Mobile banking and finance apps have become increasingly popular in recent years. These apps provide a quick and convenient way to see checking and savings account balances and make and receive payments.
It’s no surprise that many people use these third-party apps to manage their finances. In 2021, the U.S. saw 573.1 million finance app downloads, a 19% increase from the previous year.
However, despite its benefits, mobile banking isn’t immune to risks. This article will discuss the safety and security of mobile finance apps and give you a few pointers to protect yourself while using these apps.
Yes, mobile banking is a pretty safe way to manage your finances; however, there can still be some risks associated with it, including fraud and scams.
If you’re careful, there are plenty of ways to protect yourself while using this incredibly easy banking method.
Here are a few tips to help you improve the safety of your online financial accounts.
A bank’s website will often include links to their mobile apps that provide related mobile banking services, along with details about the app’s features and how users can use it. You should use a trusted platform when installing the app, like the App Store for iPhone or iOS users or the Google Play Store for Android users.
You should also take time to go through reviews and related information about the app before downloading it to ensure its legitimacy. If you have any doubts, clarify the issue with your bank before downloading what could be a fake banking app.
While this may seem obvious, the reality is that many people don’t pay enough attention to their passwords. To create a strong password, you should use a combination of uppercase and lowercase letters, numbers, and special characters in no particular order or pattern.
In addition, security experts recommend long, complex passwords to exponentially increase the time it takes to crack them. It also helps to have unique passwords for each of your accounts.
If you’re concerned about remembering and managing multiple passwords, you can use a reputable and secure password manager like McAfee True Key to store your passwords.
Many services nowadays offer two-factor or multifactor authentication. This function refers to the additional layers of security against hackers. On top of a traditional username-password login, users are required to identify themselves with a code that’s sent to their cellphone or email.
By confirming the user’s identity this way, organizations eliminate a degree of uncertainty. While it isn’t foolproof, two-factor or multifactor authentication helps increase security. It’s worth checking if your finance app offers this feature.
Public Wi-Fi networks are convenient in urgent situations; however, they often come with a warning saying the network is unsecured. This means that the network is unencrypted, making it easy for hackers to access your personal information. The best practice is to avoid using public Wi-Fi networks, especially when carrying out any form of financial transaction.
If you need to make purchases or send and receive money while on the move, though, you’ll want to consider a virtual private network (VPN) like McAfee Secure VPN. The VPN provides a secure network even when using public Wi-Fi by hiding your IP address and encrypting your data.
The easiest way to protect your finances is to keep a vigilant eye on all of your transactions. However, security notifications from your bank are a great added measure. Most credit card companies allow you to turn on transaction alerts for various services, such as balance transfer requests, international purchases, and exceeded credit limits, which can help you recognize any suspicious activity on your account.
It’s also important to remember that financial institutions will never contact you over the phone or through email to ask for your banking information. If you receive such a message, it’s most certainly a scam. A common way people get duped is through calls or emails claiming they’ve won a prize and need to share personal account details to receive the money. Never share your bank account details, passwords, or one-time codes with strangers.
Always check with your bank to confirm any activity that seems out of the ordinary. In addition to alert notifications, banks can also send helpful tips to protect your account against fraud.
McAfee Security for Mobile is an award-winning cybersecurity tool that helps address the issues mentioned above and more. It’ll scan your device for malware, suspicious websites, and unsecured Wi-Fi networks so you can use social media or shop online with complete peace of mind.
It also comes with other features, like system cleaning services that clean junk from your phone’s storage. These features can boost battery life and help locate your phone if it’s ever stolen or misplaced.
Mobile and online banking both have their benefits and drawbacks, but which is the safer option? Experts often have varied opinions on the matter.
Some people believe it might be easier to download malware on a computer unknowingly, as it’s tricky to judge the authenticity of a website or malicious links. Users typically download apps from reputed app stores when using mobile devices, which lowers the risk.
On the other hand, professionals believe that both methods are equally safe. The choice depends on the network available to the user, as private networks are significantly less susceptible to hacking than public ones. Some users may prefer computers to mobile phones simply because they find it easier to perform tasks on a bigger screen.
Both internet and mobile banking are convenient and offer a quick way to manage your personal finances, as you don’t have to travel to a physical bank or carry large amounts of cash in your wallet.
However, while mobile banking is generally considered a safe method of managing your finances, it can have some vulnerabilities that scammers may try to take advantage of.
Following the tips mentioned above — like using a private network, not sharing personal details with anyone, and using a comprehensive mobile security tool like McAfee Security for Mobile — can make all the difference.
The tool’s security features include safe browsing, a secure VPN, and antivirus software. This means you can use your mobile finance apps confidently knowing McAfee is looking out for you.
The post How to Know If Your Mobile Finance Apps Are Safe appeared first on McAfee Blog.
The explosion of e-commerce sites has changed how we shop today, providing access to millions of online stores with almost unlimited selections.
Just as you would take basic precautions in a brick-and-mortar store — perhaps hiding your PIN number while paying and making sure the business is legitimate — you should also practice safe shopping habits online.
Here are eight ways you can avoid fake websites and other online scams and ensure that you’re dealing with legitimate companies and safe online stores.
One of the best ways to tell if an online store is legit and avoid debit and credit card scams, domain name and subdomain name takeovers, and other problems is with a free and effective download like McAfee WebAdvisor.
This smart tool helps you surf and shop with confidence, protecting you from malicious sites that can contain:
McAfee WebAdvisor is a free browser extension that downloads quickly and installs easily, working in the background automatically to protect you from malware and phishing as you surf, search, and enjoy online shopping.
McAfee WebAdvisor works with Windows 10, 8.1, 8, and 7 (32- and 64-bit) computers and is compatible with these browsers:
Here are other ways to make sure you know when you’re dealing with scammers online.
When checking an e-commerce site’s credentials, start with the address bar. Often, hackers will use URLs that are very close to the real site’s URL but not quite the same. Look for typos or use Google to see if a search takes you to the same page. Also, look for a padlock icon in the address bar.
Click the padlock and look at the drop-down menu that provides information, such as if the site has a valid certificate like SSL (verifying that the web address belongs to the company), how many cookies are in use, other site settings, and whether your information is safe when sent to this site.
The protection is pretty good but not perfect since some cybercriminals have been able to replicate these padlocks or take over legitimate sites that have them.
Trust seals, such as the TrustedSite certification, are stamps created by a certificate authority (CA) to confirm the legitimacy of a site. A trust seal tells visitors that they are on a safe site and the company that displays the mark prioritizes cybersecurity. Click on it, and you should be taken to a webpage that verifies the authenticity of the trust seal.
Google’s Safe Browsing technology crawls through billions of web addresses every day on the lookout for unsafe websites. The technology discovers thousands daily — often legitimate sites that have been compromised. Warnings for unsafe sites pop up in your browser and on the Google search engine. You can also search specific URLs to see if a site has been compromised.
It’s worth checking a company on social media to see if they appear to have a genuine following and legitimate posts. The Better Business Bureau (BBB) also has suggestions for spotting fake social media accounts, including those on LinkedIn, Facebook, Twitter, and Instagram. You should look for:
Another way to test the legitimacy of an online retail store is to check its contact information. Does it have a physical address, phone number, and email contact? Does the email address on the contact page have the company domain name in it, or is it generic (like a Gmail address)? If you send an email, does it get delivered?
Check to see if the e-commerce site looks as if it has been professionally produced or whether it has been thrown together with slapdash results. Are there typos, grammar errors, poor-quality images, and a sloppy design? Does it have a poorly worded return policy or no return policy at all?
All the things that undermine the professional appearance and authenticity of a site should be red flags and convince you that you’re on a scam website.
If the online company is a legitimate website (not a scam site) and has been around for a while, there should be authentic third-party reviews from previous customers. Review sites include Google My Business, Amazon, and Yelp.
If the reviews are uniformly bad, on the other hand, you have another type of problem to confront.
Since virtual shopping is fast becoming the new norm, it’s important to guard against cybercriminals that are increasingly targeting retailers and their customers. A great way to shop with confidence is to use McAfee WebAdvisor, which is available as a free download.
The web browser extension works tirelessly in the background to protect you as you browse and buy. Think of it as a gift to yourself so you can use the internet to its full potential while keeping your information protected.
The post 8 Ways to Know If Online Stores Are Safe and Legit appeared first on McAfee Blog.
The great thing about the internet is that there’s room for everyone. The not-so-great part? There’s plenty of room for cybercriminals who are hungry to get their hands on our personal information.
Fortunately, internet scams don’t have to be a part of your online experience. In this article, we’ll tell you about some of the most common internet schemes and how you can recognize them to keep your identity safe.
Scams are scary, but you can prevent yourself from falling for one by knowing what to look for. Here are a few tell-tale signs that you’re dealing with a scammer.
If you get a message that you’ve won a big sum of cash in a sweepstakes you don’t remember entering, it’s a scam. Scammers may tell you that all you need to do to claim your prize is send them a small fee or give them your banking information.
When you enter a real sweepstakes or lottery, it’s generally up to you to contact the organizer to claim your prize. Sweepstakes aren’t likely to chase you down to give you money.
Scammers will often ask you to pay them using gift cards, money orders, cryptocurrency (like Bitcoin), or through a particular money transfer service. Scammers need payments in forms that don’t give consumers protection.
Gift card payments, for example, are typically not reversible and hard to trace. Legitimate organizations will rarely, if ever, ask you to pay using a specific method, especially gift cards.
When you have to make online payments, it’s a good idea to use a secure service like PayPal. Secure payment systems can have features to keep you safe, like end-to-end encryption.
Scammers may try to make you panic by saying you owe money to a government agency and you need to pay them immediately to avoid being arrested. Or the criminal might try to tug at your heartstrings by pretending to be a family member in danger who needs money.
Criminals want you to pay them or give them your information quickly — before you have a chance to think about it. If someone tries to tell you to pay them immediately in a text message, phone call, or email, they’re likely a scammer.
Many scammers pretend to be part of government organizations like the Internal Revenue Service (IRS). They’ll claim you owe them money. Criminals can even use technology to make their phone numbers appear legitimate on your caller ID.
If someone claiming to be part of a government organization contacts you, go to that organization’s official site and find an official support number or email. Contact them to verify the information in the initial message.
Scammers may also pretend to be businesses, like your utility company. They’ll likely say something to scare you, like your gas will be turned off if you don’t pay them right away.
Most legitimate organizations will thoroughly proofread any copy or information they send to consumers. Professional emails are well-written, clear, and error-free. On the other hand, scam emails will likely be full of grammar, spelling, and punctuation errors.
It might surprise you to know that scammers write sloppy emails on purpose. The idea is that if the reader is attentive enough to spot the grammatical mistakes, they likely won’t fall for the scam.
There are certain scams that criminals try repeatedly because they’ve worked on so many people. Here are a few of the most common scams you should watch out for.
A phishing scam can be a phone or email scam. The criminal sends a message in which they pretend to represent an organization you know. It directs you to a fraud website that collects your sensitive information, like your passwords, Social Security number (SSN), and bank account data. Once the scammer has your personal information, they can use it for personal gain.
Phishing emails may try anything to get you to click on their fake link. They might claim to be your bank and ask you to log into your account to verify some suspicious activity. Or they could pretend to be a sweepstakes and say you need to fill out a form to claim a large reward.
During the coronavirus pandemic, new phishing scams have emerged, with scammers claiming to be part of various charities and nonprofits. Sites like Charity Navigator can help you discern real groups from fake ones.
These scams also became much more prominent during the pandemic. Let’s say you’re preparing to fly to Paris with your family. A scammer sends you a message offering you an insurance policy on any travel plans you might be making. They’ll claim the policy will compensate you if your travel plans fall through for any reason without any extra charges.
You think it might be a good idea to purchase this type of insurance. Right before leaving for your trip, you have to cancel your plans. You go to collect your insurance money only to realize the insurance company doesn’t exist.
Real travel insurance from a licensed business generally won’t cover foreseeable events (like travel advisories, government turmoil, or pandemics) unless you buy a Cancel for Any Reason (CFAR) addendum for your policy.
Grandparent scams prey on your instinct to protect your family. The scammer will call or send an email pretending to be a family member in some sort of emergency who needs you to wire them money. The scammer may beg you to act right away and avoid sharing their situation with any other family members.
For example, the scammer might call and say they’re your grandchild who’s been arrested in Mexico and needs money to pay bail. They’ll say they’re in danger and need you to send funds now to save them.
If you get a call or an email from an alleged family member requesting money, take the time to make sure they’re actually who they say they are. Never wire transfer money right away or over the phone. Ask them a question that only the family member would know and verify their story with the rest of your family.
You get an email from a prince. They’ve recently inherited a huge fortune from a member of their royal family. Now, the prince needs to keep their money in an American bank account to keep it safe. If you let them store their money in your bank account, you’ll be handsomely rewarded. You just need to send them a small fee to get the money.
There are several versions of this scam, but the prince iteration is a pretty common one. If you get these types of emails, don’t respond or give out your financial information.
Your online experience is rudely interrupted when a pop-up appears telling you there’s a huge virus on your computer. You need to “act fast” and contact the support phone number on the screen. If you don’t, all of your important data will be erased.
When you call the number, a fake tech support worker asks you for remote access to your device to “fix” the problem. If you give the scammer access to your device, they may steal your personal and financial information or install malware. Worse yet, they’ll probably charge you for it.
These scams can be pretty elaborate. A scam pop-up may even appear to be from a reputable software company. If you see this type of pop-up, don’t respond to it. Instead, try restarting or turning off your device. If the device doesn’t start back up, search for the support number for the device manufacturer and contact them directly.
Scammers will often pose as popular e-commerce companies by creating fake websites. The fake webpages might offer huge deals on social media. They’ll also likely have a URL close to the real business’s URL but slightly different.
Sometimes, a criminal is skilled enough to hack the website of a large online retailer. When a scammer infiltrates a retailer’s website, they can redirect where the links on that site lead. This is called formjacking.
For example, you might go to an e-commerce store to buy a jacket. You find the jacket and put it in your online shopping cart. You click “check out,” and you’re taken to a form that collects your credit card information. What you don’t know is that the checkout form is fake. Your credit card number is going directly to the scammers.
Whenever you’re redirected from a website to make a payment or enter in information, always check the URL. If the form is legitimate, it will have the same URL as the site you were on. A fake form will have a URL that’s close to but not exactly the same as the original site.
These scams are similar to tech support scams. However, instead of urging you to speak directly with a fake tech support person, their goal is to get you to download a fake antivirus software product (scareware).
You’ll see a pop-up that says your computer has a virus, malware, or some other problem. The only way to get rid of the problem is to install the security software the pop-up links to. You think you’re downloading antivirus software that will save your computer.
What you’re actually downloading is malicious software. There are several types of malware. The program might be ransomware that locks up your information until you pay the scammers or spyware that tracks your online activity.
To avoid this scam, never download antivirus software from a pop-up. You’ll be much better off visiting the website of a reputable company, like McAfee, to download antivirus software.
Dealing with credit card debt can be extremely stressful. Scammers know this and try to capitalize off it. They’ll send emails posing as credit experts and tell you they can help you fix your credit or relieve some of your debt. They might even claim they can hide harmful details on your credit report.
All you have to do is pay a small fee. Of course, after you pay the fee, the “credit expert” disappears without helping you out with your credit at all. Generally, legitimate debt settlement firms won’t charge you upfront. If a credit relief company charges you a fee upfront, that’s a red flag.
Before you enter into an agreement with any credit service, check out their reputation. Do an online search on the company to see what you can find. If there’s nothing about the credit repair company online, it’s probably fake.
Admitting that you’ve fallen for an online scam can be embarrassing. But reporting a scammer can help stop them from taking advantage of anyone else. If you’ve been the victim of an online scam, try contacting your local police department and filing a report with the Federal Trade Commission (FTC).
Several other law enforcement organizations handle different types of fraud. Here are a few examples of institutions that can help you report scams.
Fraudsters shouldn’t stop you from enjoying your time online. Just by learning to spot an online scam, you can greatly strengthen your immunity to cybercrimes.
For an even greater internet experience, you’ll want the right tools to protect yourself online. McAfee’s Total Protection services can help you confidently surf the web by providing all-in-one protection for your personal info and privacy. This includes identity protection — which comes with 24/7 monitoring of your email addresses and bank accounts — and antivirus software to help safeguard your internet connection.
Get the peace of mind that comes with McAfee having your back.
The post How to Recognize an Online Scammer appeared first on McAfee Blog.
Online banking puts the ability to pay bills, check your balance, or transfer money at your fingertips. Unfortunately, it can also make you vulnerable to scammers who may try to trick you into giving them access to your account.
By remaining vigilant, though, you can avoid common scams. This article discusses mobile banking scams and how to avoid them.
Online banking can be super convenient — for both you and cybercriminals. And hackers may use a variety of tactics to gain access to your accounts. Most of these involve tricking you into giving them your account information.
With this type of online scam, fraudsters may send a text message or email that looks like it’s from your bank. Often, the message will ask for immediate action, such as confirming your information to keep the account from being closed.
The message might even include a link to the bank, but it actually goes to a fraudulent website designed to look like the bank’s website. When you enter your account information, the scammers record it.
Sometimes, the email asks you to call a fake customer service number. If you do, you’ll speak to someone who tries to get you to give over sensitive information, like your date of birth or Social Security number (SSN).
Occasionally, scammers already have some of your personal information. To gain your trust, they might mention personal details like your date of birth or the last four digits of your SSN. They may have learned this information from your social media posts or accessed it in a data breach.
Another way hackers may try to access your bank account is to steal or guess your password. If they can log into your account, they can use your sensitive information for personal gain, otherwise known as identity theft. They can then open credit card accounts in your name, purchase merchandise, or transfer money out of your account.
