy to be cyber smart. Here are the cybersecurity awareness basics to instantly boost your safety and confidence in your online presence.
Software update notifications always seem to ping on the outskirts of your desktop and mobile device at the most inconvenient times. What’s more inconvenient though is having your device hacked. One easy tip to improve your cybersecurity is to update your device software whenever upgrades are available. Most software updates include security patches that smart teams have created to foil cybercriminals. The more outdated your apps or operating system is, the more time criminals have had to work out ways to infiltrate them.
Enabling automatic updates on all your devices only takes a few clicks or taps. Many major updates occur in the early hours of the morning, meaning that you’ll never know your devices were offline. You’ll just wake up to new, secure software!
Just because social media personalities document their entire days literally from the moment they wake up, doesn’t mean you should do the same. It’s best to leave some details about your life a mystery from the internet for various reasons.
The best way to avoid all of the above is to set your online profiles to private and edit your list of followers to only people you have met in real life and trust. Also, you may want to consider revising what you post about and how often.
If you genuinely love sharing moments from your daily life, consider sending a newsletter to a curated group of close friends and family. Aspiring influencers who still wants to capture and publish every aspect of their daily lives should be extremely careful about keeping sensitive details about themselves private, such as blurring their house number, not revealing their hometown, turning off location services, and going by a nickname instead of their full legal name.
Most sites won’t even let you proceed with creating an account if you don’t have a strong enough password. A strong password is one with a mix of capital and lowercase letters, numbers, and special characters. What also makes for an excellent password is one that’s unique. Reusing passwords can be just as risky as using “password123” or your pet’s name plus your birthday as a password. A reused password can put all your online accounts at risk, due to a practice called credential stuffing. Credential stuffing is a tactic where a cybercriminal attempts to input a stolen username and password combination in dozens of random websites to see which doors it opens.
Remembering a different password for each of your online accounts is almost an impossible task. Luckily, password managers make it so you only have to remember one password ever again! Password managers safeguard all your passwords in one secure desktop extension or smartphone app that you can use anywhere.
It’s best to create passwords or passphrases that have a secret meaning that only you know. Stay away from using significant dates, names, or places, because those are easier to guess. You can also leave it up to your password manager to randomly generate a password for you. The resulting unintelligible jumble of numbers, letters, and symbols is virtually impossible for anyone to guess.
Not all corners of the internet are safe to visit. Some dark crevices hide malware that can then sneak onto your device without you knowing. There are various types of malware, but the motive behind all of them is the same: To steal your personally identifiable information (PII) or your device’s power for a cybercriminal’s own financial gain.
Sites that claim to have free downloads of TV shows, movies, and games are notorious for harboring malware. Practice safe downloading habits, such as ensuring the site is secure, checking to see that it looks professional, and inspecting the URLs for suspicious file extensions.
Additionally, not all internet connections are free from prying eyes. Public Wi-Fi networks – like those in cafes, libraries, hotels, and transportation hubs – are especially prone. Because anyone can connect to a public network without needing a password, cybercriminals can digitally eavesdrop on other people on the same network. It’s unsafe to do your online banking, shopping, and other activities that deal with your financial or sensitive personal information while on public Wi-Fi.
However, there is one way to do so safely, and that’s with a virtual private network (VPN). A VPN is a type of software you can use on your smartphone, tablet, laptop, or desktop. It encrypts all your outgoing data, making it nearly impossible for a cybercriminal to snoop on your internet session.
You’ve likely already experienced a phishing attempt, whether you were aware of it or not. Phishing is a common tactic used to eke personal details from unsuspecting or trusting people. Phishers often initiate contact through texts, emails, or social media direct messages, and they aim to get enough information to break into your online accounts or to impersonate you.
AI text generator tools are making it more difficult to pinpoint a phisher, as messages can seem very humanlike. Typos and nonsensical sentences used to be the main indicator of a phishing attempt, but text generators generally use correct spelling and grammar. Here are a few tell-tale signs of a phishing attempt:
Never engage with a phishing attempt. Do not forward the message or respond to them and never click on any links included in their message. The links could direct to malicious sites that could infect your device with malware or spyware.
Before you delete the message, block the sender, mark the message as junk, and report the phisher. Reporting can go a long way toward hopefully preventing the phisher from targeting someone else.
When a security breach occurs, you can be sure that the news will report it. Plus, it’s the law for companies to notify the Federal Trade Commission of a breach. Keep a keen eye on the news and your inbox for notifications about recent breaches. Quick action is necessary to protect your personal and financial information, which is why you should be aware of current events.
The moment you hear about a breach on the news or see an email from a company to its customers about an incident, change your account’s password and double check your account’s recent activity to ensure nothing is amiss. Then await further action communicated through official company correspondences and official channels.
Cybercriminals aren’t above adding insult to injury and further scamming customers affected in breaches. Phishers may spam inboxes impersonating the company and sending malware-laden links they claim will reset your password. Continue to scrutinize your messages and keep an eye on the company’s official company website and verified social media accounts to ensure you’re getting company-approved advice.
One great mantra to guide your cybersecurity habits is: If you connect it, protect it. This means that any device that links to the internet should have security measures in place to shield it from cybercriminals. Yes, this includes your smart TV, smart refrigerator, smart thermostat, and smart lightbulbs!
Compose a list of the smart home devices you own. (You probably have more than you thought!) Then, make sure that every device is using a password you created, instead of the default password the device came with. Default passwords can be reused across an entire line of appliances. So, if a cybercriminal cracks the code on someone else’s smart washing machine, that could mean they could weasel their way into yours with the same password.
Another way to secure your connected home devices is by enabling two-factor authentication (2FA). This usually means enrolling your phone number or email address with the device and inputting one-time codes periodically to log into the connected device. 2FA is an excellent way to frustrate a cybercriminal, as it’s extremely difficult for them to bypass this security measure. It may add an extra 15 seconds to your login process, but the peace of mind is worth the minor inconvenience.
Finally, encase your entire home network with a secure router, or the device that connects your home Wi-Fi network to the internet. Again, change the password from the factory setting. And if you decide to rename the network, have fun with it but leave your name and address out of the new name.
When flip phones arrived on the scene in the 1990s and early 2000s, the worst that happened when they went missing was that you lost a cache of your stored text messages and call history. Now, when you misplace or have your smartphone stolen, it can seem like your whole online life vanished. Mobile devices store a lot of our sensitive information, so that’s why it’s key to not only safeguard your accounts but the devices that house them.
The best way to lock your device against anyone but yourself is to set up face or fingerprint ID. This makes it virtually impossible for a criminal to open your device. Also, passcode- or password-protect all your devices. It may seem like an inconvenience now, but your fingers will soon be able to glide across the keyboard or number pad fluently in just a few days, adding maybe an extra second to opening your device.
Another way to safeguard your device and the important information within it is to disable your favorite internet browser from auto-filling your passwords and credit card information. In the hands of a criminal, these details could lead to significant losses. A password manager here comes in handy for quick and secure password and username inputting.
Credit experts recommend checking your credit at least once yearly, but there’s no harm in checking your credit score more often. It’s only hard inquiries (or credit checks initiated by lenders) that may lower your credit score. Consider making it a habit to check your credit once every quarter. The first signs of identity theft often appear in a drastically lower credit score, which means that someone may be opening lines of credit in your name.
Also, if you’re not planning to apply for a new credit card or a loan anytime soon, why not lock your credit so no one can access it? A credit freeze makes it so that no one (yourself included) can touch it, thus keeping it out of the hands of thieves.
Picking up the pieces after a thief steals your identity is expensive, tedious, and time-consuming. Identity remediation includes reaching out to all three credit bureaus, filing reports, and spending hours tracking down your PII that’s now strewn across the internet.
Identity protection services can guard your identity so you hopefully avoid this entire scenario altogether. McAfee identity monitoring tracks the dark web for you and alerts you, on average, ten months sooner that something is amiss when compared to similar services. And if something does happen to your identity, McAfee identity restoration services offers $1 million in identity restoration and lends its support to help you get your identity and credit back in order.
The best complement to your newfound excellent cyber habits is a toolbelt of excellent services to patch any holes in your defense. McAfee+ includes all the services you need to boost your peace of mind about your online identity and privacy. You can surf public Wi-Fi safely with its secure VPN, protect your device with antivirus software, freeze your credit with security freeze, keep tabs on your identity, and more!
The post 10 Easy Things You Can Do Today to Improve Your Cybersecurity appeared first on McAfee Blog.
Your summer vacation is approaching quickly! You can’t wait to take time away from your responsibilities, jump out of your daily routine, and splash into a new adventure. You may be taking time off, but you can be sure cybercriminals won’t take a break. While traveling, you may encounter scams, theft, and identity theft that put your personal information, devices, and online privacy in jeopardy.
McAfee’s Safer Summer Holidays Travel Report surveyed 7,000 people across seven countries to discover how safe it is to plan and book travel online, and how cautious people are when interacting with digital tools while traveling abroad. The infographic below details the key insights.
The research reveals 30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel. 34% of those who had money stolen have lost over $1,000 before their trip has even begun, while 66% lost up to $1,000.
62% of all vacationers will travel domestically this year and 42% will do so internationally. With inflation and the cost-of-living crisis, the research reveals new concerns for leisure-seekers who, in their quest for a good deal, may be more likely to fall for a scam. With 94% of people booking travel online this year, it can be easy to get lured into a deal that’s too good to be true. In today’s economic environment, adults are more likely to seek out a bargain deal online (56%), move quickly to snap up a deal (45%), try a new booking site (35%) and even a new destination (36%), in order to save money. However, travel seekers need to stay vigilant to avoid falling for a scam.
Travel scams can take many forms, with the research finding 14% of all adults have been tricked into making payments through fraudulent platforms and 18% have had their identity stolen when booking online. Of this portion, 7% entered passport information and 11% provided other personally identifiable information to a fake website.
The research also uncovered a discrepancy between people’s sentiments and behaviors, as well as online safety best practices when travelling. In total, 61% of people are more concerned about digital threats than physical ones, such as being pickpocketed, and 85% of adults hold either some or high concern around their identity being compromised as part of their travel. Despite this, 48% admitted to being less security conscious when on holiday. Whether it’s connecting to Wi-Fi networks even though they look a bit suspicious (22%), using a free USB charging port at an airport or train station (26%), or leaving their Netflix account logged in after checking out of their accommodation (17%), significant numbers of people have engaged in activities that could put them at increased risk of crime while traveling.
It’s not that people are unaware of the dangers either. While 44% of people think their personal information is less secure when they connect to the internet while on vacation, less than half (43%) make use of any services to monitor the safety of their online identity, and 50% don’t use a VPN while on vacation. Of those that do, 20% only do so because they want to stream geo-specific content.