Cybercriminals use technology to guess billions of passwords per second. However, it’s more difficult to guess long passwords with a combination of letters and numbers.
For example, a computer can instantly guess a password consisting of eight letters. Adding one uppercase letter extends the time it takes to crack a password to 22 minutes. In contrast, a 12-character password with an uppercase letter, a number, and a symbol would take the computer 34,000 years to crack.
When you click a link or attachment in an email or download fake antivirus software, your device can become infected with malicious software or malware. A virus can let hackers view data from your device and use it to access your financial information or bank accounts.
Consider getting antivirus software to help protect your devices, like what’s offered through McAfee Total Protection. Our award-winning antivirus software provides 24/7 real-time threat protection against online threats like malware, viruses, ransomware, and phishing, across Apple and Android systems.
Public Wi-Fi gives you convenient, free access to the internet in restaurants, airports, and department stores. But it can also be easy for hackers to see your private information on an open network that doesn’t require a password.
If you log into your online bank account, your login information could be exposed, making you vulnerable to bank fraud. Shopping online with public Wi-Fi could also expose your credit card information.
Fortunately, you can protect yourself from cybercriminals with sensible precautions and a healthy dose of suspicion. Use the tips below to help safeguard your accounts from online banking scams.
McAfee Total Protection provides all-in-one protection for your personal information and privacy. You’ll have coverage for all of your laptops, tablets, and smartphones on most operating systems — Windows, macOS, Android, or iOS. In addition to premium antivirus software, you get identity monitoring and a secure VPN that shields your data when using public Wi-Fi.
You can better recognize phishing emails once you understand how banks communicate with customers. There are certain things legitimate banks never do. If you get a message like that, assume it’s fraudulent. Some other tips include:
At some point, almost everyone has used the same password for different websites. But this is one of the simplest ways for hackers to get into your accounts. If they figure out the password for one, they can sometimes access your other accounts.
The most common passwords are:
Use unique passwords for each website. They should be 12 characters long and include numbers, lowercase letters, uppercase letters, and symbols. McAfee Total Protection includes a password manager to help generate and store your passwords in a single location.
If you get an email about an issue with your bank account, you can always go directly to your bank’s website. Don’t click any links in a text or email — just go directly to your bank’s website to check your account. Similarly, if you get a phone call, dial your bank directly using the official telephone number.
Use two-factor authentication when logging into websites for your financial institutions. You’ll get a one-time code by text or email to use each time you log into your account.
When you log onto public Wi-Fi, anyone can see your internet activity. For that reason, you shouldn’t log into your bank account with public Wi-Fi unless you’re using a virtual private network (VPN).
McAfee Secure VPN protects your privacy by turning on automatically for unsecured networks. Your data is encrypted so it can’t be read by prying eyes. The VPN also keeps your online activity and physical location private and secure from advertisers.
Review your bank statements carefully each month to ensure there are no unauthorized transactions. Contact your bank immediately if you see any payments or withdrawals that you don’t recognize.
Being vigilant and understanding how scammers work can help you avoid online banking scams. For an additional layer of security, use McAfee Total Protection. Our comprehensive cybersecurity services protect all of your devices with award-winning antivirus, a secure VPN for safe Wi-Fi connections, and advanced identity monitoring. There’s even a team of security experts available to assist you around the clock.
With McAfee, you can bank online with ease knowing your personal data is secure.
The post Types of Online Banking Scams and How to Avoid Them appeared first on McAfee Blog.
It’s difficult to imagine what life was like before the internet. We log in daily to pay bills, shop, watch movies, and check out what friends and family are up to on social media. While the internet has made life easier, we may not consider how our online activities can make personal information — such as our Social Security numbers (SSNs) or bank account and credit card numbers — vulnerable to cybercriminals on the dark web.
Fortunately, you can find out if your information is on the dark web and keep tabs on your sensitive information with extensive dark web monitoring, offered through McAfee’s Identity Protection services.
This article explains what the dark web is, how to find out if personal details have reached the dark web, and how to protect your sensitive information.
Unlike the surface web we use for things like shopping and online banking, the dark web is part of the internet that’s not indexed by search engines. It can only be accessed with special web browsers. A few widely known networks include Tor, I2P, and Riffle.
Cybercriminals can browse, sell, or trade on dark websites with confidence and complete anonymity. Because of its highly layered encryption system, hackers can communicate without giving away their location, IP address, or identity.
Data can end up on the dark web in several ways, including through data breaches, using public Wi-Fi, visiting a nonsecure website, and leaving an offline paper trail.
A cybercriminal may hack into company databases and take personal data, such as email account addresses, passwords, and phone numbers. And while we all love to work at our favorite coffee shop, using an unsecured Wi-Fi network can leave our personal information in public view.
That’s why using a virtual private network (VPN) like McAfee Secure VPN, which comes with bank-grade encryption to scramble your data, can be a good idea. You’ll also only want to visit encrypted webpages when browsing online — keep an eye out for URLs beginning with HTTPS rather than HTTP. The “S” means added security for you. Lastly, shred paper containing your personal information or lock it away until you can.
With identity monitoring through McAfee Identity Protection, you’ll receive notifications if we find your personal information on the dark web. Our extensive monitoring service keeps tabs on up to 60 unique types of personal data and can notify you up to 10 months sooner than similar services. Plus, you get peace of mind with up to $1 million of ID theft coverage and hands-on restoration support to help reclaim your identity after identity theft.
While you can’t remove your information once it’s on the dark web, there are plenty of steps you can take to help protect yourself and prevent your data from falling into the wrong hands. You can:
No one wants their information to end up on the dark web. Fortunately, you can do a few things to minimize your risk of exposure. Here are some tips you can use to keep your data safe.
Identity protection software from McAfee can help keep your information out of the hands of cybercriminals. Some features of McAfee identity protection include expert security support, award-winning antivirus protection, a password manager, and firewall protection. Choose the plan that works best for you and keep tabs on your personal information.
This extra layer of security double-checks your identity when signing into an online account. You enter your password as usual and a unique six-digit, one-time code is sent to a trusted device via text. This added step can help improve the security of your personal information.
When creating or updating your account passwords, make sure to choose ones that are difficult to guess. Avoid using a pet’s name, your name, or other personal information that others can guess. It goes without saying, but don’t share any of your passwords.
Shared content can tell a lot about someone. Have you ever shared the make and model of your first car, your favorite movie or band, or your high school graduation year? This information helps unsavory characters figure out online passwords and security questions.
There are a lot of cool apps out there, and many are harmless. However, some may request access to your location, photos, contact list, and even microphone. Certain apps, especially those filled with malware, can then collect your data and share it with others. Fortunately, Android devices and Apple iPhones allow you to change your permission settings for apps.
With so many emails arriving in our inboxes, we may not always pay close attention to what we’re opening. However, scammers may use phishing emails in an attempt to access your personal information. Sometimes, these emails are obvious, but they can also look legit and appear as a trusted company, such as your bank or credit card company. If something seems amiss, such as a billing error or an invoice, log in through the company’s website rather than click links inside the email.
No one wants their information on the dark web. Thankfully, there are several things you can do to keep your personal information secure, including all-in-one protection from McAfee.
McAfee Total Protection comes with advanced identity monitoring, which provides faster and broader detection for your identity, plus premium antivirus software, safe browsing, and Secure VPN.
With easy setup and extensive monitoring, you can maintain your digital identity and gain peace of mind.
The post A Guide to Finding Out If Your Information Is on the Dark Web appeared first on McAfee Blog.
If you’re like most people, you probably use your computer for most of your online activities. It’s amazing what the internet can do to make our lives easier. But if you’ve spent any time online, you know the internet also comes with some risks.
Malware (or malicious software) is one risk of living a connected life. Whether it comes from infected websites, innocent-looking email attachments, or applications and tools you think you can trust, malware can expose your private information to cybercriminals who may use it for personal gain.
If you suspect that malicious software has infected your device, it’s important to remove it quickly to protect yourself.
Though dealing with malware can be scary, there are a few things you can do. This article will explain how malware can infect devices and how you can remove it from them.
There are many types of malware, which do their work in different ways. They can include viruses, worms, Trojans, spyware, adware, ransomware, and more.
Some common ways that Windows PCs, Macs, tablets, and smartphones can get infected include:
Malware can affect you in a variety of ways. For example, malware can allow hackers to steal your private information, uncover passwords, cause financial issues for you or your company, delete files, and render your device unusable.
Malware can also move from your computer to other devices, so you may unwittingly infect friends, family, or co-workers. It can gobble up your computer’s memory, slow its operation to a snail’s pace, and more.
For these reasons, it’s a good idea to find out how to remove malware and learn to protect yourself from it in the first place.
The Federal Trade Commission (FTC) Consumer Information points out some ways to know if malware has infected your device, including if it:
If you think your computer, smartphone or tablet has been infected by malware, the first step is to stop shopping, banking, and doing other things online that involve usernames, passwords, or other sensitive information until you have the problem resolved.
If you don’t have an antivirus program on your device, it’s a good idea to get one. McAfee’s antivirus software provides award-winning protection for your data and devices. It’s important to get antivirus software from a trusted name because some malware can even masquerade as security software.
It’s also important to make sure that your operating system for your different devices and applications are up to date. Older programs and apps might not have the latest security features — cybercriminals are constantly devising new ways to get people’s information — and outdated software can have a harder time fighting off infection.
Once your cybersecurity software is in place, you should:
If you have a PC with Windows 10 or 11, you already benefit from free virus threat protection with Microsoft Windows Defender. Windows Defender, or built-in Microsoft security, compares new files and programs against a database of known malware. It keeps an eye out for signs that an attack is underway, such as the encryption of key files.
Defender can run in active, passive, and disabled mode. In active mode, it’s the primary antivirus app on the device. This means the program will scan files, remedy any threats, and show detected threats in your organization’s security reports and in the Windows Security app.
Microsoft Defender will automatically turn off if you have another antivirus app installed and turned on. Microsoft Defender will turn back on automatically if you uninstall the other app.
In passive mode, Microsoft Defender isn’t used as the primary antivirus app on the device. It’ll scan files and report any threats but it won’t remedy those threats. Finally, Microsoft Windows can’t detect or address threats if it is disabled or uninstalled.
You can run quick and advanced scans in Windows Security. If you’re worried that a specific file or folder has been compromised, you can also run a manual scan by:
You’ll see the scan results and options for dealing with any potential threats.
Microsoft Defender is also available to protect Android smartphones from viruses and malware. It can also help against phishing and phishing and scans your Android device automatically to track and identify potentially unwanted, and dangerous, applications on your device.
Apple users, as well, have built-in antivirus software to help detect and fight off malware. Malware is commonly distributed across macOS systems by being embedded in a harmless-looking app.
Luckily, settings in Security & Privacy preferences allow you to designate the sources of software installed on your Mac. Just follow these steps:
Apple iPads and iPhones have strong built-in security and privacy protections, so it is up to the user on whether or not they want to install antivirus for additional malware protections. Apple boasts a “walled-garden” approach–meaning that their operating system is closed to outside apps and games not affiliated with their official app store unless you jailbreak the device.
Remember that while cybersecurity features built into devices are a great starting point, they’re not always comprehensive. That’s where antivirus software, like McAfee Total Protection, can help. It offers continuous protection against malware, viruses, phishing, ransomware, and other online threats. It also automatically updates so you don’t need to worry about manual upgrades.
The security software also includes alerts before you connect to risky websites and offers one-click fixes to help you stay safe online.
Antivirus software like McAfee works to block malware from infecting your computer, smartphone, or tablet. If malware somehow does get through, it can act as a powerful malware scanner by searching every file on your device for infections.
It can troubleshoot, look for vulnerabilities, and compile a list of infected software that can be quarantined (or isolated) to prevent it from doing harm and deleted at the end of the virus scan using removal tools.
McAfee’s anti-malware software updates its virus database by using an automatic web crawler that scans the internet, identifies online threats like malicious software, and figures out how to delete them.
McAfee antivirus uses this data to automatically update your device’s protective set-upl, providing strong protection so nothing harmful gets in.
Besides desktop computers, McAfee provides mobile security for both Android and Apple devices. For example, when you use your iPhone or Android phone on a public Wi-Fi system, McAfee’s Wi-Fi privacy protection (VPN) in effect turns the public network into a private one, where you can surf safely. Of course, its antivirus app regularly scans for threats and malware while actively blocking them in real time, keeping your mobile devices protected.
McAfee offers a variety of plans tailored to fit your needs and budget so your computer and other devices — including Android smartphones, Apple iPhones, and various tablets — are protected from malware and other online threats.
McAfee is a leader in consumer security, and our antivirus software is used on more than 6 million devices. It’s easy to install and use, provides 24/7 real-time threat protection, and comes with a Virus Pledge — a money-back guarantee that it’ll remove all viruses from your protected devices.
You can get antivirus software as part of McAfee’s Total Protection services. This includes all-in-one protection for your personal info and privacy, with identity restoration assistance and up to $1 million of identity theft coverage for data breaches. You also have access to identity monitoring, safe browsing, and a secure VPN.
With McAfee, you can turn apprehension about malware into the peace of mind that comes from proper protection.
The post How to Quickly Remove Malware in 2022 appeared first on McAfee Blog.
If your PC runs on Windows 10, you’re in very good company. The Microsoft operating system is the most widely used OS in the world. Many Windows 10 users have also been upgraded to Windows 11 through a rollout that began in 2021. Microsoft plans to complete the Windows update by mid-2022.
Unfortunately, its success as a widely used operating system makes Windows attractive to hackers. And if malicious software like malware can make a home in Windows, there are a lot of targets. So, this might raise the question of how best to protect your Windows 10 or 11 device.
Should you just use Windows Defender — Microsoft’s free version of antivirus software — or buy additional protection?
Read on to learn what Microsoft Defender covers and how additional virus protection can secure all of your connected devices.
For years, Microsoft has offered anti-malware protection, but the current version provides effective security against viruses. Windows Defender is a free antivirus tool that’s built into the Windows operating system.
While it’s considered one of the best free antivirus software programs, it doesn’t have any extra features that might come with paid security software. If you’re just looking for good antivirus software, though, Windows Defender can get the job done.
If you’re not using third-party antivirus protection, you’ll want to make sure that your Windows Defender antivirus coverage is working on your computer. Here’s how to check:
To make sure your Windows security is running, follow these steps:
With built-in coverage, you may wonder if you should invest in paid antivirus software. The answer is, of course, yes! It can be a good idea to get another antivirus solution because blocking malware and viruses should just be one part of your threat protection.
Today’s cybercriminals are using elaborate ruses to try to access your personal information, such as your bank and credit card numbers. And some of their scams might even target your devices with risky apps or links on social media.
As they always say, it’s better to be safe than sorry! Having another antivirus program can make sure you have real-time protection and access to the latest security features.
There are a lot of antivirus protection programs out there, but they aren’t all created equal. When looking for the best antivirus software for your needs, here are some things to consider for your devices running on Windows 10 or 11.
If you have a Windows PC, use an iPhone, and your tablet runs on Chrome, it helps to have an antivirus app that works across multiple operating systems. The good news is that McAfee Total Protection is compatible with Windows, Mac, iOS, and Android devices, so you can continue enjoying all of your different devices without losing protection.
For greater cybersecurity, antivirus software should defend against a variety of online threats like viruses, spyware, and ransomware. And that’s exactly what you get with McAfee Total Protection. Our antivirus software can also help you avoid phishing attacks, which are fake messages to trick you into providing information or clicking a malicious link. The software will give you a warning when it recognizes a risky link, website, or file.
Functionality is another thing you’ll want to consider when looking for antivirus software. If the program isn’t easy to use to begin with — especially if you want to easily manage multiple devices — what good will it do you?
But you don’t have to worry with McAfee Total Protection, which allows you to connect and manage all of your computers and mobile devices from one single dashboard.
To keep your devices free from online threats like malware, good antivirus software will scan your files for threats. McAfee Total Protection provides 24/7 protection with real-time, on-demand, and scheduled scanning of files and applications.
McAfee Total Protection was developed with an understanding of how cybercriminals operate. Scammers may use a variety of tactics to try to steal your personal information, so our all-in-one protection also includes:
Using Microsoft’s built-in antivirus software can protect your Windows devices from viruses and malware. But to really keep your network and all of your devices secure, it’s good to rely on comprehensive protection like McAfee Total Protection. With services like identity monitoring, safe browsing, and a secure VPN, you can enjoy the internet without worry.
The post Does Windows 10 or 11 Need Antivirus Software? appeared first on McAfee Blog.
The growing number of internet crimes targeting senior adults is mind-blowing.
In 2021, more than 92,000 people over the age of 60 reported losses of $1.7 billion, according to IC3, the FBI’s Internet Crime division. That number reflects a 74 percent increase in losses from 2020.
These numbers tell us a few things. They tell us that scamming the elderly is a multi-billion-dollar business for cybercriminals. It also tells us that regardless of how shoddy or obvious online scams may appear to anyone outside the senior community, they are working.
However, information is power. Senior adults can protect their hard-earned retirement funds and government benefits by staying informed, adopting new behaviors, and putting tools in place designed to stop scammers in their tracks. And, when possible, family, friends, and caregivers can help.
The FBI said confidence fraud and romance scams netted over $281 million in losses.
The top four types of scams targeting seniors: Romance scams (confidence scams), fake online shopping, false utility representatives, and government agent imposters. Here’s how to make a few shifts to mindset and your daily routine and steer clear of digital deception.
Just as the seasons change in our lives, so too must our behaviors when connecting to people and information via our devices. Cybercriminals target older people because they assume they aren’t as informed about schemes or technically savvy as younger people. Senior adults and their loved ones can work daily to change that narrative. With the right mindset, information, and tools, seniors can connect online with confidence and enjoy their golden years without worrying about digital deception.