Knowing the risks doesn’t stop travelers from engaging in the behavior. While social media is by far the most common online activity for people to use their phones for while on vacation (60%), also common are chatting with friends and family (55%), online banking (35%) and sending money via apps such as PayPal or Venmo (22%).
“People are often more relaxed and carefree when away from home, but it’s never been more important to remain vigilant when traveling,” says Cagla Ruacan, McAfee’s Head of Product Strategy and Insights. “From the moment you open your laptop to book a vacation, to when you log into airport Wi-Fi while waiting for the flight home, staying alert and taking precautions helps keep yourself and your loved ones safe from online travel scams. Taking early and proactive steps to manage your security, privacy and online identity means you’ll be able to more safely and confidently enjoy your well-earned vacation.”
When you lose your mobile phone, you’re not just losing an expensive gadget. You’re also losing control of all the valuable personally identifiable information (PII) stored on it. Be especially aware of your surroundings when you’re on vacation. Pickpockets like to congregate in tourist hotspots, at home and abroad. They take advantage of distracted out-of-towners or awestruck sightseers who are less aware of suspicious behavior.
Before you leave, familiarize yourself with common pickpocketing schemes. For example, if a stranger on the street asks you the time, avoid eye contact and keep walking. In this scam, the stranger will comment on your watch or try to strike up a conversation while their partner scopes out your back pockets. It seems impolite to ignore someone, but if they truly need to know the time, they can ask someone else. Also, how many people are there who don’t have a time-telling device on them?
When walking around a city or taking public transportation, keep your phone in your front pockets or in a zippered bag that you can hold around your front. Consider buying a phone tether or lanyard for your phone. This will make your phone much more difficult to lift since it’s securely wrapped around your body.
Before you hop on the plane, train, or automobile, consider investing in identity protection. This way, you can proactively head off any issues that could arise when you should be relaxing. For instance, if your wallet is misplaced or stolen while on vacation, a dark cloud of “what ifs” won’t follow you. What if someone took the contents of your wallet and posted your details online? What if someone used those details to impersonate you online?
Identity monitoring lessens the possibility of these “what ifs” happening to you. Plus, if someone stole your identity and caused financial damages, identity theft coverage and restoration can recoup your losses and the associated costs necessary to restore your good online standing. In 2021, identity fraud affected 42 million adults and losses totaled $52 billion. Identity monitoring may help you avoid becoming part of these staggering statistics.
Consider freezing your credit before you leave on vacation. A frozen credit means that credit bureaus will prevent anyone (including you) from signing up for a new credit card in your name. So, in case your wallet or passport goes missing or you paid with your credit card at an establishment of dubious character, you can sleep soundly knowing that your hard-earned credit score is intact.
It’s a good idea to lock your credit before an incident occurs because speed is key to heading off a thief. Additionally, if you’re traveling abroad, it may be difficult to connect to phone numbers in your home country, especially if you didn’t sign up for a roaming cellular plan.
A virtual private network (VPN) is a must-have online tool to keep your online comings and goings private when you’re on public Wi-Fi. A VPN is software that scrambles your internet traffic, making it nearly impossible for a cybercriminal to digitally eavesdrop.
When traveling, especially if you don’t sign up for a roaming cellular or data plan, you’ll rely solely on public Wi-Fi networks in hotels, restaurants, libraries, and transportation hubs. Even if your accommodation’s network is password protected and is offered only to guests, it’s still best to surf with the protection of a VPN because you can’t be sure of the intentions of the hundreds of people connected to it.
VPNs aren’t difficult to set up and once you’re up and running they’re easy to use and do not slow your internet speed. But because you’d rather be poolside instead of comparing VPN plans, it’s best to sign up and become acquainted with the software before you jet off.
The best defense against cybercriminals and thieves is to arm yourself with knowledge. The more aware you are of their schemes, the better you can sniff them out and avoid them. A few weeks before you leave on vacation, check the news and read up on reports about common emerging scams. For example, be wary of public charging stations as criminals are pumping USB charging ports with malware, according to the FBI.1
Awareness of schemes like this one can help you better prepare before you leave for vacation. Always leave enough time to fully charge your device before adventuring for the day and consider packing your own power bank if your device’s battery life is unreliable. Also, if you’re traveling to another country, make sure to pack a plug converter so you can plug your devices into outlets instead of USB ports.
McAfee+ is an excellent everyday online security partner. The all-in-one identity and online protection tool keep you safe wherever you are in the world. The unlimited VPN will protect your online privacy while on public Wi-Fi. Plus, the service includes credit lock, which allows you to lock and unlock your credit at the press of a button. Finally, for peace of mind, if your identity is ever compromised, McAfee+ offers lost wallet protection and $1 million in identity theft coverage.
Don’t let the thought of thieves – those of the cyber and traditional variety – spoil your long-anticipated vacation. Enjoy your fun in the sun with peace of mind that you’re prepared to overcome any hurdle.
The post How to Protect Yourself and your Identity Before You Leave on Vacation appeared first on McAfee Blog.
You know what a VPN is, but the question remains—why do you need a VPN?
There’s one good reason. Your privacy. Because it’s a commodity on today’s internet.
For starters, you have advertisers and internet service providers (ISPs) that want to know what you’re doing, when you’re doing it, where you’re doing it, and even for how long you’re doing it. They gather and use this information to create targeted ad profiles. And sometimes, they sell that information to third parties.
Next, there are the hackers and identity thieves out there. They take an even greater interest in what you’re doing online—like your shopping, banking, and finances. Even your insurance and medical matters. Primarily they want that information so they can turn a buck by hijacking your accounts or impersonating you to get medical care. In more extreme cases, they might use stolen information to impersonate you in other ways. That might include opening entirely new lines of credit or getting a driver’s license in your name.
A VPN can prevent this kind of snooping from happening.
As for data collection and ads, that activity should come as no surprise. Particularly for anyone who’s seen uncannily targeted ads follow them around on the internet. Search for “summer cargo pants” one time and suddenly the sites you visit are full of ads for pants, pants, and more pants.
Aside from gathering your online activity for advertising purposes, ISPs might also sell the data they gather to third parties. They can gather that data while you’re on your home network, and they might gather it while you’re using public Wi-Fi. (Some ISPs provide free Wi-Fi in public places that allows them to collect data from people who aren’t their regular customers.)
This practice varies by region and the data privacy laws that are in place in each one.
For example, the European Union has strict data privacy laws that prevent this type of sale. (Thanks to the enactment of the GDPR, General Data Protection Regulation.) However, there are few such protections in the U.S. There, an ISP can sell the browsing history of an internet user to a third party—provided the data has been anonymized.
“Anonymized” is a key term here. It refers to the process of stripping away personal identifiers that connect a person to a set of stored data. It might also include adding “noise” to the data, which obscures personal identifiers. For example, that might remove an exact birthdate and replace it with a broad range of dates. So, “March 31, 1957” becomes “January – June 1957.”
At issue is that this anonymized data can get de-anonymized rather easily.
Researchers in 2019 found that “99.98% of Americans would be correctly re-identified in any dataset using 15 demographic attributes.” And when you consider how much data is collected about you, 15 attributes are only drops in the ocean.
Marketing and analytics companies collect hundreds and hundreds of data points on people and their households. That might include information about their mortgage, if they are allergy sufferers, whether they own cats or dogs, where they do most of their grocery shopping, and more—in addition to other information like their age and address.
What happens when that information gets breached, or published accidentally, as it did when 123 million records of U.S. households were made public back in 2017? It gives bad actors plenty of data that can potentially harm others.
Internet browsing activity doesn’t account for all the data points that these companies collect. However, the thought of your ISP tracking your time online and selling it to others might leave you feeling uncomfortable. Whether that data gets anonymized or not.
The other threat to your privacy online comes from bad actors—like hackers and identity thieves. By targeting insecure networks, lurking on unsecured public Wi-Fi, or setting up phony public Wi-Fi hotspots themselves, they’ll snoop on the people using it.
On insecure networks, bad actors can watch as you log into your bank account, read your email, and see what you’re doing on the internet in general. They can steal any passwords and logins you’re using along the way, giving them access to those accounts.
In truth, this kind of snooping is more than a threat to your privacy. It enters the realm of identity theft, making the risk to your data and personal information that much greater.
With your privacy and personal identity in mind, here are three specific examples that make the case for using a VPN:
As outlined above, the internet has increasingly become less private. Advertisers and ISPs will track you when and where they can. When you use a VPN, you can hide several things from your ISP, like the websites and apps you use, the time spent on them, your search history, and downloads. As for websites and apps, a VPN can hide your IP address and your location, all of which can thwart ad tracking on those sites and apps.
Many larger businesses and organizations offer (and sometimes require) a VPN for their employees who work outside the office. Smaller businesses use them less so, which makes them subject to attacks like data breaches. According to FBI reports, the average cost of a data breach for a business in 2022 was well over $150,000. Moreover, cybercriminals increasingly wage these attacks against businesses with revenues of $500,000 or less, which makes the thought of a six-figure loss even more devastating.
A VPN encrypts and protects company data in transit, whether you’re connecting from home, the airport, or anywhere outside the office. Using one protects you and the business or organization you work for.
A strong VPN service like ours uses bank-grade encryption to keep your data and information secure. With a VPN, a snoop bad actor would only see garbled content thanks to your VPN’s encryption functionality.
If you’re traveling, you can access the sites and services you typically use at home. For example, some video streaming services aren’t available in foreign locations. By using a VPN, you can still access content by connecting through the proxy servers that VPNs use. These are servers in other locations that can make requests on your behalf. So, even if you are out of the country, you can connect to a proxy server in the U.S. and access your services as usual.
If you have online protection with us, like our McAfee+ plans, you have a VPN ready to go. If not, McAfee+ offers a great way to get one.
It’s completely private and independently audited to ensure your sensitive info stays secure. We don’t log or track what you do online, so your online activity remains private.
By design, we made it simple to use. You can set it to automatically turn on if you’re on an unprotected network. Or you can also choose to keep it on all the time for an even safer online experience. With nearly 50 server locations worldwide, you can get a fast and stable VPN connection wherever you go.
And because it comes with our online protection software, you get other identity, privacy, and device security features that can keep you even safer online.
And that kind of protection is called for nowadays. Ad trackers, data collectors, hackers, and thieves—they all want to know what you’re doing online. And with a VPN, you can keep all that to yourself, making your time online more private and secure than before.
The post Three Reasons You Need a VPN appeared first on McAfee Blog.
What is a VPN (virtual private network)? And how can it make your time online more secure—and a little more private too? Here we’ll take a look at what a VPN is, what it has to offer, and how that benefits you.