The post Seniors: How to Keep Your Retirement Safe from Online Scams appeared first on McAfee Blog.
Whether you think you might have a virus on your computer or devices, or just want to keep them running smoothly, it’s easy to do a virus scan. How to check for viruses depends on the software and device you have, so we’ll go through everything you need to know to run a scan effectively and keep your computers, phones and tablets in tip-top shape.
First, let’s cover a few of the telltale signs your device might have a virus. Is your computer or device acting sluggish or having a hard time booting up? Have you noticed missing files or a lack of storage space? Have you noticed emails or messages sent from your account that you did not write? Perhaps you’ve noticed changes to your browser homepage or settings? Or maybe, you’re seeing unexpected pop-up windows, or experiencing crashes and other program errors. These are all examples of signs that you may have a virus, but don’t get too worried yet, because many of these issues can be resolved with a virus scan.
Each antivirus program works a little differently, but in general the software will look for known malware that meets a specific set of characteristics. It may also look for variants of these known threats that have a similar code base. Some antivirus software even checks for suspicious behavior. If the software comes across a dangerous program or piece of code, it removes it. In some cases, a dangerous program can be replaced with a clean one from the manufacturer.
The process of checking for viruses depends on the device type and its operating system. Check out these tips to help you scan your computers, phones and tablets.
If you use Windows 10, go into “Settings” and look for the “Updates & Security” tab. From there you can locate a “Scan Now” button.
Of course, many people have invested in more robust antivirus software that has a high accuracy rate and causes less drain on their system resources, such as McAfee Total Protection. To learn how to run a virus scan using your particular antivirus software, search the software’s help menu or look online for instructions.
Mac computers don’t have a built-in antivirus program, so you will have to download security software to do a virus scan. There are some free antivirus applications available online, but we recommend investing in trusted software that can protect you from a variety of threats. Downloading free software and free online virus scans can be risky, since cybercriminals know that this is a good way to spread malware.
Whichever program you choose, follow their step-by-step instructions on how to perform a virus scan, either by searching under “help” or looking it up on their website.
Yes, you can get a virus on your phone or tablet, although they are less common than on computers. However, the wider category of mobile malware is on the rise and your device can get infected if you download a risky app, click on an attachment in a text message, visit a dangerous webpage, or connect to another device that has malware on it.
Fortunately, you can protect your devices with mobile security software. It doesn’t usually come installed, so you will have to download an application and follow the instructions.
Because the Android platform is an open operating system, there are a number of antivirus products for Android devices, that allows you to do a virus scan.
Apple devices are a little different because they have a closed operating system that doesn’t allow third parties to see their code. Although Apple has taken other security precautions to reduce malware risks, such as only allowing the installation of apps from Apple’s official app store, these measures aren’t the same as an antivirus program.
For more robust protection on your Apple devices, you can install mobile security software to protect the private data you have stored on your phone or tablet, such as contacts, photos and messages.
If safeguarding all your computers and devices individually sounds overwhelming, you can opt for a comprehensive security product that protects computers, smartphones and tablets from a central control center, making virus prevention a breeze.
New online threats emerge every day, putting our personal information, money and devices at risk. In the first quarter of 2019 alone McAfee detected 504 new threats per minute, as cybercriminals employed new tactics. That’s why it is essential to stay ahead of these threats by using security software that is constantly monitoring and checking for new known threats, while safeguarding all of your sensitive information. Virus scans are an essential part of this process when it comes to identifying and removing dangerous code.
Most antivirus products are regularly scanning your computer or device in the background, so you will only need to start a manual scan if you notice something suspicious, like crashes or excessive pop-ups. You can also program regular scans on your schedule.
Of course, the best protection is to avoid getting infected in the first place. Here are a few smart tips to sidestep viruses and other malware:
The post How To Do A Virus Scan appeared first on McAfee Blog.
While biometric tools like facial ID and fingerprints have become more common when it comes to securing our data and devices, strong passwords still play an essential part in safeguarding our digital lives.
This can be frustrating at times, since many of us have more accounts and passwords than we can possibly remember. This can lead us to dangerous password practices, such as choosing short and familiar passwords, and repeating them across numerous accounts. But password safety doesn’t have to be so hard. Here are some essential tips for creating bulletproof passwords.
Every year surveys find that the most popular passwords are as simple as “1234567” and just “password.” This is great news for the cybercrooks, but really bad news for the safety of our personal and financial information.
When it comes to creating strong passwords, length and complexity matter because it makes them harder to guess, and harder to crack if the cybercriminal is using an algorithm to quickly process combinations. The alarming truth is that passwords that are just 7 characters long take less than a third of a second to crack using these “brute force attack” algorithms.
Tricks:
Passwords that include bits of personal information, such as your name, address, or pet’s name, make them easier to guess. This is especially true when we share a lot of personal information online. But you can use personal preferences that aren’t well known to create strong passphrases.
Tricks:
If you reuse passwords and someone guesses a password for one account, they can potentially use it to get into others. This practice has gotten even riskier over the last several years, due to the high number of corporate data breaches. With just one hack, cybercriminals can get their hands on thousands of passwords, which they can then use to try to access multiple accounts.
Tricks:
If just the thought of creating and managing complex passwords has you overwhelmed, outsource the work to a password manager! These are software programs that can create random and complex passwords for each of your accounts, and store them securely. This means you don’t have to remember your passwords – you can simply rely on the password manager to enter them when needed.
Tricks:
Now that you’ve made sure that your passwords are bulletproof, make sure you have comprehensive security software that can protect you from a wide variety of threats.
Tricks:
The post 5 Tips For Creating Bulletproof Passwords appeared first on McAfee Blog.
There’s a digital counterpart for nearly everything we do, which means more of our personal information is online. And although this tends to make our lives easier, it opens the door for information to land in the wrong hands. Identity theft happens when someone uses your personal identifiable information (PII) for their own monetary or personal gain. Sensitive data like credit card numbers and Social Security numbers can be incredibly valuable if it gets into the wrong hands.
The good news is that you can take steps to minimize the risk of identity theft. This article breaks down some of the most interesting fraud statistics and trends about identity theft in the United States and offers ways to protect your personal data from cybercriminals.
The number of identity theft cases reported to the Federal Trade Commission (FTC) has increased in the last five years. According to the FTC’s Consumer Sentinel Network (CSN) report, the number of reported cases more than doubled from 2019 to 2020.
One possible reason for this upward trend is the coronavirus pandemic. Congress passed legislation that included more than $5 trillion in various government benefits. This money was helpful to out-of-luck Americans, but it was also extremely attractive to scammers who used the opportunity to create fake identities and steal unemployment checks. In fact, the most common type of identity theft this past year was government documents and benefits fraud.
What else do the numbers say about the rise in identity theft? Let’s take a closer look:
These statistics only scratch the surface, though. Keep reading to learn more about the latest identity theft data and what you can do to protect your personal information.
Identity theft is a huge issue in the United States, and it doesn’t seem to be going away anytime soon. Fraud reports show that the number of identity thefts in the U.S. continues to grow and grow. The graph below shows the number of identity theft reports from the first quarter of 2017 to the first quarter of 2021.
The reported instances of identity theft have risen sharply from just over 100,000 in the first quarter of 2017 to well over 500,000 in the first quarter of 2021. 2020 had the sharpest increase in reports, as cybercriminals did their best to capitalize on the pandemic to take people’s government benefits.
Not every state is affected by ID theft equally. Where you live can have a big impact on your likelihood of experiencing identity theft. The graph below shows the amount of identity theft cases reported to the FTC per 100,000 residents for each state in the U.S.
With a closer look, the five states with the most identity theft reports include Georgia, Louisiana, Illinois, Kansas, and Rhode Island, which takes the top spot. The number of reports in Rhode Island more than doubled in 2021, from 1,191 in 2020 to 2,857.
At the other end of the spectrum, South Dakota remained the state with the lowest occurrence of identity theft, with only 76 residents per 100,000 experiencing it.
Here’s a list of the 20 metro cities where you have the highest chance of having your identity stolen.
Anyone can become the victim of identity theft, in large part because so much of our information is online. However, certain age groups are more likely to experience different types of scams.
For example, baby boomers are more likely than Generation Z to benefit from government programs. This makes them more susceptible to scams like benefits fraud (where a criminal poses as someone else to steal government benefits).
On the other hand, younger generations like millennials have grown up with the internet, and activities like shopping online are more frequent. This makes them more susceptible to identity theft through credit card fraud.
Here’s a breakdown of the most common identity theft types from various generations:
There are several different types of identity theft, ranging from stolen financial information to compromised health care data. Some forms are pretty straightforward. For instance, credit card fraud occurs when somebody steals your credit card number and uses it to buy things. Others, like medical identity theft, might be a bit harder to recognize.
Here’s a list of five of the most common types of identity theft:
Although these are five of the most common types of identity theft, they can serve as umbrella terms for more specific forms of fraud. The diagram below shows the number of reported fraud cases of these various types of identity theft In 2021.
While the internet has made our day-to-day lives more convenient, it’s also made it much easier for scammers to steal our personal information. Identity theft has become increasingly more common in the United States over the past five years.
The more you use the internet, the more opportunities scammers have to steal your data and sell it on places like the dark web. Social media platforms, e-commerce businesses, banking companies, and a host of other online businesses can store your information for a variety of reasons.
If you use the internet for online shopping, for instance, there’s a good chance a large number of databases stored your personal and financial data. While businesses use your information to give you a better online experience, scammers can also access it to steal your identity.
The graph below shows the growth of different types of identity theft from 2017 to 2021.
Criminals use many tricks to get your information. Scammers or hackers might send phishing emails pretending to be the IRS, snoop around social media pages for password clues, get info through a data breach, or simply buy information on the dark web.
Here are a few things you can do if you believe you are the victim of identity theft:
The internet makes our lives easier in many ways. Although identity theft is rising, you shouldn’t let online scams prevent you from enjoying these digital conveniences. Identity thieves are an unavoidable part of using the internet, but you can greatly limit your risk of falling victim to cybercrime if you know what to watch out for and you’re smart online.
Recognizing the signs of identity theft can help you stay ahead of fraudsters, and investing in McAfee Identity Protection services can offer another layer of protection. When you sign up for our identity protection services, you get perks like $1 million in identity theft protection insurance and email address and bank account monitoring. With our help, you can continue to use the internet with confidence.
The post A Guide to Identity Theft Statistics for 2022 appeared first on McAfee Blog.
Passwords: we entrust our most important data to these strings of letters, numbers, and special characters. So, we should make sure our passwords are words or phrases that we can easily remember, right? While this might be the most convenient option, there are more secure ways to digitally lock up your most sensitive personally identifiable information (PII). In celebration of World Password Day, we’re diving into how you can practice top-notch password security without compromising convenience.1
Over the years, the password has remained a good first line of defense against cyberattacks. However, most of us tend to choose passwords based on memorable things from our lives, like family names or our pets’ birthdays. As it turns out, these details are easy for hackers to find on social media sites like Facebook or LinkedIn. It’s also human nature to opt for convenience, and for many people that means setting easy-to-remember and easy-to-guess passwords. Plus, out of convenience, people often reuse passwords across multiple accounts and services. The downside is that if one account becomes compromised, all accounts become compromised.
As an alternative to single-word passwords, many security experts advocate for passphrases over passwords. Passphrases are longer strings of words and characters that are easier for you to remember and harder for nefarious software and cybercriminals to guess than random strings of upper and lowercase letters, numbers and symbols. But, according to a study, the average American internet user was projected to have 300 online accounts by 2022.2 Can you imagine memorizing 300 different passphrases? We can all agree that sounds pretty unrealistic, so users tend to look for other solutions.
If the answer is yes, you may want to reconsider, as there are several risks associated with this practice. Although it’s convenient to have your browser save your passwords, they tend to do a lousy job of safeguarding your passwords, credit card numbers and personal details, such as your name and address.
Let’s take Google Chrome, for example. Unlike most dedicated password managers, Chrome doesn’t use a primary password to encrypt all your credentials. (Note that some browsers do use one, and are therefore more secure, though you’ll still need to trust your browser provider.) This makes your Chrome-stored passwords relatively weak to “local” attacks. For example, if someone gets hold of—or guesses—your Windows password, they can then see all the logins stored in your browser’s password manager.
Another consideration to note is that the security of all your accounts is tied to your browser account’s security. Let’s say you use the sync option to make your credentials available on all your devices. This means that logins are stored in the cloud and, though encrypted, if someone manages to hack into your browser account, they will gain access to all your logins.
What can you do to help ensure your online profiles are kept safe without spending hours managing a complex list of passwords? Here are some easy ways to lock down your digital life without sacrificing convenience:
A password manager is a software application that stores your passwords and other sensitive information. You can install it on computers or mobile devices and store all passwords in an encrypted file (or database). The best option is to use a password manager like McAfee True Key to store and create strong, random passwords for each site you visit. You’ll have one primary password that grants access to the rest of them—ideally, a long and random passphrase that you can remember. Once everything is set up, it should be seamless. As you log in to new sites, the password manager will offer to save your credentials for later use.
One of the best ways to protect your accounts against unauthorized access is to turn on two-factor authentication for every site that offers it. Using two-factor authentication means a site will prompt you for a unique security code, in addition to your password, whenever you log in to an account for which you have enabled this feature.
Two-factor authentication adds an extra layer of security by requiring another form of identification after you enter your username and password. Some services send a temporary passcode over a text message. Others require the user to approve login attempts from new devices using an app. If someone steals your device or gains access to your account details, they’re out of luck unless they also have access to this second piece of information. Two-factor authentication is available on a wide range of websites and can help keep your accounts safe from would-be hackers, so you should always use it when available.
A VPN, or virtual private network, encrypts your data and masks your online behavior from snooping third parties. When you go to a website, your computer connects to the server where the site is hosted, and that website can see a certain amount of data about you and your computer. With a VPN, you connect to a private server first, which scrambles your data and makes it more difficult for digital eavesdroppers to track what you’re doing online.
VPNs can provide users with greater peace of mind when on the go. Say you’re traveling on a business trip and need to connect to the Wi-Fi network provided by your hotel. Shifty characters often lurk on unprotected, free networks (such as those provided by hotels, coffee shops, airports, etc.) to lift PII from people handling sensitive emails, making banking transactions, or shopping online. encrypts your online activity with bank-grade encryption to protect your data from prying eyes. With a premium paid plan, you can protect up to five devices at once and enjoy unlimited data protection.
With your growing number of accounts all requiring passwords—emails, social media profiles, online banking—it’s no wonder that people tend to reuse passwords across multiple sites. This may be convenient, but it creates significant security risks if a suspicious actor manages to obtain one of your passwords and attempts to use it elsewhere. That’s why having strong passwords matters.
Do yourself a favor and opt for a dedicated password manager that will auto-save and store your credentials for you, so you only have one password to remember. Who says security and simplicity can’t coexist?
The post This World Password Day, Here’s How a Password Manager Can Simplify Your Life appeared first on McAfee Blog.
So is your smart speaker really listening in on your conversations?
That’s the crux of a popular privacy topic. Namely, are we giving up some of our privacy in exchange for the convenience of a smart speaker that does our bidding with the sound of our voice? After all, you’re using it to do everything from search for music, order online, and control the lights and temperature in your home.
What is your smart speaker really hearing—and recording?
Let’s take a look at what’s going on inside of your smart speaker, how it processes your requests, and what companies do with the recordings and transcripts of your voice.
More or less, smart speakers are listening to all the time. Each smart speaker has its own “wake word” that it listens for, like Alexa, Siri, or Google. When the device hears that wake word or thinks it hears it, it begins recording and awaits your verbal commands. Unless you have the microphone or listening feature turned off, your device indeed actively listens for that wake word all the time.
Here’s where things get interesting, though. There’s a difference between “listening” and “recording.” The act of listening is passive. Your smart speaker is waiting to hear its name. That’s it. Once it does hear its name, it begins recording for a few seconds to record your command. From there, your spoken command goes into the company’s cloud for processing by way of an encrypted connection.
There are exceptions to when your command may go to the company’s cloud for processing, like Siri on iPhones, which according to Apple, “You don’t sign in with your Apple ID to use Siri, and the audio of your requests is processed entirely on your iPhone.” Also, Google Assistant may process some requests without going to the cloud, like “When a user triggers a smart home Action that has a local fulfillment path, Assistant sends the EXECUTE intent or QUERY intent to the Google Home or Google Nest device rather than the cloud fulfillment.”
In the cases where information does go to the cloud, processing entails a few things. First, it makes sure that the wake word was heard. If it’s determined that the wake word was indeed spoken (or something close enough to it—more on that in a minute), the speaker follows through on the request or command. Depending on your settings, that activity may get stored in your account history, whether as a voice recording, transcript, or both. If the wake word was not detected, processing ends at that point.
Enter the issue of mistaken wake words. While language models and processing technologies used by smart speakers are constantly evolving, there are occasions where a smart speaker acts as if a wake word was heard when it simply wasn’t said. Several studies on the topic have been published in recent years. In the case of research from Northeastern University, it was found that dialogue from popular television shows could be interpreted as wake words that trigger recording. For example, their findings cite:
“We then looked at other shows with a similarly high dialogue density (such as Gilmore Girls and The Office) and found that they also have a high number of activations, which suggests that the number of activations is at least in part related to the density of dialogue. However, we have also noticed that if we consider just the amount of dialogue (in a number of words), Narcos is the one that triggers the most activations, even if it has the lowest dialogue density.”
Of interest is not just the volume of dialogue, but the pronunciation of the dialogue:
“We investigated the actual dialogue that produced Narcos‘ activations and we have seen that it was mostly Spanish dialogue and poorly pronounced English dialogue. This suggests that, in general, words that are not pronounced clearly may lead to more unwanted activations.”