A VPN is an app that you install on your device to help keep your data safe as you browse the internet. When you turn on your VPN app, your device makes a secure connection to a VPN server that routes internet traffic. Securely. This keeps your online activity private on any network, shielding it from prying eyes. So, while you’re on a VPN, you can browse and bank with the confidence that your passwords, credentials, and financial info are secure. If any malicious actors try to intercept your web traffic, they’ll only see garbled content thanks to your VPN’s encryption functionality.
Every internet connection is assigned a unique set of numbers called an IP address, which is tied to info such as geographic location or an Internet Service Provider (ISP). A VPN replaces your actual IP address to make it look like you’ve connected to the internet from the physical location of the VPN server, rather than your real location. This is just one reason why so many people use VPNs.
To change your IP address, you simply open your VPN app, select the server location you’d like to connect to, and you’re done. You’re now browsing with a new IP address. If you’d like to make sure your IP has changed, open a browser and search for “What’s my IP address” and then select one of the results.
An ideal case for using a VPN is when you’re using public Wi-Fi at the airport, a café, hotel, or just about any place where “free Wi-Fi” is offered. The reason being is that these are open networks, and any somewhat enterprising cybercriminal can tap into these networks and harvest sensitive info as a result. One survey showed that 39% of internet users worldwide understand public Wi-Fi is unsafe, yet some users still bank, shop, and do other sensitive things on public Wi-Fi despite the understood risks.
Further, you have your privacy to consider. You can use a VPN to help stop advertisers from tracking you. Searches you perform and websites you visit won’t be traced back to you, which can prevent advertisers from gleaning info about you and your online habits in general. Moreover, some ISPs collect the browsing history of their users and share it with advertisers and other third parties. A VPN can prevent this type of collection as well.
A VPN protects your search history through the secure connection you share. When you search for a website or type a URL into your navigation bar, your device sends something called a DNS request, which translates the website into the IP address of the web server. This is how your browser can find the website and serve its content to you. By encrypting your DNS requests, a VPN can hide your search habits and history from those who might use that info as part of building a profile of you. This type of info might be used in a wide variety of ways, from legitimately serving targeted ads to nefarious social engineering.
Note that a VPN is quite different and far, far more comprehensive than using “Private Mode” or “Incognito Mode” on your browser. Those modes only hide your search history locally on your device — not from others on the internet, like ISPs and advertisers.
No, a VPN can’t make you anonymous. Not entirely, anyway. They help secure what you’re doing, but your ISP still knows when you’re using the internet. They just can’t see what you’re doing, what sites you visit, or how long you’ve been on a site.
Apple’s Private Relay is similar to a VPN in that it changes your IP address so websites you visit can’t tell exactly where you are. It works on iOS and Macs as part of an iCloud+ subscription. Yet there is one important distinction: it only protects your privacy while surfing with the Safari browser.
Per Apple, it works like this:
When Private Relay is enabled, your requests are sent through two separate, secure internet relays. Your IP address is visible to your network provider and to the first relay, which is operated by Apple. Your DNS records are encrypted, so neither party can see the address of the website you’re trying to visit. The second relay, which is operated by a third-party content provider, generates a temporary IP address, decrypts the name of the website you requested, and connects you to the site. All of this is done using the latest internet standards to maintain a high-performance browsing experience while protecting your privacy.
Note that as of this writing, Apple Private Relay is not available in all countries and regions. If you travel somewhere where Private Relay isn’t available, it will automatically turn off and will notify you when it’s unavailable and once more when it’s active again. You can learn more about it here and how you can enable it on your Apple devices.
As mentioned above, Private Relay only works with Safari on iOS and macOS as part of an iCloud+ subscription. Even if you are using an Apple device, a VPN is still a good idea because it will protect the info that your device sends outside Safari — such as any info passed along by your apps or any other browsers you might use.
An unlimited VPN with bank-grade encryption comes as part of your McAfee+ subscription and provides the security and privacy benefits above with bank-grade encryption. Additionally, it turns on automatically any time you connect to an unsecured Wi-Fi network, which takes the guesswork out of when you absolutely need to use it.
In all, our VPN makes it practically impossible for cybercriminals or advertisers to access so that what you do online remains private and secure, so you can enjoy your time online with confidence.
The post How a VPN Can Make Your Time Online More Private and Secure appeared first on McAfee Blog.
We’ve all been spending more of our time online since the crisis hit. Whether it’s ordering food for delivery, livestreaming concerts, holding virtual parties, or engaging in a little retail therapy, the digital interactions of many Americans are on the rise. This means we’re also sharing more of our personal and financial information online, with each other and the organizations we interact with. Unfortunately, as ever, there are bad guys around every digital corner looking for a piece of the action.
The bottom line is that personally identifiable information (PII) is the currency of internet crime. And cyber-criminals will do whatever they can to get their hands on it. When they commit identity theft with this data, it can be a messy business, potentially taking months for banks and businesses to investigate before you get your money and credit rating back. At a time of extreme financial hardship, this is the last thing anyone needs.
It therefore pays to be careful about how you use your data and how you protect it. Even more: it’s time to get proactive and monitor it—to try and spot early on if it has been stolen. Here’s what you need to know to protect your identity data.
How identity theft works
First, some data on the scope of the problem. In the second quarter of 2020 alone 349,641 identity theft reports were filed with the FTC. To put that in perspective, it’s over half of the number for the whole of 2019 (650,572), when consumers reported losing more than $1.9 billion to fraud. What’s driving this huge industry? A cybercrime economy estimated to be worth as much as $1.5 trillion annually.
Specialized online marketplaces and private forums provide a user-friendly way for cyber-criminals and fraudsters to easily buy and sell stolen identity data. Many are on the so-called dark web, which is hidden from search engines and requires a specialized anonymizing browser like Tor to access. However, plenty of this criminal activity also happens in plain sight, on social media sites and messaging platforms. This underground industry is an unstoppable force: as avenues are closed down by law enforcement or criminal in-fighting, other ones appear.
At-risk personal data could be anything from email and account log-ins to medical info, SSNs, card and bank details, insurance details and much more. It all has a value on the cybercrime underground and the price fraudsters are prepared to pay will depend on supply and demand, just like in the ‘real’ world.
There are various ways for attackers to get your data. The main ones are:
|
|
The COVID-19 challenge
As if this weren’t enough, consumers are especially exposed to risk during the current pandemic. Hackers are using the COVID-19 threat as a lure to infect your PC or steal identity data via the phishing tactics described above. They often impersonate trustworthy institutions/officials and emails may claim to include new information on outbreaks, or vaccines. Clicking through or divulging your personal info will land you in trouble. Other fraud attempts will try to sell counterfeit or non-existent medical or other products to help combat infection, harvesting your card details in the process. In March, Interpol seized 34,000 counterfeit COVID goods like surgical masks and $14m worth of potentially dangerous pharmaceuticals.
Phone-based attacks are also on the rise, especially those impersonating government officials. The aim here is to steal your identity data and apply for government emergency stimulus funds in your name. Of the 349,641 identity theft reports filed with the FTC in Q2 2020, 77,684 were specific to government documents or benefits fraud.
What do cybercriminals do with my identity data?
Once your PII is stolen, it’s typically sold on the dark web to those who use it for malicious purposes. It could be used to:
|
|
How do I protect my identity online?
The good news among all this bad is that if you remain skeptical about what you see online, are cautious about what you share, and follow some other simple rules, you’ll stand a greater chance of keeping your PII under lock and key. Best practices include:
|
|
How Trend Micro can help
Trend Micro offers solutions that can help to protect your digital identity.
Trend Micro ID Security is the best way to get proactive about data protection. It works 24/7 to monitor dark web sites for your PII and will sound the alarm immediately if it finds any sign your accounts or personal data have been stolen. It features
|
|
Trend Micro Password Manager enables you to manage all your website and app log-ins from one secure location. Because Password Manager remembers and recalls your credentials on-demand, you can create long, strong and unique passwords for each account. As you’re not sharing easy-to-remember passwords across multiple accounts, you’ll be protected from popular credential stuffing and similar attacks.
Finally, Trend Micro WiFi Protection will protect you if you’re out and about connecting to WiFi hotspots. It automatically detects when a WiFi connection isn’t secure and enables a VPN—making your connection safer and helping keep your identity data private.
In short, it’s time to take an active part in protecting your personal identity data—as if your digital life depended on it. In large part, it does.
The post Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis appeared first on .
Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting the corporate network. Why? Because as a remote worker, you’re increasingly viewed as a soft target—the open doorway to extorting money from your employer.
So how does ransomware land up on your front doorstep? And what can a home worker do to shut that door?
The new ransomware trends
Last year, Trend Micro detected over 61 million ransomware-related threats, a 10% increase from 2018 figures. But things have only gotten worse from there. There has been a 20% spike in ransomware detections globally in the first half of 2020, rising to 109% in the US. And why is that?
At a basic level, ransomware searches for and encrypts most of the files on a targeted computer, so as to make them unusable. Victims are then asked to pay a ransom within a set time frame in order to receive the decryption key they need to unlock their data. If they don’t, and they haven’t backed-up this data, it could be lost forever.
The trend of late, however, has been to focus on public and private sector organizations whose staff are working from home (WFH). The rationale is that remote workers are less likely to be able to defend themselves from ransomware attacks, while they also provide a useful stepping-stone into high-value corporate networks. Moreover, cybercriminals are increasingly looking to steal sensitive data before they encrypt it, even as they’re more likely to fetch a higher ransom for their efforts than they do from a typical consumer, especially if the remote employee’s data is covered by cyber-insurance.
Home workers are also being more targeted for a number of reasons:
|
|
What’s the attack profile of the remote working threat?
In short, the bad guys are now looking to gain entry to the corporate network you may be accessing from home via a VPN, or to the cloud-hosted systems you use for work or sharing files, in order to first steal and then encrypt company data with ransomware as far and wide as possible into your organization. But the methods are familiar. They’ll
|
|
How can I prevent ransomware when working from home?
The good news is that you, the remote worker, can take some relatively straightforward steps up front to help mitigate the cascading risks to your company posed by the new ransomware. Try the following:
|
|
How Trend Micro can help
In short, to close the cyber front door to ransomware, you need to protect your home network and all your endpoints (laptops, PCs, mobile devices) to be safe. Trend Micro can help via
|
|
With these tools, you, the remote worker, can help shut the front door to ransomware, protecting your work, devices, and company from data theft and encryption for ransom.
The post Ransom from Home – How to close the cyber front door to remote working ransomware attacks appeared first on .