Research such as this suggests that smart speakers at the time had room for improvement when it comes to properly detect wake words, thus leading to parts of conversation being recorded without the owner intending it. If you own a smart speaker, I wouldn’t be too surprised to hear that you’ve had some issues like that from time to time yourself.
As mentioned above, the makers of smart speakers make constant improvements to their devices and services, which may include the review of commands from users to make sure they are interpreted correctly. There are typically two types of review—machine and human. As the names suggest, a machine review is a digital analysis and human reviews entail someone listening to and evaluating a recorded command or reading and evaluating a transcript of a written command.
However, several manufacturers let you exercise some control over that. In fact, you’ll find that they post a fair share of articles about this collection and review process, along with your choices for opting in or out as you wish:
The quickest way to ensure a more private experience with your smart speaker is to disable listening—or turn it off entirely. Depending on the device, you may be able to do this with the push of a button, a voice command, or some combination of the two. This will keep the device from listening for its wake word. Likewise, this makes your smart speaker unresponsive to voice commands until you enable them again. This approach works well if you decide there are certain stretches of the day where your smart speaker doesn’t need to be on call.
Yet let’s face it, the whole idea of a smart speaker is to have it on and ready to take your requests. For those stretches where you leave it on, there’s another step you can take to shore up your privacy.
In addition to making sure you’re opted out of the review process mentioned above, you can also delete your recordings associated with your voice commands.
Managing your voice history like this gives you yet one more way you can take control of your privacy. In many ways, it’s like deleting your search history from your browser. And when you consider just how much activity and how many queries your smart speaker may see over the course of days, weeks, and months, you can imagine just how much information that captures about you and your family. Some of it is undoubtedly personal. Deleting that history can help protect your privacy in the event that information ever gets breached or somehow ends up in the hands of a bad actor.
Lastly, above and beyond these privacy tips for your smart speakers, comprehensive online protection will help you look out for your privacy overall. In the case of ours, we provide a full range of privacy and device protection, along with identity theft protection that includes $1M identity theft coverage, identity monitoring, and identity restoration assistance from recovery pros—and antivirus too, of course. Together, they can make your time spent online far more secure.
You’re the smart one in this relationship
With privacy becoming an increasingly hot topic (rightfully so!), several companies have been taking steps to make the process of managing yours easier and a more prevalent part of their digital experience. As you can see, there are several ways you can take charge of how your smart speaker uses, and doesn’t use, your voice.
It used to be that many of these settings were tucked away deep in menus, rather than something companies would tout on web pages dedicated to privacy. So as far as smart speakers go, the information is out there, and I hope this article helps make the experience with yours more private and secure.
The post Smarter Homes & Gardens: Smart Speaker Privacy appeared first on McAfee Blog.
As an avid internet surfer, you’ve most likely heard of cookies. No, we’re not talking about the ones filled with chocolate chips. We’re talking about the ones that allow you to log in to your favorite websites. Cookies may impact your online security, so check out these tips to manage them and keep your online accounts safe.
Ever wonder how a website saves the items you placed in your shopping cart last week, even though you closed the tab before making the purchase? This is made possible by cookies. According to the Federal Trade Commission, a cookie is information saved by your web browser. When you visit a website, the site may place a cookie on your web browser so it can recognize your device in the future. If you return to that site later, it can read that cookie to remember you from your last visit, keeping track of your activities over time.1
Cookies come in either the first-party or third-party variety. There’s no difference between the two in how they function, but rather in where and how you encountered them. First-party cookies belong to sites you visited first-hand in your browser. Third-party cookies, or “tracking cookies,” generally come from third-party advertising websites.
Although cookies generally function the same, there are technically two different types of cookies. Magic cookies refer to packets of information that are sent and received without changes. Historically, this would be used to log in to a computer database system, such as an internal business network. This concept predates the modern cookie we use today.
HTTP cookies are a repurposed version of the magic cookie built for internet browsing and managing online experiences. HTTP cookies help web developers give you more personalized, convenient website experiences. They allow sites to remember you, your website logins, and shopping carts so you can pick back up where you left off from your last visit. However, cybercriminals can manipulate HTTP cookies to spy on your online activity and steal your personal information.
Cookie hijacking (also known as session hijacking) is typically initiated when a cybercriminal sends you a fake login page. If you click the fake link, the thief can steal the cookie and capture anything you type while on the fraudulent website. Like a phishing attack, cookie hijacking allows a cybercriminal to steal personal information like usernames, passwords, and other important data held within the cookie. If you enter your information while on the fake website, the criminal can then put that cookie in their browser and impersonate you online. They may even change your credentials, locking you out of your account.
Sometimes, criminals initiate cookie hijacking attacks without a fake link. If you’re browsing on an unsecured, public Wi-Fi connection, hackers can easily steal your data that’s traveling through the connection. This can happen even if the site is secure and your username and password are encrypted.
Because the data in cookies doesn’t change, cookies themselves aren’t harmful. They can’t infect computers with viruses or malware. But if your cookies are hijacked as part of a cyberattack, a criminal could gain access to your browsing history and use cookies as the key to enter your locked accounts. For example, a hacker may steal your identity or confidential company information, purchase items in your online shopping carts, or loot your bank account.
Preventing cookie hijacking attacks can allow you to browse the internet with greater peace of mind. Follow these tips to not only safeguard your personal information but to also enhance your browsing experience:
Make it a habit to clear your cookie cache regularly to prevent cookie overload, which could slow your search speeds. Also, almost every browser has the option to enable/disable cookies on your computer. So if you don’t want them at all, your browser’s support section can walk you through how to disable them.
Although it’s convenient to not have to re-type your credentials into a website you frequently visit, autofill features could make it easier for a criminal to extract your data with cookie hijacking. Plus, autofill is risky if your physical device falls into the wrong hands. To browse more securely without having to constantly reenter your passwords, use a password manager like McAfee True Key. True Key makes it so you only have to remember one master password, and it encrypts the rest in a vault protected by one of the most secure encryption algorithms available.
Strong, unique passwords for each of your accounts, updated regularly, offer ample protection against hackers. Multi-factor authentication (MFA) adds yet another layer of security by double-checking your identity beyond your username and password, usually with a texted or emailed code. When your accounts offer MFA, always opt in.
Criminals can hijack your cookies if you’re browsing on an unsecured, public Wi-Fi connection. To prevent a criminal from swiping your data, use a virtual private network (VPN), a service that protects your data and privacy online. A VPN creates an encrypted tunnel that makes you anonymous by masking your IP address while connecting to public Wi-Fi hotspots. This is a great way to shield your information from online spies while you’re banking, shopping, or handling any kind of sensitive information online.
McAfee LiveSafe is an antivirus solution that protects your computer and mobile devices from suspicious web cookies by:
The post What Are Browser Cookies and How Do I Manage Them? appeared first on McAfee Blog.
Outfitting your smart home could get a whole lot easier this year.
A new industry standard called Matter aims to remove a big barrier in smart home technology, one that makes different smart home devices compatible with any smart home platform—something that wasn’t possible until now.
For years, different smart home devices have run on several different competing platforms, such as Amazon Alexa, Apple HomeKit, Google Assistant, or Samsung SmartThings. And put plainly, those different platforms didn’t work with each other. And that was unfortunate. After all, the vision for the smart home was to run everything from lights, appliances, doorbell cameras, and all kinds of connected things in your home from a central set of controls, regardless of device manufacturer or platform.
But that hasn’t been the case, and this lack of compatibility created some headaches for homeowners. They’ve had to choose between one smart home platform over another and then only use smart devices built for that platform. For example, if you’re running a bunch of devices on Apple HomeKit and find a great deal on a new Samsung smart refrigerator with Alexa built-in, you’re pretty much out of luck if you want those devices to all work together as one in your smart home. The result is that consumers have had to check the fine print to see what’s compatible with what when shopping for smart devices. Again, a real headache.
Matter aims to take care of that. It’s hailed as a unifying technology that will make all those devices work together. Right now, the first wave of Matter-enabled devices is on track for a mid-year launch, which means we may finally see that vision of a smart home come true—a place where all your connected stuff works together with just the sound of your voice or a tap on your phone.
With that, let’s take a closer look at the new Matter protocol and what it offers, along with a look at security and privacy for smart home devices in general.
Without getting too technical about it, Matter is designed to create a more energy-efficient, secure, and reliable network for your smart home devices. Additionally, it’s designed to run independently of your internet connection, so if your internet goes out, you can still control your smart devices locally—from the app or device of your choice.
The tech industry looks like they’re very much on board. Matter is led by the Connectivity Standards Alliance, a body of more than 200 technology companies working together to create this new standard. And if you’re wondering Amazon, Apple, Google, and Samsung are among the many members of this alliance. If the launch goes as planned, you can expect to see Matter-enabled devices and the Matter logo on several new products by the middle of the year.
Additionally, several companies have announced that they will provide an upgrade path for existing products so that their existing customers don’t have to scrap their current smart home devices to take advantage of Matter.
In all, the idea is exciting. What remains to be seen is how security and privacy matters are handled, not only by the network but by the devices on it.
As far as security goes, Matter uses a combination of encryption and blockchain technology to secure transmitted data and ensure that only the devices you trust can use the network. Considering that you may be heating your home, warming up your oven, or even locking your front door, security features like these only make sense.
Yet looking beyond Matter and thinking about connected homes more broadly, there are a few question marks when it comes to privacy.
Imagine for a moment what a highly connected home might look like—and all the data those connections will generate. That data will show what time of day your front door tends to unlock and lock when family members go to and from work, school, or what have you. It’ll also show when you tend to turn on your lights, cook your dinner, or turn on the house alarm for the night.
Over time, all this data can piece together a picture of your comings and goings during a typical week. Shy of a bad actor physically casing out your home over several days, data like this simply hasn’t existed until the age of the connected home. If that data goes unprotected or if the devices creating it don’t give you some control over it, the privacy risks will run high.
Moreover, data privacy policies come into play here as well. As consumers like us are very much aware these days, not every company treats your data the same way. Some companies have different policies around what data they may collect and then what they do with that data—like cloud sites for other smart devices, government agencies, insurance companies, law enforcement, data aggregators, data banks, social media sites, and others according to findings published by some industry groups. In a smart home that’s kitted out with devices from five, seven, or even more different manufacturers, that are multiple privacy policies in play—each of which may view and treat your private data in their own way. That’s potentially volumes of your data circulating out there, potentially in ways you aren’t aware of or that give you any control over its use.
Of course, the issue of data privacy is nothing new and certainly not specific to smart devices. Already, the dozens of different apps and services we use as we go about our day have their own data privacy policies as well. Devices in a smart home only add to that mix, which is worth considering in our already highly connected lives.
As I write this, Matter has yet to be released. Yet if you already have some smart devices in your home, you may be wondering how to make your connected home safer. Let’s take a look at a few of the things you can do to protect your smart devices and the home network they’re running on.
Many smart home devices use a smartphone as a sort of remote control, not to mention as a place for gathering, storing, and sharing data. So whether you’re an Android owner or iOS owner, protect your smartphone so you can protect the things it accesses and controls—and the data stored on it too.
Early on when the first sets of smart home devices rolled out, some found themselves open to attack because they come with a default username and password, which hackers often publish on the internet as part of massive listings. (Baby monitors are a classic example.) And it remains an issue today. When you purchase any IoT device, set a fresh password using a strong method of password creation. Likewise, create an entirely new username for additional protection as well.
Another device that needs good password protection is your internet router. Make sure you use a strong and unique password there as well to help prevent hackers from breaking into your home network. (A password manager as part of comprehensive online protection can help.) Also, consider changing the same of your home network so that it doesn’t personally identify you. (I’ve seen some fun alternatives to using your name or address, everything from movie lines like “May the Wi-Fi be with you” to old sitcom references like “Central Perk.”) Also check that your router is using an encryption method, like WPA2, which will keep your signal secure. If you haven’t done this sort of thing before, check the documentation that came with your router or with the internet provider if you rent or purchased it from them.
Online banks, shops, and other services commonly offer multi-factor authentication to help protect your accounts—with the typical combination of your username, password, and a security code sent to another device you own (often a mobile phone). If your IoT device supports multi-factor authentication, consider using it there too. It throws a big barrier in the way hackers simply try and force their way in with a password/username combination, which will make your device tougher to crack.
In addition to fixing the odd bug or adding the occasional new feature, app and device updates often address security gaps. Out-of-date apps and devices may have flaws that hackers can exploit, so regular updating is a must from a security standpoint. If you can set your smart home apps and devices to receive automatic updates, even better.
Smart homes show plenty of promise. Seeing a new and broadly adopted industry standard like Matter on the horizon may make them even more promising. Ideally, Matter will make it easier for people to bring more smart devices in their homes, and in a way that’s reliable and secure. Moreover, there are steps you can take now to help keep your smart home devices, and smart home in general, more secure as well.
Yet when it comes to thinking about a home full of smart devices, questions around privacy remain. Smart home devices offered by different manufacturers will have different privacy policies and thus use people’s data in different ways, which puts consumers like us in a position to understand the terms, conditions, and implications of each one. Yet with data privacy being such a hot topic for consumers, the industry, and regulators already, it remains to be seen what consumer-friendly standards are set for data collection in the years to come—both in and out of the smart home.
The post Smarter Homes & Gardens: Protecting the Smart Devices in Your Home appeared first on McAfee Blog.
We’re excited to announce the release of McAfee’s Personal Data Cleanup, a new feature that finds and removes your personal info from data brokers and people search sites. Now, you can feel more confident by removing personal info from data broker sites and keeping it from being collected, sold, and used to: advertise products to you, fill your email box with spam, and can even give criminals the info they need to steal your identity. Let’s look at why we’re offering McAfee Personal Data Cleanup, how it protects your privacy, and why it’s a great addition to the online protection we already offer.
There’s so much to enjoy when you live a connected life – free email, online stores that remember what you like, social media that connects you to friends and influencers. It’s a world of convenience, opportunity, and incredible content. It’s also a world where your data is constantly collected.
That’s right, companies are collecting your personal data. They’re called data brokers and they make money by selling information that specifically identifies you, like an email address. They sell this information to marketers looking to target you with ads. Criminals can also use it to build profiles in service of stealing your identity and accessing your accounts. This activity takes place behind the scenes and often without consumers’ knowledge. There are also data brokers known as people search sites that compile and sell info like home addresses, emails, phones, court records, employment info, and more. These websites give identity thieves, hackers, stalkers, and other malicious actors easy access to your info. Regardless of how your data is being used, it’s clear that these days a more connected life often comes at the cost of your privacy.
In a recent survey of McAfee customers, we found that 59% have become more protective of their personal data over the past six months. And it’s no wonder. Over the past two years, trends like telehealth, remote working, and increased usage of online shopping and financial services have meant that more of your time is being spent online. Unsurprisingly, more personal data is being made available in the process. This leads us to the most alarming finding of our survey – 95% of consumers whose personal information ends up on data broker sites had it collected without their consent.
We created Personal Data Cleanup to make it easy for you to take back your privacy online. McAfee’s Personal Data Cleanup regularly scans the riskiest data broker sites for info like your home address, date of birth, and names of relatives. After showing where we found your data, you can either remove it yourself or we will work on your behalf to remove it. Here’s how it works:
Ready to take back your personal info online? Personal Data Cleanup is available immediately with most of our online protection plans. If you have an eligible subscription, you can start using this new feature through McAfee Protection Center, or you can get McAfee online protection here.
The post Introducing Personal Data Cleanup appeared first on McAfee Blog.
No one likes the feeling that someone is looking over their shoulder when they work, shop or surf online. But this is just what crooks and scammers do without our knowledge using “spyware.”
Spyware is a piece of software that can covertly gather information on you. It can track the websites you visit and even record what you type on your keyboard, including passwords and credit card numbers.
So, now the bad guys don’t have to steal your wallet to get access to your personal and financial information. All they need to do is trick you into installing spyware on your computer or device. Or they could install it themselves on public or shared computers using a USB drive, or similar device.
One of the more common forms of spyware found on shared computers is called a “keylogger.” It can record everything you type and send it back to the cybercrook. That’s why you should avoid using shared computers in hotels or public libraries, since they can be easily compromised.
Most spyware masquerades as legitimate software, such as free games or mobile apps. In fact, researchers believe that over three years, 1 million Google Play users downloaded a single piece of spyware alone. It appeared to be an official “System Update” application, but actually monitored the users’ location information and text messages without their knowledge.
Spyware can also easily spread online in the form of dangerous links in emails, and on social media or torrent sites, which offer free access to online content. That’s why you need to be careful where you click.
Another common form of spyware is called “adware.” Adware is used to display advertisements on your computer, or redirect your search inquiries to an advertiser’s website. Although this isn’t as harmful as spyware designed to steal your information, it is still invasive and annoying.
Since spyware is so prevalent and potentially harmful, putting both your private information and privacy at risk, it’s important that you take steps to protect yourself.
The post What is Spyware? appeared first on McAfee Blog.
You may hear corporate cybersecurity experts hail the benefits of a VPN, or a virtual private network, to keep company information safe from ransomware attacks and cybercriminals seeking to steal valuable business secrets. It’s unlikely that everyday people, such as yourself, will be targeted by a ransomware scheme, so you may be puzzled about how a VPN can help someone like you be safer online. Luckily, with a VPN being very easy to install and use, you can indeed experience these three everyday benefits to keep your browsing activities safe from eavesdroppers seeking to profit from your online comings and goings.
The most widely known benefit of a VPN for daily use is to safeguard your device when it’s connected to a public Wi-Fi network. Coffee shops, libraries, hotels, transportation hubs, and other public places often provide courtesy internet service to visitors. Shifty characters often lurk on unprotected networks to lift personally identifiable information (PII) from people handling sensitive emails, making banking transactions, or shopping online. Public Wi-Fi eavesdroppers can lift credit card numbers, addresses, birthdays, and Social Insurance Numbers.