The number of VPN users has grown considerably over the past few years. According to the report of Go-Globe, 25% of netizens worldwide have used a VPN at least once in the last 30 days. Recently, VPN usage has surged in many countries and its popularity may see VPN usage surpass the estimated profit of USD$27.10 billion by the end of 2020. The VPN global market only seems to increase as time goes by. So, why is that? What do VPNs provide that make them so attractive?
What is a VPN?
A VPN, or a Virtual Private Network, creates a secure communication “tunnel” from your computer to the internet. It encrypts your connection and prevents others from seeing the data you’re transferring. This keeps your data secure from any spying attempts—including from home over your wired connection, but particularly on public Wi-Fi networks, when you’re out and about in places such as coffee shops, restaurants, airports and hotels. It helps ensure that no one can steal your personal details, passwords, or credit card information.
How does a VPN work and why you need a VPN service?
Among other things, a VPN can conceal your IP address to make your online actions virtually untraceable and anonymous, providing greater privacy for everything you do. In fact, there are so many ways a VPN can protect your privacy and security, we need to take a deeper look at what other benefits a VPN can provide.
|
|
This is the era of mobility and most transactions are being done by people on-the-go using their mobile devices to exchange data over public networks. From online shopping, to mobile banking or simply checking emails and social media accounts, these activities can expose your personal information and sensitive data to hackers and cybercriminals. This particularly applies to users relying on public Wi-Fi. Using a VPN will help to mitigate unwanted leakage or theft by securing data in transit to and from the systems that typically try to collect and store your private data.
|
|
One of the main drivers for using a VPN is to access better streaming content and restricted websites from the region you’re accessing the internet from. This may be true in your own country, but when traveling abroad, there are also chances that you cannot visit a popular website or a social media platform from the country you’re visiting. While using a VPN, you can connect to an IP address in your country and have full access to your favorite media contents and avoid wasting membership fees that you will likely pay for this streaming service.
|
|
Some retail apps, social media platforms, and search engines continuously collect and analyze results of your search history. They keep track of all your browsing activities such as items you viewed, contents you liked, and things you tapped and clicked, so they can provide you with more targeted contents and monetize these by showing the same information in your feed through ads.
Note that, simply clearing your browsing history does not completely remove traces of these searches, and targeted ads can get annoying. This is where a VPN can help enhance your browsing privacy. The VPN hides your browser cached data and location from advertisers, which prevents them from serving up content based on your searches and location.
|
|
Another motivating factor for the use of a VPN is to save on the cost of communicating with families and friends abroad. There are countries implementing restrictions on the use of certain messaging apps, banning their services. If you are planning to visit a country with such a restriction, a VPN can bypass this constraint, which allows you to make use of your trusted messaging app, eliminate the cost of long-distance calls to family and friends while abroad—and at the same time, maintain the level of security and encryption the messaging app provides.
|
|
The internet has evolved into streaming more content—videos, music, and more—and ISPs have responded by making higher data usage and higher throughput (bandwidth) pay-as-you-use-more services. But content is still at issue, particularly after the December 2017 FCC ruling. Potential ISP throttling based on content type, source, or destination (e.g., BitTorrent traffic), which could give priority to business over personal usage, is one of the reasons why everyday people are using VPN services, because a VPN provides more usage anonymity, preventing ISPs from potentially tracking your activities and limiting your bandwidth usage accordingly.
Choosing the right VPN for you
Now that you have some understanding of what a VPN is, and what benefits it can give you, it is also important to choose the right VPN for you.
Due to regulatory requirements and laws governing data privacy and securing personal information online, the demand for VPNs is growing. In response, there are a large number of VPN providers in the market today. So how do you choose a reliable VPN? Here are some criteria to help you pick one that best suits your needs:
|
|
Trend Micro’s Home Division provides two low-cost, safety-focused VPN solutions for everyday users: Trend Micro VPN Proxy One and Trend Micro Wi-Fi Protection, both of which can address light-to-medium VPN needs and meet most of the checklist criteria above.
Trend Micro VPN Proxy One offers fast, secure, stable and anonymous proxy connections for you to access various websites and applications. It connects to the best Trend Micro VPN server intelligently, without you having to do it, and does not limit bandwidth consumption. Trend Micro VPNs do not track your online activities, ensuring you a secure digital life and protecting your online privacy. Trend Micro VPN Proxy One is targeted to Mac and iOS devices.
Trend Micro Wi-Fi Protection turns any public hotspot into a secure Wi-Fi network and VPN with bank-grade data encryption to keep your information safe from hackers. While your VPN is active, Trend Micro Wi-Fi Protection provides exceptional web threat protection and checks websites you visit to safeguard your browsing from online fraud and internet scam. The VPN automatically kicks in when connecting to a Wi-Fi network with low security, such as one with no encryption. Trend Micro Wi-Fi Protection is available for all platforms (PC, Mac, Android, and iOS). Bundles can be purchased for multiple devices and platforms and some bundles can include other Trend Micro products, depending on the region.
Go to the Apple App Store for more details on Trend Micro VPN Proxy One; or for a 30-day trial or to buy, go here: Mac | iOS.
Or visit Trend Micro Wi-Fi Protection for more information, or to buy the multi-platform solution.
The post What is a VPN and How Does it Increase Your Online Security and Privacy? appeared first on .
The COVID-19 pandemic, along with social distancing, has done many things to alter our lives. But in one respect it has merely accelerated a process begun many years ago. We were all spending more and more time online before the virus struck. But now, forced to work, study and socialize at home, the online digital world has become absolutely essential to our communications — and video conferencing apps have become our “face-to-face” window on the world.
The problem is that as users flock to these services, the bad guys are also lying in wait — to disrupt or eavesdrop on our chats, spread malware, and steal our data. Zoom’s problems have perhaps been the most widely publicized, because of its quickly rising popularity, but it’s not the only platform whose users have been potentially at risk. Cisco’s WebEx and Microsoft Teams have also had issues; while other platforms, such as Houseparty, are intrinsically less secure (almost by design for their target audience, as the name suggests).
Let’s take a look at some of the key threats out there and how you can stay safe while video conferencing.
Depending on the platform (designed for work or play) and the use case (business or personal), there are various opportunities for the online attacker to join and disrupt or eavesdrop on video conferencing calls. The latter is especially dangerous if you’re discussing sensitive business information.
Malicious hackers may also look to deliver malware via chats or shared files to take control of your computer, or to steal your passwords and sensitive personal and financial information. In a business context, they could even try to hijack your video conferencing account to impersonate you, in a bid to steal info from or defraud your colleagues or company.
The bad guys may also be able to take advantage of the fact that your home PCs and devices are less well-secured than those at work or school—and that you may be more distracted at home and less alert to potential threats.
To accomplish their goals, malicious hackers can leverage various techniques at their disposal. These can include:
|
|
Zoom has in many ways become the victim of its own success. With daily meeting participants soaring from 10 million in December last year to 200 million by March 2020, all eyes have been focused on the platform. Unfortunately, that also includes hackers. Zoom has been hit by a number of security and privacy issues over the past several months, which include “Zoombombing” (meetings disrupted by uninvited guests), misleading encryption claims, a waiting room vulnerability, credential theft and data collection leaks, and fake Zoom installers. To be fair to Zoom, it has responded quickly to these issues, realigning its development priorities to fix the security and privacy issues discovered by its intensive use.
And Zoom isn’t alone. Earlier in the year, Cisco Systems had its own problem with WebEx, its widely-used enterprise video conferencing system, when it discovered a flaw in the platform that could allow a remote, unauthenticated attacker to enter a password-protected video conferencing meeting. All an attacker needed was the meeting ID and a WebEx mobile app for iOS or Android, and they could have barged in on a meeting, no authentication necessary. Cisco quickly moved to fix the high-severity vulnerability, but other flaws (also now fixed) have cropped up in WebEx’s history, including one that could enable a remote attacker to send a forged request to the system’s server.
More recently, Microsoft Teams joined the ranks of leading business videoconferencing platforms with potentially deadly vulnerabilities. On April 27 it surfaced that for at least three weeks (from the end of February till the middle of March), a malicious GIF could have stolen user data from Teams accounts, possibly across an entire company. The vulnerability was patched on April 20—but it’s a reminder to potential video conferencing users that even leading systems such as Zoom, WebEx, and Teams aren’t fool-proof and require periodic vulnerability and security fixes to keep them safe and secure. This is compounded during the COVID-19 pandemic when workers are working from home and connecting to their company’s network and systems via possibly unsecure home networks and devices.
So how do you choose the best, most secure, video conferencing software for your work-at-home needs? There are many solutions on the market today. In fact, the choice can be dizzying. Some simply enable video or audio meetings/calls, while others also allow for sharing and saving of documents and notes. Some are only appropriate for one-on-one connections or small groups, while others can scale to thousands.
In short, you’ll need to choose the video conferencing solution most appropriate to your needs, while checking if it meets a minimum set of security standards for working at home. This set of criteria should include end-to-end encryption, automatic and frequent security updates, the use of auto-generated meeting IDs and strong access controls, a program for managing vulnerabilities, and last but not least, good privacy practices by the company.
Some video conferencing options alongside Zoom, WebEx, and Teams include:
|
|
Whatever video conferencing platform you use, it’s important to bear in mind that cyber-criminals will always be looking to take advantage of any security gaps they can find — in the tool itself or your use of it. So how do you secure your video conferencing apps? Some tips listed here are Zoom-specific, but consider their equivalents in other platforms as general best-practice tips. Depending on the use case, you might choose to not enable some of the options here.
|
|
Fortunately, Trend Micro has a range of capabilities that can support your efforts to stay safe while using video conferencing services.
Trend Micro Home Network Security (HNS) protects every device in your home connected to the internet. That means it will protect you from malicious links and attachments in phishing emails spoofed to appear as if sent from video conferencing firms, as well as from those sent by hackers that may have covertly entered a meeting. Its Vulnerability Check can identify any vulnerabilities in your home devices and PCs, including work laptops, and its Remote Access Protection can reduce the risk of tech support scams and unwanted remote connections to your device. Finally, it allows parents to control their kids’ usage of video conferencing applications, to limit their exposure.
Trend Micro Security also offers protection against email, file, and web threats on your devices. Note too, that Password Manager is automatically installed with Maximum Security to help users create unique, strong passwords for each application/website they use, including video conferencing sites.
Finally, Trend Micro WiFi Protection (multi-platform) / VPN Proxy One (Mac and iOS) offer VPN connections from your home to the internet, creating secure encrypted tunnels for traffic to flow down. The VPN apps work on both Wi-Fi and Ethernet connections. This could be useful for users concerned their video conferencing app isn’t end-to-end encrypted, or for those wishing to protect their identity and personal information when interacting on these apps.
The post From Bugs to Zoombombing: How to Stay Safe in Online Meetings appeared first on .
FreshRSS 