When you connect to public Wi-Fi that doesn’t have a lock icon, that’s a sign that you should toggle on your VPN. Also, even if you’re required to enter a password, be wary of any network you share with strangers.
A VPN can also hide your location data. How does this help you protect your browsing history? First, when you scramble your location, you’re likely to confuse ad networks trying to send you targeted ads. This will free your social media feeds and search engines from targeted ads that often are so accurate they seem like an invasion of privacy.
Second, hiding your location can protect you from cybercriminals looking to mine PII. VPNs make it impossible for criminals to discover your IP address. (The internet protocol address is what ties your device to a specific local network.) When they’re visible, criminals can trace IP addresses to reveal home addresses, full names, and phone numbers: all of which are key pieces of PII that, in the wrong hands, can jeopardize your identity.
While Canada and the European Union don’t allow ISPs (internet service providers) to even collect the browsing data of their customers, keep in mind that in some countries, like the U.S., ISPs can collect, store, share, and/or sell customer data. While advertisers are often the buyers of customer data, in the case of a breach, the more places your PII lives, the more likely it may be involved in a security incident. The goal is to limit the extent and number of places where your browsing history is stored.
VPNs can scramble your online movements to the point where not even ISPs can track it. Plus, when you log out, your device doesn’t keep a record of what you did while connected to the VPN. Incognito mode on your internet browser hides your IP address, but the websites you visit still collect cookies and store data about your online whereabouts, meaning that it’s not truly private browsing.
McAfee Safe Connect VPN encrypts your online activity to protect your data from prying eyes. With a premium paid plan, you can protect up to five devices at once with bank-grade Wi-Fi encryption. Feel more confident whenever you hop on the internet across all your connected devices with just one quick and easy step.
The post Why Everyone Needs a VPN appeared first on McAfee Blog.
Quick mental math challenge: How many Apple Watches can you buy with $118 billion dollars? If you guessed around 296 million watches congrats, you’re smarter than the writer of this blog! We had to use a calculator. The point is that’s the predicted size of the US wearable market by 2028 according to a recent report. That means for as much wearable tech as we have in our lives already, even more, is on the way.
If you own a piece of wearable tech it’s easy to understand why it’s so popular. After all, it can track our fitness, provide contextual help in daily life, and, in the case of hearing aids, even do cool things like sync with Bluetooth. As VR and AR gains a foothold who knows what other incredible tech might be headed our way by 2028? However wearable tech also comes with certain risks. The most prominent: cybercriminals potentially gaining access to your data.
The weakest link in the wearables space is your mobile phone, not the actual wearable device itself. That’s because wearables tend to link to your mobile device over a short-range wireless spectrum known as “Bluetooth.” This spectrum is used to send and receive data between your wearable device and your mobile. That makes your mobile a prime target for hackers.
Most commonly, hackers gain access to the data on your mobile through malware-laden apps. These apps are oftentimes designed to look like popular apps, but with enough differences that they don’t flag copyright suspicion.
Hackers can use these malicious apps to do a variety of things from making phone calls without your permission, sending and receiving texts, and extracting personal information—all potentially without your knowledge. They can also, with the help of your wearable, track your location through GPS and record any health issues you’ve entered into your wearable. The point is: once they have permissions to your mobile device, they have a lot of control and a lot of resources.
The hacker can then use this data to conduct varying forms of fraud. Need a special prescription from your doctor that happens to sell well on the black market? Well, so does the hacker. Going out for a jog in the morning? Good information for a burglar to know. These personal details just scratch the surface of information available for the taking on your mobile devices.
These types of threats aren’t limited to wearables, however. The Internet of Things—the phenomenon of devices connected to the Internet for analysis and optimization—encompasses all sorts of other electronic devices such as washing machines and refrigerators that can put your data at risk as well. But these life-changing devices can be secured through education and industry standards. Two things we’re working on day and night.
Of course, securing the weakest link in your wearables environment, your phone will go a long way towards keeping your data safe. But what happens when your computer, where you store backups of your smartphone, is compromised too? We’ve got you covered with McAfee LiveSafe service, our comprehensive security solution that provides protection for your entire online life.
The post The Wearable Future Is Hackable. Here’s What You Need To Know appeared first on McAfee Blog.
Have you ever been online and replied to a comment or post? Maybe it was on Reddit or on an influencer’s Instagram. Did other people reply to you, and were any of them unexpectedly hostile? When you’re online, a little hostility is sadly par for the course, but most people brush it off and move on to enjoy other aspects of life online. But what would you do if that unpleasant interaction went much farther than was reasonable? What if one day you discovered the most important parts of your identity had been maliciously and intentionally revealed online? Let’s talk about doxxing – what it is and how you can avoid becoming a victim of this kind of harassment.
Doxxing, derived from the hacker term “dropping docs”, is internet slang for revealing someone’s identity online for the purposes of harassing them. It usually goes way beyond simply revealing someone’s email address or name and may involve personal information like a home address or workplace, SSN, financial information, phone number, pictures, texts, IP address, and other important details. The tricky thing about doxxing is that aspects of it may not be a crime, depending on what you’ve made publicly available online. However, the context in which doxxing occurs is crucial. Often it’s the first step taken to incite more severe harassment. For instance, the doxxer may not plan on taking action against their target but instead hope that someone else does. When put up against a recent Pew Research report showing that 41% of U.S. web users experience harassment in some form, it’s clear that Doxxing is a dangerous trend online.
Doxxing is a problem that’s grown in scope simply because there’s so much more data about us being kept online. Third-party services, called data brokers, capture our account info, the sites we visit, how long we spent on them, and other kinds of metadata to create profiles they then resell to advertisers. If someone gets access to these troves of data, they can reveal extremely damaging information about an individual, or data that allows a person to be damaged. For instance, with a phone number and a current address, some criminals were able to call in SWAT teams on innocent individuals. Political dissidents are often doxxed by the governments their protesting against. And on a lighter note, the adult website Ashley Madison, which promotes extramarital affairs, had their members’ data leaked online, to the embarrassment of a few public figures.
The response should be very similar to the one you’d take if your wallet was stolen. Move fast, stem the loss, and begin remediation as soon as possible. Here are some broad steps that can be taken.
Of course, not being doxxed in the first place is the ultimate goal of a proactive online protection plan. Here’s what we recommend:
Identity theft protection services help protect your data, monitor your online accounts like emails, SSNs, and more. In addition to online monitoring, they should also offer insurance and even theft remediation if the worst should occur.
Before you tag your location, friends, or workplace in a photo think about who has access to this information. What’s gained or lost by sharing all that info? Also, security questions for your accounts should not use the name of your pet or your first-born child if you have posted those on Facebook.
Public Wi-Fi networks at coffee shops and airports may not be secure against hackers and snooping. That’s why we recommend using a VPN whenever you’re connected online. This powerful tool hides your activity and location whenever you’re online on an unsecured network.
Googling yourself is a great way to see if anyone is using your online identity in bad ways.
Social networks allow you to control who can see your data. Usually, with a few clicks, you can restrict what you show online to a great degree. For instance, makes your payments viewable to other users as a default, but can easily be changed to hide them from the public.
Using long, complex, unique passwords for every account is convenient and maybe the best way to prevent your information from being stolen. Yes, we said convenient because with a password manager you only need to remember one key to create and manage much longer ones for all your most important accounts.
The reality is that the more we live online, the more our identities will too. This does not mean we need to live a restricted life online. In fact, using comprehensive online protection, which features most of the tools above, we can remain free to enjoy life on our terms. Doxxing is something to be aware of, but with great protection, it’s far from anything we need to be worried about as we make the most of our lives online.
The post Doxxing, The Internet, and How You Can Lock Down Your Data appeared first on McAfee Blog.
There’s millions of dollars to be made in social media. For scammers.
New data from the U.S. Federal Trade Commission (FTC) suggests that Americans lost nearly three-quarters of a billion dollars to social media fraud in 2021, signaling that social media may be the most profitable method of scamming victims—marking an 18-fold increase over 2017.
And that’s just cases of reported fraud.
Of the roughly 95,000 cases tallied in 2021, the actual number of reports and losses are arguably much higher because fraud victims infrequently report these crimes to the FTC or other agencies. Likewise, few take advantage of the FTC’s resources for recovering from fraud. Instead, they’ll share the sad news with family or friends if anyone at all.
Despite the rise of these online crimes, there are several things you can do to increase your awareness of social media fraud—what it looks like and how it’s pulled off—along with other ways you can prevent scammers from targeting you and the ones you care about.
Several types of social media fraud abound, yet the FTC reports that three types of scams prevail:
These often involve bogus sites that promote opportunities to mine or invest in cryptocurrencies. Rather than use these sites to trade in legitimate cryptocurrencies, scammers use these as a front to collect funds. The funds are never invested and never returned. Thanks to social media, scammers have a quick and easy way to drive victims to such bogus sites.
By starting up a chat through an unexpected friend request or a message that comes out of the blue, a scammer develops a budding romantic relationship with a victim—and eventually starts asking for money. Public social media profiles are particularly attractive to scammers because they’re loaded with information that scammers can use to win a victim’s confidence or heart.
Using ads on social media, scammers drive victims to phony online stores that will take people’s money but that don’t deliver the goods. They’re simply a way for scammers to harvest cash from unsuspecting shoppers. These sites may impersonate reputable brands and stores or they may sell bogus products altogether. Either way, victims pay and receive nothing in return.
Together, these three types of scams accounted for the overwhelming majority of losses and reports of social media fraud, which are broken down in detail as follows:
As illustrated, investment and romance scams may get reported less frequently, yet they are among the costliest scams going on social media. Meanwhile, online shopping scams on social media are far more common yet rake in fewer dollars overall.
For one, reach. Nearly half of the global population uses social media today. That translates into billions of people who can be made into potential victims. Secondly, social media provides the tools to reach those people through the otherwise legitimate services and features available to the people and businesses that use social media to connect.
In the case of investment and shopping scammers, the ad platforms are of particular use. For romance scammers, direct messaging and profile pages are potential avenues for fraud.
Scammers use the highly targeted ad platform that social media companies use to generate revenue. With millions of detailed user profiles in their data stores, social media companies put that data to work in their ad platforms allow businesses to create ads designed to reach specific age groups, hobbies and interests, past purchases, and so on. Just as easily, a scammer can use the same tools to cook up bogus ads for their bogus products, services, and sites at a relatively low cost.
For example, a scammer could target older females with an interest in investing. From there, the scammer could narrow down that target profile to those who live in areas of the country with a desired average income level, and who have shown interest in investment products before. The scammers would create an ad that takes them to phony website designed to entice that target group into purchasing a bogus product, service, or crypto. The FTC reports that the median loss for an online shopping scam in 2021 was $118, while online investment scams on social media racked up a median loss of $1,800 per victim. These stats make a strong case for sticking to reputable and established retailers and accredited financial services.
In the case of romance scammers on social media, the posts and personal profiles that form the heart of social media offer con artists a treasure trove. With a potential victim’s life a relatively open book, full of birthdays, events, interests, and activities for all to see, scammers have the hooks they need to form a phony romantic relationship online—or at least make the attempt at one.
For example, a scammer reaches out to a potential victim with a friend request. With the profile and posts this romance scammer has at hand, they can spin all manner of intriguing, yet utterly false tales designed to gain the victim’s trust. With that trust established, they can follow up with a similarly intriguing story about needing “a little help” to cover some “unexpected expenses,” often in the form of a gift card or reloadable debit card—sometimes stringing out a series of requests over time. According to the FTC, the median loss for this type of romance scam in 2021 was around $2,000 per victim.
People worldwide spend an average of 145 minutes a day on social media. And with users in the U.S. spending just over two hours on social media a day, that’s a great deal of potential exposure to scams.
Yet, whether you’re using Facebook, Instagram, TikTok, or whatnot, here are several things you can do that can help keep you safe and secure out there:
Passwords mark square one in your protection, with strong and unique passwords across all your accounts forming primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one.
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy and give a possible scammer much less material to work with.
Be critical of the invitations you receive. Out-and-out strangers could be more than just a stranger, they could be a fake account designed to gather information on users for purposes of fraud. There are plenty of fake accounts too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests.
We’re increasingly accustomed to the warnings about phishing emails, yet phishing attacks happen plenty on social media. The same rules apply. Don’t follow any links you get from strangers by way of instant or direct messages. And keep your personal information close. Don’t pass out your email, address, or other info as well. Even those so-called “quiz” posts and websites can be ruses designed to steal bits and pieces of personal info that can be used as the basis of an attack.
When you’re purchasing online, do some quick research on the company. How long have they been around? Have any complaints been recorded by your attorney general or local consumer protection agency? When you meet someone new, do a reverse image search on their profile pic to see where else it appears. Look up their name in search as well. If the results you find don’t match up with the person’s story, it may be a sign of a scam.
Online protection software can protect you from clicking on malicious links while on social media while steering you clear of other threats like viruses, ransomware, and phishing attacks. It can look out for you as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other personal information. With identity theft a rather commonplace occurrence today, security software is really a must. Additionally, our online protection software can also provide you with an online Protection Score that shows you just how safe you are. From there, it calls out any weak spots and then walks you through the steps to shore it up with personalized guidance.
It’s unfortunate seeing a resource we’ve come to know and love over the past years get taken advantage of this way. Yet taking the steps outlined above can go a long way to prevent it from happening to you or someone you love.
One important note is to strongly consider filing a report if you believe you’ve been a victim of a social media scam. While some of the scammers behind these crimes are small-time operators, there are larger, almost business-like operations that conduct these crimes on a broader and sometimes international scale. So whether filing a report will help you recover some or all your losses, it can provide information to businesses and agencies that can help keep it from happening to others.
For more on online theft and fraud, and how you can spot and report it, check out our article on the topic. Doing so may help you, and someone else as well.
The post The Gold Rush of Fraud: Why Scammers Have Flocked to Social Media appeared first on McAfee Blog.
For years now, the popularity of online dating has been on the rise—and so have the number of online romance scams that leave people with broken hearts and empty wallets.
According to the U.S. Federal Trade Commission (FTC), the reported costs of online romance scams jumped 50% from 2019 to 2020, to the tune of $304 million. And that’s not entirely because 2020 was a pandemic year. From 2016 to 2020, the volume of reported cases tripled, while reported losses nearly quadrupled. Over that period, online romance scams are not only becoming more common, but they’re also becoming more costly.
Dating and romance scams aren’t limited to online dating apps and sites, they’ll happen on social media and in online games as well. However, the FTC reports that the scam usually starts the same way, typically through an unexpected friend request or a message that comes out of the blue.
With that initial introduction made, a chat begins, and a friendship (or more) blossoms from there. Along the way, the scammer will often rely on a mix of somewhat exotic yet believable storytelling to lure the victim in, often involving their job and where they’re working. Reports say that scammers will talk of being workers on an offshore oil rig, members of the military stationed overseas, doctors working with an international organization, or working in the sort of jobs that would prevent them from otherwise easily meeting up in person.
With the phony relationship established, the scammer starts asking for money. The FTC reports that they’ll ask for money for several bogus reasons, usually revolving around some sort of hardship where they need a “little help” so that they can pay:
The list goes on, yet that’s the general gist. Scammers often employ a story with an intriguing complication that seems just reasonable enough, one where the romance scammer makes it sound like they could really use the victim’s financial help.
People who have filed fraud reports say they’ve paid their scammer in a few typical ways.
One is by wiring money, often through a wire transfer company. The benefit of this route, for the scammer anyway, is that this is as good as forking over cash. Once it’s gone, it’s gone. The victim lacks the protections they have with other payment forms, such as a credit card that allows the holder to cancel or contest a charge.
Another way is through gift cards. Scammers of all stripes, not just romance scammers, like these because they effectively work like cash, whether it’s a gift card for a major online retailer or a chain of brick-and-mortar stores. Like a wire transfer, once that gift card is handed over, the money on it is highly difficult to recover, if at all.
One more common payment is through reloadable debit cards. A scammer may make an initial request for such a card and then make several follow-on requests to load it up again.
In all, a romance scammer will typically look for the easiest payment method that’s the most difficult to contest or reimburse, leaving the victim in a financial lurch once the scam ends.
When it comes to meeting new people online, the FTC suggests the following:
Scammers, although arguably heartless, are still human. They make mistakes. The stories they concoct are just that. Stories. They may jumble their details, get their times and dates all wrong, or simply get caught in an apparent lie. Also, keep in mind that some scammers may be working with several victims at once, which is yet another opportunity for them to get confused and slip up.
As mentioned above, some romance scammers troll social media and reach out through a direct message or friend request. With that, there are three things you can do to cut down your chances of getting caught up with a scammer:
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy and give a romance scammer less information to exploit.
Be critical of the invitations you receive. Out-and-out strangers could be more than a romance scammer, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests.
Security software can protect you from clicking on malicious links that a scammer may send you online, while also steering you clear of other threats like viruses, ransomware, and phishing attacks in general. It can look out for your personal information as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other info that a scammer or identity thief may put to use. With identity theft a rather commonplace occurrence today, security software is really a must.
If you suspect that you’re being scammed, put an end to the relationship and report it, as difficult as that may feel.
Notify the FTC at ReportFraud.ftc.gov for support and next steps to help you recover financially as much as possible. Likewise, notify the social media site, app, or service where the scam occurred as well. In some cases, you may want to file a police report, which we cover in our broader article on identity theft and fraud.
If you sent funds via a gift card, the FTC suggests filing a claim with the company as soon as possible. They offer further advice on filing a claim here, along with a list of contact numbers for gift card brands that scammers commonly use.
Lastly, go easy on yourself. If you find yourself a victim of online dating or romance fraud, know that you won’t be the first or last person to be taken advantage of this way. By reporting your case, you in fact may help others from falling victim too.
The post Phony Valentines: Online Dating Scams and How to Spot Them appeared first on McAfee Blog.
When you logged on to your computer this morning, data privacy probably wasn’t the first thing you were thinking about. The same goes for when you opened your phone to catch up on social media and check emails, turned on your smart TV for a family movie night, or all the other ways we routinely use our connected devices in our everyday lives.
Although we live in an increasingly connected world, most of us give little thought to data privacy until after our personal information has been compromised. However, we can take proactive steps to help ourselves and our loved ones navigate this environment in a safe way. On January 28th – better known as Data Privacy Day – we have the perfect opportunity to own our privacy by taking the time to safeguard data. By making data privacy a priority, you and your family can enjoy the freedom of living your connected lives online knowing that your information is safe and sound.
Did you know that there is a difference between data security and data privacy? Although the two are intimately intertwined, there are various characteristics of each that make them different. National Today3 provides a useful analogy to define the two:
At this point, we already know not to share our passwords or PIN numbers with anyone. But what about the data that is collected by companies every time we sign up for an email newsletter or make an online account? Oftentimes, we trust these companies to guard the personal data they collect from us in exchange for the right to use their products and services. However, the personal information collected by companies today is not regarded as private by default, with a few exceptions. For this reason, it’s up to us to take our data privacy into our own hands.
Because we spend so much of our day online, plenty of our information is available on the internet. But what happens if one of your favorite online retailers experiences a data breach? This is the reality of the world we live in today, as data breaches have been on the rise and hackers are continuously finding clever, new ways to access our devices and information.
Thanks to the COVID-19 pandemic, we’ve become more reliant on technology than ever before. Whether it be for distance learning, online shopping, mobile banking, or remote work, we’ve all depended on our devices and the internet to stay connected. But with more time online comes more opportunities for cybercriminals to exploit. For example, with the massive increase in remote work since the onset of the pandemic, hackers have hijacked online meetings through a technique called ‘Zoombombing4.’ This occurred after the online conferencing company shared personal data with Facebook, Google, and LinkedIn. Additionally, the number of patient records breached in the healthcare industry jumped to 21.3 million in the second half of 2020 due to the increase in remote interactions between patients and their providers5.
When it comes to data breaches, any business is a potential target because practically every business is online in some way. When you put this in perspective, it’s important to consider what information is being held by the companies that you buy from. While a gaming service will likely have different information about you than your insurance company, you should remember that all data has value, and you should take steps to protect it like you would money.
Your browsing history and personal information are private, and we at McAfee want to keep it that way. By using McAfee Secure VPN, you can browse confidently knowing that your data is encrypted.
To further take control of your data privacy, monitor the health of your online protection with McAfee’s Protection Score. This tool provides simple steps to improve your security and allows you to know how safe you are online, which is the first step towards a safer, more confident connected life. Check your personal protection score here.
Here are a few more tips to keep you on top of your data privacy game:
1. Update your privacy and security settings. Begin with the websites and apps that you use the most. Check to see if your accounts are marked as private, or if they are open to the public. Also, look to see if your data is being leaked to third parties. You want to select the most secure settings available, while still being able to use these tools correctly.
2. Lock down your logins. Secure your logins by making sure that you are creating long and unique passphrases for all your accounts. Use multi-factor identification, when available.
3. Protect your family and friends. You can make a big difference by encouraging your loved ones to protect their online privacy. By helping others create solid safety habits as they build their digital footprints, it makes all of us more secure.
Follow the conversation this Data Privacy Day by following #PrivacyAware and #DataPrivacyDay on social media.
The post It’s Data Privacy Day: Here’s How to Stay Protected in 2022 appeared first on McAfee Blog.
Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you can protect your social media accounts from hacks and attacks.
Beyond the sheer number of people who’re on social media, there’s also the amount of time we spend on it. People worldwide spend an average of 145 minutes a day on social media. With users in the U.S. spending just over two hours on social media a day and users in the Philippines spending nearly four hours a day, that figure can vary widely. Yet it’s safe to say that a good portion of our day features time scrolling and thumbing through our social media feeds.
Given how much we enjoy and rely on social media, now’s a fine time to give your social media settings and habits a closer look so that you can get the most out of it with less fuss and worry. Whether you’re using Facebook, Instagram, TikTok, or whatnot, here are several things you can do that can help keep you safe and secure out there:
Passwords mark square one in your protection, with strong and unique passwords across all your accounts forming primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one.
Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy.
Be critical of the invitations you receive. Out-and-out strangers could be more than just a stranger, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests.
Nothing says “there’s nobody at home right now” like that post of you on vacation or sharing your location while you’re out on the town. In effect, such posts announce your whereabouts to a broad audience of followers (even a global audience, if you’re not posting privately, as called out above). Consider sharing photos and stories of your adventures once you’ve returned.
It’s a famous saying for a reason. Whether your profile is set to private or if you are using an app with “disappearing” messages and posts (like Snapchat), what you post can indeed be saved and shared again. It’s as simple as taking a screenshot. If you don’t want it out there, forever or otherwise, simply don’t post it.
We’re increasingly accustomed to the warnings about phishing emails, yet phishing attacks happen plenty on social media. The same rules apply. Don’t follow any links you get from strangers by way of instant or direct messengers. And keep your personal information close. Don’t pass out your email, address, or other info as well. Even those so-called “quiz” posts and websites can be ruses designed to steal bits and pieces of personal info that can be used as the basis of an attack.
Sadly, social media can also be a place where people pull a fast one. Get-rich-quick schemes, romance cons, and all kinds of imposters can set up shop in ads, posts, and even direct messages—typically designed to separate you from your personal information, money, or both. This is an entire topic to itself, and you can learn plenty more about quizzes and other identity theft scams to avoid on social media.
Some platforms such as Facebook allow users to review posts that are tagged with their profile names. Check your account settings and give yourself the highest degree of control over how and where your tags are used by others. This will help keep you aware of where you’re being mentioned by others and in what way.
Security software can protect you from clicking on malicious links while on social media while steering you clear of other threats like viruses, ransomware, and phishing attacks. It can look out for you as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other personal information. With identity theft a rather commonplace occurrence today, security software is really a must.
Now you can point to a number that shows you just how safe you are with our Protection Score. It’s an industry first, and it works by taking stock of your overall security and grading it on a scale of 0 to 1,000. From there, it calls out any weak spots and then walks you through the steps to shore it up with personalized guidance. This way, you’re always in the know about your security, privacy, and personal identity on social media and practically wherever else your travels take you online.
The post How to Protect Your Social Media Accounts appeared first on McAfee Blog.
We live online these days, sharing everything from vacation pictures to what we eat for breakfast on the internet. The internet is also useful for daily activities, like buying groceries or paying bills.
While it’s convenient to connect with people and complete tasks online, cybercriminals are eager to use the internet to steal financial or personal data for their personal gain — otherwise known as identity theft. This is a criminal act and can affect your credit score in a negative way and cost money to fix. It can also affect employment opportunities since some employers conduct a credit check on top of drug testing and a criminal history check. Identity theft victims may even experience an impact to their mental health as they work to resolve their case.
The good news is that being able to recognize the signs of identity theft means you can act quickly to intervene and minimize any effects in case it happens to you. You can also protect yourself by using preventive measures and engaging in smart online behavior. This article provides essential information about identity theft, giving you the tools you need to become an empowered internet user and live your best life online.
The internet is a great place to be, but identity thieves hope to catch you off-guard and seek access to your personal information for their benefit. This could include private details like your birth date, bank account information, Social Security number, home address, and more. With data like this, an individual can adopt your identity (or even create a fake identity using pieces of your personal profile) and apply for loans, credit cards, debit cards, and more.
You don’t have to be kept in the dark, though. There are several signs that your identity has been stolen, from a change in your credit score to receiving unfamiliar bills and debt collectors calling about unfamiliar new accounts. If you suspect that you’ve been affected by identity fraud, you can act fast to minimize what happens. Here’s what to do.
Start by contacting law enforcement to file a report. Your local police department can issue a formal report, which you may need to get your bank or other financial institution to reverse fraudulent charges. An official report assures the bank that you have been affected by identity fraud and it’s not a scam.
Before going to the police, gather all the relevant information about what happened. This could include the dates and times of fraudulent activity and any account numbers affected. Bringing copies of your bank statements can be useful. Also, make note of any suspicious activity that could be related. For example, was your debit card recently lost or your email hacked? The police will want to know.
You should also notify any businesses linked to your identity theft case. Depending on the type of identity theft, this could include banks, credit card companies, medical offices, health insurers, e-commerce stores, and more. For example, if someone used your credit card to make purchases on Amazon, alert the retailer.
Medical identity theft is another good example. In this case, a fraudster may assume your identity to gain access to health care services, such as medical checkups, prescription drugs, or pricey medical devices like wheelchairs. If someone uses your health insurance to get prescription drugs from a pharmacy, for instance, make sure to alert the pharmacy and your insurer.
The Federal Trade Commission (FTC) is a government body that protects consumer interests. You can report identity theft via their portal, IdentityTheft.gov. They’ll then use the details you provide to create a free recovery plan you can use to address the effects of identity theft, like contacting the major credit bureaus or alerting the Internal Revenue Service (IRS) fraud department. You can report your case online or by calling 1-877-438-4338.
A common consequence of identity theft is a dip in the victim’s credit score. For example, a cybercriminal may take out new lines of credit in the victim’s name, accrue credit card debt, and then not pay the balance. For this reason, contacting the credit monitoring bureaus is one of the most important steps to take in identity theft cases.
There are three main agencies: TransUnion, Equifax, and Experian. You can get a free credit report from each agency every 12 months via AnnualCreditReport.com. Check the report and note all fraudulent activity or false information and flag it with the relevant bureau’s fraud department. You should also initiate a fraud alert with each agency.
A fraud alert requires any creditors to verify your identity before opening a new line of credit. This adds an extra layer of security. An initial fraud alert lasts for 90 days. Once this expires, you can prolong your protection via an extended fraud alert, which will remain valid for seven years. You can notify one of the big three bureaus to set it up. They are then required to notify the other two bureaus.
A credit freeze is another smart move, which you can do through each of the three major credit bureaus. You can either call them or start the process online. This prevents people from accessing your credit report. Lenders, creditors, retailers, landlords, and others may want to see your credit as proof of financial stability. For example, if someone tries to open a phone contract under your name, the retailer may check the credit report. If there is a credit freeze in place, they won’t be able to view it and won’t issue the contract. If you need to allow someone access to your credit report, you can temporarily lift the freeze.
Identity theft is often linked with leaked or hacked passwords. Even if you aren’t sure whether your passwords have been compromised, it’s best to play it safe. Change passwords to any affected accounts. Make sure to use strong passwords with a mix of numbers, letters, and symbols. Further, if there’s a chance to activate two-factor authentication on your accounts, this can provide added protection going forward.
Ideally, you’ll never become the victim of identity theft, but things can happen. Cybercriminals work hard, but you can stay one step ahead by taking a few preventative measures. These include:
You can further protect yourself with antivirus software like McAfee’s Total Protection plan. This can help protect your devices against spyware and viruses. You can also enhance your network security with a firewall and virtual private network (VPN). A firewall controls traffic on your internet network based on predefined security parameters, while a VPN hides your IP address and other personal data.
Don’t let concerns about identity fraud keep you from enjoying all the conveniences and perks the internet offers. McAfee’s identity theft protection services can help you stay connected while keeping you safe. Tailor your package to your household’s needs to get the safeguards you want, like ID theft coverage, VPN, and 24/7 monitoring. Our Total Protection plan also comes with $1 million in identity theft coverage to cover qualifying losses and hands-on support to help you reclaim your identity.
With McAfee by your side, you can stay online confidently.
The post What to Do If Your Identity Has Been Stolen appeared first on McAfee Blog.
If there’s a particularly clear picture that’s developed over the past couple of years, it’s that our privacy and our personal identities are worth looking out for. With that, we have your back. And here’s why.
In the U.S., reported cases of identity theft continue to rise. In the first half of 2022, the Federal Trade Commission (FTC) reported more than 600,000 cases of identity theft, with more than 230,000 of those reported cases involving credit card theft.
And that’s just what’s been reported in the U.S. Far more crime goes unreported, and it is estimated that the cost of identity theft and fraud goes well into the billions of dollars.
Yet behind each stat is a person, a family, and a household that dealt with anything from a financial headache to a major life event no thanks to identity theft and fraud. Accordingly, we’re seeing to it that every person has the tools to prevent this from happening to them.
Here’s a little bit about our approach. We looked at some of the key areas where people’s private information can be vulnerable and rolled out a set of features and services that can help make you safer than before. They’re all part of McAfee+, our latest line of comprehensive online protection. Depending on your plan and location, the following offer protections that can look after you, your privacy, and your identity—along with your devices and the things on them too.
Unsecured networks can leave us vulnerable, like when we use public Wi-Fi. What’s at issue is that a cybercriminal can potentially capture your login credentials and other personal information as you use a public network in a hotel, airport, coffee shop, library, and so forth.
So, we made sure to include a Virtual Private Network (VPN) to keep your information protected from prying eyes. It does this easily by detecting when you’re on a public network and automatically turning on your VPN. The VPN then scrambles or encrypts, your data as it flows over the network. Unlike some VPNs that require advanced settings to shield your data, our app offers seamless security.
Given that data breaches large and small continue to occur with more regularity than any of us would like, always-on monitoring of your private information is key.
Whether one of your personal accounts is hacked–or worse–another website somehow gets ahold of your data and subsequently gets breached, your data may end up on the dark web. This is where cybercriminals buy and sell information.
To detect these dangerous leaks, we included dark web monitoring, which alerts you if your log-in credentials have been exposed. It can even provide you with a link to the site that uses those credentials when the information is available. This allows you to swiftly reset your passwords, mitigating the risk.
We’ll scan some of the riskiest data broker sites and show you which ones are selling your personal info. We’ll also provide guidance on how you can remove your data from those sites and with select products, we can even manage the removal for you.
Recovering from identity fraud or theft can be expensive. Not to mention time consuming. We’ll help relieve the burden with $1M coverage for lawyer fees, travel expenses, lost wages, and more.
Should the unfortunate happen to you, we have your back. In several ways. We offer licensed recovery experts who can work with you any time, around the clock, all year long. These pros can use a limited power of attorney to do the heavy lifting for identity recovery, taking all necessary steps to repair identity and credit.
Our all-new ransomware coverage is now available, ready to help just in case—all backed by expert advice to help you find the quickest and best possible path to recovery. In addition to eligibility for up to $25,000 in reimbursement due to ransomware losses, our team of experts can help you, determine the severity of a ransomware attack and learn what immediate action steps you can take.
Knowing your safe and staying that way just got far simpler. With a colorful view, you can see exactly what your Protection Score is at a glance, which compiles your overall levels of security, privacy, and identity theft protection. Better yet, if it spots gaps in your protection, it guides you through straightforward fixes that can make you safer than before.
It’s an industry first, and something we all deserve—the ability to clearly see exactly how secure you are and to quickly shore up your protection whenever it’s needed.
Everyone has credit, and everyone needs to protect it. McAfee’s Credit Monitoring does just that. Whether the suspicious change in your report is big or small, we can help you detect it—and take the right steps to correct it.
You can put proactive protection in place by stopping unauthorized access to existing credit card, bank, and utility accounts or from new ones being opened in your name. Security freezes stop companies from looking at your credit profile, which halts the application process for loans, credit cards, utilities, new bank accounts, and more. A security freeze won’t affect your credit score.
Also on our list, we wanted to make personal protection easy to use and available across all your compatible devices. So, whether you’re out with just your phone, or at home working at your PC, you have access to your protection, and can even pick up where you left off on a different device.
Ultimately, that’s what any of us want—to enjoy the internet with confidence, knowing that whatever it is we’re doing online is secure.
The way we use the internet continues to evolve. After all, it wasn’t long ago that the idea of using a phone to see who’s at the front door may have seemed a bit odd. Let alone having a little chat with the speaker on your kitchen counter. Yet that’s where we are today. And as the internet evolves, so will we. The protection we offer will cover your increasingly connected life in whatever shape that takes.
No question about it. We’re committed to protecting you, your privacy, your identity, and certainly your devices too—and making all of it simple.
Here’s to a happy and secure year!
The post Protecting Your Privacy This Year appeared first on McAfee Blog.
It happens with more regularity than any of us like to see. There’s either a headline in your news feed or an email from a website or service you have an account with—there’s been a data breach. So what do you do when you find out that you and your information may have been caught up in a data breach? While it can feel like things are out of your hands, there are actually several things you can do to protect yourself.
Let’s start with a look at what kind of information may be at stake and why crooks value that information so much (it’s more reasons than you may think).
The fact is that plenty of our information is out there on the internet, simply because we go about so much of our day online, whether that involves shopping, banking, getting results from our doctors, or simply hopping online to play a game once in a while.
Naturally, that means the data in any given breach will vary from service to service and platform to platform involved. Certainly, a gaming service will certainly have different information about you than your insurance company. Yet broadly speaking, there’s a broad range of information about you stored in various places, which could include:
As to what gets exposed and when you might find out about it, that can vary greatly as well. One industry research report found that 60% of breaches were discovered in just days from the initial attack while others could take months or even longer to detect. Needless to say, the timeline can get rather stretched before word reaches you, which is a good reason to change your passwords regularly should any of them get swept up in a breach. (An outdated password does a hacker no good—more on that in a bit.)
The answer is plenty. In all, personal information like that listed above has a dollar value to it. In a way, your data and information are a kind of currency because they’re tied to everything from your bank accounts, investments, insurance payments—even tax returns and personal identification like driver’s licenses.
With this information in hand, a crook can commit several types of identity crime—ranging from fraud to theft. In the case of fraud, that could include running up a bill on one of your credits cards or draining one of your bank accounts. In the case of theft, that could see crooks impersonate you so they can open new accounts or services in your name. Beyond that, they may attempt to claim your tax refund or potentially get ID issued in your name as well.
Another possibility is that a hacker will simply sell that information on the dark marketplace, perhaps in large clumps or as individual pieces of information that go for a few dollars each. However it gets sold, these dark-market practices allow other fraudsters and thieves to take advantage of your identity for financial or other gains.
Most breaches are financially motivated, with some researchers saying nearly 90% of breaches are about the money. However, we’ve also seen hackers simply dump stolen information out there for practically anyone to see. The motivations behind them vary, yet could involve anything from damaging the reputation of an organization to cases of revenge.
A list of big data breaches is a blog article of its own, yet here’s a quick list of some of the largest and most impactful breaches we’ve seen in recent years:
Needless to say, it’s not just the big companies that get hit. Healthcare facilities have seen their data breached, along with the operations of popular restaurants. Small businesses find themselves in the crosshairs as well, with one report stating that 43% of data leaks target small businesses. Those may come by way of an attack on where those businesses store their records, a disgruntled employee, or by way of a compromised point-of-sale terminal in their store, office, or location.
In short, when it comes to data breaches, practically any business is a potential target because practically every business is online in some form or fashion. Even if it’s by way of a simple point-of-sale machine.
When a business, service, or organization falls victim to a breach, it doesn’t always mean that you’re automatically a victim too. Your information may not have been caught up in it. However, it’s best to act as if it was. With that, we strongly suggest you take these immediate steps.
Given the possibility that your password may be in the hands of a hacker, change it right away. Strong, unique passwords offer one of your best defenses against hackers. Update them regularly as well. As mentioned above, this can protect you in the event a breach occurs and you don’t find out about it until well after it’s happened. You can spare yourself the upkeep that involves a password manager that can keep on top of it all for you. If your account offers two-factor authentication as part of the login process, make use of it as it adds another layer of security that makes hacking tougher.
If you spot unusual or unfamiliar charges or transactions in your account, bank, or debit card statements, follow up immediately. That could indicate improper use. In general, banks, credit card companies, and many businesses have countermeasures to deal with fraud, along with customer support teams that can help you file a claim if needed.
If you haven’t done so already, consider signing up for a service that can monitor dozens of types of personal information and then alert you if any of them are possibly being misused. Identity protection such as ours gives you the added benefit of a professional recovery specialist who can assist with restoring your affairs in the wake of fraud or theft, plus up to $1 million in insurance coverage.
Our advice is to take a deep breath and get to work. By acting quickly, you can potentially minimize and even prevent any damage that’s done. With that, we have two articles that can help guide the way if you think you’re the victim of identity theft, each featuring a series of straightforward steps you can take to set matters right:
Again, if you have any concerns. Take action. The first steps take only minutes. Even if the result is that you find out all’s well, you’ll have that assurance and you’ll have it rather quickly.
The post What to Do If You’re Caught Up in a Data Breach appeared first on McAfee Blog.
What’s the difference between identity fraud and identity theft? Well, it’s subtle, so much so that it’s easy to use them nearly interchangeably. While both can take a bite out of your wallet, they are different—and knowing the differences can help you know understand what’s at stake.
Let’s start with an overview and a few examples of each.
So there’s that subtle difference we mentioned. Identity fraud involves misuse of an existing account. Identity theft means the theft of your personal information, which is then used to impersonate you in some way, such as opening new accounts in your name.
Above and beyond those definitions and examples, a couple of real-life examples put the differences in perspective as well.
As for identity fraud, individual cases of fraud don’t always make the headlines, but that’s not to say you won’t hear about it a couple of different ways.
The first way may be news stories about data breaches, where hackers gain things like names, emails, and payment information from companies or organizations. (Chipotle, RobinHood, and T-Mobile being recent examples.) That info can then end up in the hands of a fraudster, who then accesses those accounts to drain funds or make purchases.
On a smaller scale, you may know someone who has had to get a new credit or debit card because theirs was compromised, perhaps by a breach or by mistakenly making a payment through an insecure website or by visiting a phony login page as part of a phishing attack. These can lead to fraud as well.
Identity theft took on new forms during the pandemic, such as was the case of a Rhode Island man charged with nearly half a million dollars in a pandemic unemployment fraud case. Authorities allege that the man-made 85 unemployment claims in 2020 using the identities of several other people.
Similarly, a Massachusetts man was sentenced for filing fraudulent claims for relief funds, as well as open store credit accounts using fake identities. Court proceedings alleged that the personal information used to commit this fraud came from several sources, including information stolen from a realty company that collected that information from potential renters.
Identity theft can stem from the workplace as well, such as the sentencing of a Maryland man who used stolen lists of personal information from his former employer. From there, he was found guilty of garnering more than a million dollars in funds from food assistance programs and fraudulent car loans.
Identity theft can run far deeper than these examples. Because it effectively allows someone else to pose as you, an identity thief can do more than drain your accounts. They can also claim health insurance benefits, file taxes in your name, or possibly purchase the property. Further, an identity thief can potentially get a job, driver’s license, or other forms of ID in your name, which could ruin your credit history, reputation, or even create a police record in your name.
So while both identity fraud and identity theft are certainly something you want to prevent, identity theft holds the potential to affect far-reaching aspects of your life—which marks a distinct difference between the two.
It usually starts with someone saying anything from, “That’s strange …” to “Oh, no!” There’ll be a strange charge on your credit card bill, a piece of mail from a bill collector, or a statement from an account you never opened—just to name a few things.
With that, I have a few recent blogs that help you spot all kinds of identity crime, along with advice to help keep it from happening to you in the first place:
While there are differences between identity fraud and identity theft, they do share a couple of things in common: you can take steps to prevent them, and you can take steps to limit their impact should you find yourself faced with one or the other.
The articles called out above will give you the details, yet staying safe begins with vigilance. Check on your accounts and credit reports regularly and really scrutinize what’s happening in them. Consider covering yourself with an —and act on anything that looks strange or outright fishy by reporting it to the company or institution in question.
The post What’s the Difference Between Identity Fraud and Identity Theft? appeared first on McAfee Blog.
Most of us use the internet every day, so we’re comfortable sharing a lot of information online. However, cybercriminals want us to get a bit too comfortable so they can take our personal or financial data and use it for their benefit. This is called identity theft, and it can cost people money and may dip their credit score.
Fortunately, you can help minimize what happens by knowing the signs of identity theft and taking fast action when you recognize them. Find out how below.
Being online comes with many benefits, but it can also come with some risks. Identity theft usually begins with the criminal accessing sensitive personal data, such as Social Security numbers, birth dates, home addresses, bank account information, and driver’s license details. The fraudster can then take this information to fake your identity, using it to take out credit cards, apply for loans, and more.
Here’s a quick look at some ways identity thieves can get their hands on your valuable data:
There are many ways thieves can get their hands on your data. Luckily, there are ways you can protect yourself against these methods. For example, you can protect your computer, tablet, or mobile device against hackers by equipping it with a strong password and safeguarding against phishing by adding a firewall and utilizing a virtual private network (VPN) like those offered by McAfee.
With some best practices, you can protect your data and help safeguard you and your family against identity theft. One way to continue living your best life online is to watch for potential warning signs of identity theft. This ensures you can take fast action and minimize the effects if you’re targeted. Here are some essential signs to look out for.
Financial identity theft is one of the most common types of identity theft, and credit cards are a popular target. The rise in online shopping has made credit card fraud even more common.
Your online banking portal or app should allow you to set up alerts to email, call, or text you about suspected fraudulent credit card charges. If you get an alert, someone may have taken your identity.
If you apply for a loan or line of credit and your application is denied, dig deeper. A rejection could indicate that your credit score is lower than you thought, possibly due to fraudulent activity. For example, someone may use your information to get new credit cards and not pay them off, leaving you responsible.
Changes in your credit score can indicate identity theft. For example, if someone takes out utility bills in your name and doesn’t pay them, your credit score may dip. Checking your credit report from each of the three major credit bureaus (Equifax, Experian, and TransUnion) can help pinpoint the problem.
The Federal Trade Commission (FTC) allows U.S. consumers to get a free credit report every 12 months. Just visit AnnualCreditReport.com to get a copy of yours from the credit reporting agencies. You can also pay for credit monitoring services to track your score.
Once identity thieves obtain enough data, including your name and address, they might be able to open new accounts and credit cards. When you check your credit report, keep an eye out for new accounts that you didn’t open. Another red flag is if you start getting bank statements or bills addressed to you for accounts you don’t recognize.
Companies are required to notify customers of data breaches that could impact them. For example, if you save your payment information and home address on a music streaming provider’s website and their database is hacked, identity thieves may get your data. Keep an eye out for notifications and read the news. The McAfee blog is another great resource for information on data breaches.
If debt collectors start calling, be cautious, especially if they’re referring to accounts you aren’t familiar with. Don’t provide personal information to any collection agencies that call, as this can be a potential phishing scam. However, it’s a good idea to follow up on these cases by checking your credit report for new accounts. You could be liable if someone opened accounts under your name and didn’t pay them.
Medical theft occurs when a fraudster imitates another person to get health care or supplies. For example, a person might use your identity to get prescription medication at a pharmacy. If you get unfamiliar medical bills, follow up. Incorrect medical records could impact your insurance premiums or interfere with your ability to get the care you need in the future.
This could be an indicator of synthetic identity theft. This occurs when a fraudster creates a fake identity using various people’s real information. For example, they may use your address and Social Security number and another person’s photo to create a fake persona that’s creditworthy. They can then take out credit cards in that fake person’s name.
If you receive a confirmation of an annual tax filing before you’ve filed, take note. Criminals may try to file a tax return for another person to access their tax refund. Alternatively, you may find that you’re unable to e-file your taxes, which can occur if someone else has already filed under your name.
No one wants their identity stolen, but it’s still good to be prepared if it does happen. If you notice the above red flags, here are some steps you may need to take:
You may also want to visit IdentityTheft.gov to report identity theft and find resources to help guide your recovery plan.
Worries about identity fraud shouldn’t prevent your household from enjoying the benefits of a connected world. McAfee’s identity theft protection services can help you enjoy everyday conveniences while keeping you safe. Packages can be tailored to your needs, including 24/7 monitoring, ID theft coverage, VPN services, and more. It’s guided online protection made easy.
The post 9 Ways to Determine If Your Identity Has Been Stolen appeared first on McAfee Blog.
Did you just get word that your personal information may have been caught up in a data breach? If so, you can take steps to protect yourself from harm should your info get into the hands of a scammer or thief.
How does that information get collected in the first place? We share personal information with companies for multiple reasons simply by going about our day—to pay for takeout at our favorite restaurant, to check into a hotel, or to collect rewards at the local coffee shop. Of course, we use our credit and debit cards too, sometimes as part of an online account that tracks our purchase history.
In other words, we leave trails of data practically wherever we go these days, and that data is of high value to hackers. Thus, all those breaches we read about.
Whether it’s a major breach that exposes millions of records or one of many other smaller-scale breaches like the thousands that have struck healthcare providers, each one serves as a reminder that data breaches happen regularly and that we could find ourselves affected. Depending on the breach and the kind of information you’ve shared with the business or organization in question, information stolen in a breach could include:
What do crooks do with that data? Several things. Apart from using it themselves, they may sell that data to other criminals. Either way, this can lead to illicit use of credit and debit cards, draining of bank accounts, claiming tax refunds or medical expenses in the names of the victims, or, in extreme cases, assuming the identity of others altogether.
In all, data is a kind of currency in of itself because it has the potential to unlock several aspects of victim’s life, each with its own monetary value. It’s no wonder that big breaches like these have made the news over the years, with some of the notables including:
As mentioned, these are big breaches with big companies that we likely more than recognize. Yet smaller and mid-sized businesses are targets as well, with some 43% of data breaches involving companies of that size. Likewise, restaurants and retailers have seen their Point-of-Sale (POS) terminals compromised, right on down to neighborhood restaurants.
When a company experiences a data breach, customers need to realize that this could impact their online safety. If your favorite coffee shop’s customer database gets leaked, there’s a chance that your personal or financial information was exposed. However, this doesn’t mean that your online safety is doomed. If you think you were affected by a breach, you can take several steps to protect yourself from the potential side effects.
One of the most effective ways to determine whether someone is fraudulently using one or more of your accounts is to check your statements. If you see any charges that you did not make, report them to your bank or credit card company immediately. They have processes in place to handle fraud. While you’re with them, see if they offer alerts for strange purchases, transactions, or withdrawals.
Our credit monitoring service can help you keep an eye on this. It monitors changes to your credit score, report, and accounts with timely notifications and guidance so you can take action to tackle identity theft.
Breached and stolen information often ends up in dark web marketplaces where hackers, scammers, and thieves purchase it to commit yet more crime. Once it was difficult to know if your information was caught up in such marketplaces, yet now an identity monitoring service can do the detective work for you.
Our service monitors the dark web for your personal info, including email, government IDs, credit card and bank account info, and more. This can help keep your personal info safe with early alerts that show you if your data is found on the dark web, an average of 10 months ahead of similar services. From there, you’ll get guidance that you can act on, which can help protect your info and accounts from theft.
If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity. You can place one fraud alert with any of the three major credit reporting agencies (Equifax, Experian, TransUnion) and they will notify the other two. A fraud alert typically lasts for a year, although there are options for extending it as well.
Freezing your credit will make it highly difficult for criminals to take out loans or open new accounts in your name, as a freeze halts all requests to pull your credit—even legitimate ones. In this way, it’s a far stronger measure than placing a fraud alert. Note that if you plan to take out a loan, open a new credit card, or other activity that will prompt a credit report, you’ll need to take extra steps to see that through while the freeze is in place. (The organization you’re working with can assist with the specifics.) Unlike the fraud alert, you’ll need to contact each major credit reporting agency to put one in place. Also, a freeze lasts as long as you have it in place. You’ll have to remove it yourself, again with each agency.
You can centrally manage this process with our security freeze service, which stops companies from looking at your credit profile, and thus halts the application process for loans, credit cards, utilities, new bank accounts, and more. A security freeze won’t affect your credit score.
Ensure that your passwords are strong and unique. Many people utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials, such as the one you’ll find in comprehensive online protection software.
If the unfortunate happens to you, an identity theft coverage & restoration service can help you get back on your feet. Ours offers $1 million in coverage for lawyer fees, travel expenses, and stolen funds reimbursement. It further provides support from a licensed recovery expert who can take the needed steps to repair your identity and credit. In all, it helps you recover the costs of identity theft along with the time and money it takes to recover from it.
You can take this step any time, even if you haven’t been caught up in a data breach. The fact is that data broker companies collect and sell thousands of pieces of information on millions and millions of people worldwide, part of a global economy estimated at $200 billion U.S. dollars a year. And they’ll sell it to anyone—from advertisers for their campaigns, to scammers who will use it for spammy emails, texts, and calls, and to thieves who use that information for identity theft.
Yet you can clean it up. Our personal data cleanup service can scan some of the riskiest data broker sites and show you which ones are selling your personal info. It also provides guidance on how you can remove your data from those sites and, with select products, even manage the removal for you.
Comprehensive online protection software will offer you the tools and services listed above, along with further features that can protect you online. That includes a VPN to keep your time online more private from online data collection while protecting it from thieves who’re out to steal credit card and account information. It also includes web browsing protection that can warn you of sketchy websites and malicious downloads that look to steal your information. In all, it’s thorough protection for your devices, privacy, and identity. And in a time of data breaches, that kind of protection has become essential.
The post How to Protect Yourself From Identity Theft After a Data Breach appeared first on McAfee Blog.
We’re online more than ever, in large part because it allows us to take advantage of online conveniences like bill pay and booking appointments. But these many benefits might also leave us exposed to risks, like identity theft.
Identity theft is characterized by one person using another’s personal or financial data for their benefit. Cybercriminals may take information like a person’s name, birthday, Social Security number, driver’s license number, home address, and bank account information and use it for their benefit. A name and matching financial information, for instance, can be used to apply for credit cards or open new accounts.
The good news is that you can safeguard yourself and your family with some best practices — allowing you to enjoy your best life online and worry less about cybercriminals. Share these 10 tips with your family to help keep your entire household safe.
A good habit to get into is to password-protect your computer, tablet, and mobile devices through unique, strong passwords. These devices are home to some of your most sensitive information, including everything from emails to apps that connect to your bank accounts. So, if these devices fall into the wrong hands, a password makes it harder to access your personal data.
Take some time to come up with your passwords, though. It’s important to create strong passwords that hackers can’t guess. A strong password will include a mix of symbols, numbers, and letters. Steer clear of simple passwords like “123456” (it might seem obvious, but this is one of the most common passwords people use). Also, avoid including information that other people can guess, like your birthdate, home address, or name.
Don’t forget to use different passwords for different accounts. If you use the same password across multiple accounts, and a fraudster gains access to one account, they may access the others. Fortunately, McAfee’s identity protection services include a password manager, which can help secure your account credentials across multiple devices. This tool encrypts passwords, storing them safely and making it easy to keep track of them.
Identity thieves are skilled at leveraging new technologies. Phishing is one great example of this. Phishing involves criminals masquerading as trustworthy entities, such as government agencies or banks, and using this trusted position to get sensitive information. Phishing scams started with traditional mail. They’re now also done via phone, text, and email.
As a general rule of thumb, never give out any personal information when contacted by a business, bank, or another entity. Also, make sure your email spam filters detect phishing attempts. Never open emails from people you don’t know, and don’t download email attachments without knowing what they are. Some phishing emails include malware, which can infiltrate your device and access personal data. A McAfee Total Protection plan is an all-in-one protection solution that can help you detect and avoid malware.
Fraudulent websites may also use phishing techniques. A website may look similar to the legitimate website of a mortgage lender, bank, or credit card company but might be a fraudulent platform seeking to get information from consumers. Always verify that any website you visit is the legitimate website of the institution, and consider McAfee antivirus software, which offers a safe browsing solution.
When financial identity theft occurs, this can also impact financial institutions like banks and lenders. So, they’re eager to prevent fraud, as well. One way they do this is through fraud alerts. You can set up your online banking to issue fraud alerts — for example, via an email, text message, or phone call — if your bank suspects suspicious activity on your account.
In some cases, a bank will also freeze your account until you verify whether the activity is legitimate. This is a common tactic used to protect against credit card fraud. Geo-control is one example: If you live in the U.S., but a German IP address uses your credit card, your credit card provider will likely issue an alert. You can also set up alerts for certain transaction amounts or types.
Your credit report is one of the most powerful tools you have at your disposal for catching identity thieves and stopping them in their tracks. You’re entitled to a free credit report every 12 months via AnnualCreditReport.com, an initiative of the Federal Trade Commission (FTC). You can get a free copy of your report from each major credit bureau: Experian, Equifax, and TransUnion.
Review your report thoroughly, checking for inaccuracies. When credit monitoring, check your:
If you find any discrepancies, contact the appropriate credit reporting company. You should also contact the relevant financial institution and visit IdentityTheft.gov. You can report the suspected identity theft and find resources to help you recover.
Social media is great for connecting with others online, but it does open the door to some vulnerabilities. Be careful about what you post, and steer clear of sharing personal details like your home address, children’s names, pet’s names, or birthdays, which some people use as passwords. If a social media platform offers two-factor authentication, opt in.
Images are another touchy subject. Never post photos that include private data, like a picture of your passport or vaccine card. Consider what’s in the background of any photos — from your home (with a house number) to mail with your address. Finally, you may want to set your visibility to private on all social media accounts, limiting who can view them. And even if your account is private, you should still follow the above tips.
Some identity thieves get people’s personal information by dumpster diving. One solution? Invest in a paper shredder. You’ll be able to shred documents into tiny bits that are hard to piece together, making it that much harder for someone else to piece together any personal information they contain.
Here are some documents worth shredding:
If you’re not sure whether something needs to be shredded, go ahead and destroy it. It only takes seconds, and you’re better off safe than sorry.
Whether you use a computer, tablet, or mobile device for many of your online activities, like paying bills, these devices contain a lot of personal data. So, it’s good to protect them from hackers. Install antivirus software like McAfee’s to protect against viruses and spyware. It would be best if you also had a firewall, which is a network security system that controls the incoming and outgoing network traffic based on set security parameters.
To take your device security a step further, you may also want to invest in a virtual private network (VPN). This helps hide your online activity. It can safeguard against hackers on public networks but is also worth using at home. It hides details like browsing activity, personal data, and IP address from potential snoops. McAfee also offers VPN services.
While your computer, tablet, or mobile device may hold a great deal of personal data, you likely also have hard copies of sensitive documents worth protecting. Documents like your birth certificate, Social Security card, and passport contain valuable information that identity thieves can use for personal gain, so you want to make sure they’re kept in a safe space.
Don’t simply shove these documents into your desk drawer. It’s best to keep them in a locked, fireproof home safe with a secure code. To keep things organized, put each document in a protective plastic sleeve and put the sleeves in a binder. This can be useful if you have a large family and need to keep track of everyone’s data.
Sophisticated hackers don’t just target individuals. They may also try to infiltrate businesses, government agencies, higher education institutions, health care facilities, and any other organization that gathers sensitive consumer information. If an entity is subject to a data breach, they’re legally required to notify any consumers who may have been impacted.
However, it’s still good to inform yourself about potential breaches that may affect you. Larger-scale data security risks are usually reported in the media. We also post about data breaches on the McAfee blog. If an entity you do business with has been affected, change your passwords and the passwords of any related accounts immediately.
Knowing possible signs of identity theft can help you catch it early so that you can continue to enjoy your time online. Educate yourself and your family about these warning signs, ensuring everybody stays safe. Here are some possible indications identity thieves have targeted you:
The internet keeps all of us connected, but that’s why identity theft protection is important. With people increasingly connected, doing more, and sharing more online, cybercriminals can pinpoint weaknesses and take advantage. Hackers are ready to leverage your information for personal gain, and identity theft is no exception.
McAfee is here to help. McAfee’s identity protection services provide 24/7 monitoring of your email addresses and bank accounts, providing up to $1 million worth of ID theft coverage. You deserve to enjoy the comfort offered by the internet without stressing about identity theft. Implement the best practices above in your household so that you and your loved ones can stay connected with confidence.
The post 10 Ways to Protect Your Identity appeared first on McAfee Blog.
The internet provides plenty of fun and exciting opportunities for you and your family, from sharing on social media to online shopping. To help you enjoy every minute of it, though, it’s good to be aware of what less savory characters are up to.
And they sure have been busy. In fact, the U.S. Federal Trade Commission (FTC) received 2.1 million fraud reports in 2020. What is identity theft? Well, it’s the fraudulent use of another individual’s name and details for personal gain.
Those affected by identity fraud may see a dip in their finances and credit scores. They may also deal with anxiety around financial security going forward. However, while it’s important to be aware of the threat of identity theft, this shouldn’t be cause for alarm. There are plenty of tools and techniques that can help protect you and your family so you can continue to enjoy everything modern technology has to offer.
The first step in protecting yourself? Educate yourself. Understanding the different types of identity theft can help you safeguard yourself and your loved ones so that you can continue all your favorite online activities. Here we’ll define and explore the different types of identity theft to watch out for.
We’ve all probably heard of identity theft, but what is it? Identity theft is when someone uses another person’s financial or personal data, usually for monetary gain. This means a fraudster may take sensitive information like names, birthdates, Social Security numbers, driver’s license details, addresses, and bank account numbers or credit card numbers. They might then use this information to make purchases, open credit cards, and even use health insurance to get medical care.
A little knowledge can go a long way in stopping cybercriminals in their tracks — especially since they’re becoming more sophisticated and coming up with new schemes every day.
Here are five common types of identity theft to help you stay one step ahead of hackers.
Financial identity theft is when one person uses another’s personal data for financial benefit. This is the most common form of identity theft (including the credit card example described above). Financial identity theft can take multiple forms, including:
The good news is that it’s easy to protect yourself against financial identity theft by checking your bank accounts, credit card statements, and bills. If you see an unexplained charge, contact your credit card company or bank immediately to report it. Also, check your credit report for changes in your score. An unexplained decrease in your score could mean fraudulent activity. You can do this through AnnualCreditReport.com, where you can get a free credit report every 12 months from each of the three major credit bureaus.
Another idea is to place a one-year fraud alert on your credit reports to keep people from opening new accounts in your name. This encourages creditors and lenders to take extra precautions to verify your identity before granting any loans or credit increases. You can also place a security freeze on your credit report, which blocks others from accessing it to extend credit.
This might not seem like a real form of identity theft, but it happens. Medical identity theft is when a criminal poses as another person to obtain health care services. In fact, fraudsters may use your name and insurance information to:
This can result in you having bills for prescriptions, services, or devices you didn’t need, ask for, or even receive. Your health care and insurance records may even have these things added to them. An inaccurate medical record can make it harder for you to get the care you need in the future and even impact insurance coverage.
Fortunately, you can help minimize the risk of medical identity theft by regularly reviewing your medical claims. Contact your insurer if you see unfamiliar procedures, prescriptions, or services. You’ll also want to let your health care provider know so that they can ensure your medical files are correct. Finally, consider filing a complaint with the U.S. Department of Health and Human Services (HHS).
Criminal identity theft occurs when a person arrested by law enforcement uses someone else’s name instead of providing theirs. They might be able to pass this off by creating a fake ID or using a stolen ID, like your driver’s license, to show to the police. This type of fraud can be difficult to detect until the consequences are evident, like:
You can help protect yourself against criminal identity theft by safeguarding your ID. If your license or state-issued ID is lost or stolen, report it to the local Department of Motor Vehicles (DMV) and law enforcement. Also, limit the information you share online (and encourage family members to do the same). For example, if your teen got their first driver’s license and wants to share a pic of it on social media, explain why this isn’t a good idea.
As one of the fastest-growing types of financial crime in the U.S., synthetic identity theft involves creating fake identities using real people’s information. Fraudsters may use data like birthdates, addresses, and Social Security numbers from real people, blending them to create a fake profile. They can then use this persona to apply for loans or credit cards or commit other financial crimes. Kids and older adults tend to be vulnerable to this type of fraud since they rarely use their SSNs.
The most important thing about synthetic identity theft is knowing the signs and acting fast. Keep an eye out for any mail with your address on it but addressed to a different name and phone calls or mail about new credit accounts. You can further protect yourself by regularly checking your credit reports for unexplained changes and placing a security freeze on them.
There are also identity monitoring services available, which scan the internet, including the dark web, for breached Social Security numbers. If you suspect you or a loved one is the victim of synthetic identity theft, contact the relevant financial institutions to alert them.
We all want to protect our children from bad actors, especially when it comes to identity theft. Child identity theft involves using a minor’s information to commit financial fraud, like opening a new account or line of credit under the child’s name. The thief may even use the child’s identity to get a driver’s license, apply for government benefits, or buy a house. This is often easier than targeting an adult because most kids don’t have credit reports or financial accounts, making them a clean slate.
Unfortunately, child identity theft is often perpetrated within the family by a relative who has access to the child’s data like their birthdate and address. And many children don’t realize they’ve been targeted until they’re older — for example, when they try to take out a student loan. By this point, the issue may have been escalating for years. So, it’s important as a parent to be aware of child identity theft.
The best way to do this is to check whether your child has a credit report with any of the three big credit bureaus (TransUnion, Equifax, and Experian). If so, review the report and report any fraudulent activity. You can also place a freeze on your child’s credit report to help minimize the risk of future fraud.
No one wants to be left in the dark when it comes to identity theft, so knowing the signs can help you spot it and take action quickly. This can help stop fraud in its tracks, minimizing both immediate damage and long-term repercussions. Some warning signs that may indicate identity theft include:
You can also increase your odds of recognizing identity theft with tools like McAfee’s identity protection services. Our continual monitoring can keep tabs on over 60 types of personal information, which allows us to quickly identify security issues, alerting you to potential breaches so that you can fix them. We’ll also notify you up to 10 months sooner than similar services. By combining the best practices described above with a comprehensive identity protection service, you can worry less about identity theft and spend more time enjoying the internet.
The internet makes daily life easier in many ways. You can now learn, work, play, and shop online. You shouldn’t have to forego these conveniences because of the threat of identity theft.
McAfee’s identity theft protection services can help keep you and your loved ones safe. McAfee uses extensive monitoring and an early detection system to notify you of potential risks or breaches. You’ll also have access to 24/7 online security experts and up to $1 million of identity theft coverage. Get the peace of mind you need to continue using the internet with confidence.
The post 5 Common Types of Identity Theft appeared first on McAfee Blog.
Protecting your devices with antivirus is a great start, yet it’s only one part of staying safer online. With the way scammers and thieves target people today, you need to protect yourself too—specifically your identity and privacy.
Threats have evolved over the years. While hackers still wage malware attacks on computers, tablets, and smartphones, the devices aren’t the ultimate target. You are. The personal and private information created and kept on your devices have tremendous value because scammers and thieves can use it to steal your identity, open credit cards in your name, and commit all kinds of identity theft and fraud.
Yet just as using antivirus protection can keep you safer online, using privacy and identity protection will keep you far safer still. Let’s look at how all three can work in concert.
Privacy protection focuses on keeping your information from getting into the hands of advertisers, cybercriminals, and data brokers who want to use it for their benefit. To boost your online privacy, consider a few thoughtful additions to your daily browsing, email, and social media routine.
First, think carefully about your social media habits. Do you post everything about your day and childhood, pin your location, and share photos of documents that include your full name, birthday, or address? You may want to consider cutting back on what you broadcast on the internet, especially if your account is public for anyone to view.
Unfortunately, while your friends and family may love your status updates, cybercriminals love them more. After only minutes of snooping, cybercriminals can glean enough personal details about you to impersonate you or target a social engineering attempt at you. To keep your private information more private, limit what you share on social media, pare down your follower and friend lists to only the closest people, and if your social media account platform supports it set your account to private.
One more way to protect your privacy is to use a virtual private network (VPN). A VPN allows you to remain far more anonymous online by shielding your location and device information, along with the data passing along your connection—which includes things like your passwords, account information, and other sensitive info.
A VPN offers further protection when you’re logged on to a public network, like those in coffee shops, libraries, and transportation hubs. Cybercriminals often lurk on non-password-protected Wi-Fi networks and eavesdrop on people paying bills or online shopping to steal their credentials.
However, criminals aren’t the only ones who intrude on your privacy. Online data brokers collect thousands of data points on millions of people, then post bits of that information for anyone to see and offer far more detailed information for a price.
Who buys this information? More legitimate purposes include people conducting background checks, journalists, law enforcement, and, largely, advertisers. With such in-depth information, advertisers can target highly specific audiences with their ads, all based on personal information that can include shopping habits from customer loyalty cards, health data from fitness apps, and information scraped from public social media posts—just to name a few of the umpteen sources they draw from.
Yet data brokers won’t discriminate. They’ll sell to scammers and thieves as well, who can then use that personal information to help them commit identity fraud and theft.
However, you can do something about this. Personal data cleanup can scan some of the riskiest data broker sites and show you which ones are selling your personal info. It can also provide guidance on how you can remove your data from those sites and can even manage the removal for you. And because data brokers continually update their data, personal data cleanup will continue to monitor those sites and help you get your information removed should it crop up again.
In all, if you feel that your privacy shouldn’t be up for grabs, a personal data cleanup service can
Another form of protection focuses on keeping you safer from identity theft and fraud. Here, thieves will steal personal and account information to rack up charges on existing credit and debit cards, open entirely new accounts and lines of credit, or impersonating the victim themselves for employment, health insurance coverage, or to commit other crimes in someone else’s name.
A few forms of identity crime include:
This list provides just a few examples, yet in all its forms, identity crime can affect your finances, credit score, and ability to secure loans, a mortgage, or future credit cards.
One way to keep your identity secure is to guard your PII carefully. Never give out your Social Security Number unless it’s necessary—such for employment, opening bank and credit accounts, applying for public assistance, filing tax returns, or obtaining a driver’s license. While other businesses may ask you for your Social Security Number for identification purposes, you are not legally bound to provide it. You can ask to provide an alternate form. Also, never share it over email or text where it can be potentially intercepted.
Beyond your Social Security Number, you can take steps to protect the many other forms of personal information you have. An identity monitoring service can keep tabs on everything from email addresses to IDs and phone numbers for signs of breaches so you can take action to secure your accounts before they’re used for identity theft. Likewise, credit monitoring can watch for unusual credit activity that could be an indicator of identity theft as well.
Should the unfortunate occur, identity theft & recovery coverage like ours can help you get back on track in several ways. First, it provides $1 million in identity theft coverage that covers travel expenses, legal fees, and stolen funds reimbursement. Additionally, it provides the assistance of a licensed identity theft recovery pro who can help you repair your identity and credit.
The third form of protection involves our devices, like computers, tablets, and phones—protecting them from both physical and digital threats.
The first step you can take is to use a password, PIN, facial recognition, or other form of lock to keep your devices safer in the event of loss or theft. With this protection, your device is effectively an open book, providing a thief with access to all manner of personal information, accounts, and apps.
Taking this protection a step further is learning to remotely locate your devices and then lock or wipe them. Many laptops and mobile devices offer location tracking services to help find a lost device—and yet others allow the owner to remotely lock or even wipe the contents of that device if they fear it’s lost for good or fallen into the wrong hands.
It’s all rather straightforward, and device manufacturers have put up helpful web pages that can walk you through the process:
Another good step you can take is to back up your files, whether with an online cloud service, a physical external drive, or both. By storing your files in the cloud, you can recover them quickly if your device is stolen and you have to remotely wipe its contents. Storing them on an external drive also lets you recover your files if your device is stolen, however, you’ll want to keep it in a secure location so that it can’t be stolen as well. Options include a fireproof safe where you keep other valuables or even a safe deposit box. The drawback is that you will have to back up files manually and regularly whereas cloud backup is practically automatic when you’re connected to the internet.
Another component of device security is defending against malicious software. Viruses and malware can make their way onto your devices through several avenues, including sketchy websites, dishonest downloads, phishing schemes, and clicking on ads. The challenge is that several of these avenues can look rather legitimate at first glance. Sophisticated hackers, scammers, and thieves have learned how to make their bogus websites and search results look like the real thing. One way you can prevent making a bad click or downloading an attachment loaded with malware is to use web advisor software that can protect you while you browse.
And finally, yes, antivirus is a must now just as it’s ever been. When kept up to date with the latest updates, it can prevent malware from getting onto your devices—plus scan, detect, and delete viruses and malware from your devices should they make their way onto them.
The threats out there are many, and they go beyond threats to your devices. Hackers, scammers, and thieves are quite interested in you. Your accounts, your personal information, and anything they can grab to commit theft or fraud. Protecting yourself today calls for not only protecting your devices but your privacy and identity too.
Comprehensive online protection software like ours covers all three—privacy, identity, and devices. It includes the protections mentioned above, plus dozens of features more such as ransomware coverage, credit freezes, security locks, and an online protection score that shows you just how safe you are, along with suggestions that can make you safer still.
In all, it gives you far more control over your privacy and personal information, control that should rest in your hands, and not in the hands of data brokers, hackers, scammers, and thieves.
The post Privacy, Identity, and Device Protection: Why You Need to Invest in All Three appeared first on McAfee Blog.
Before you take the fun-looking quiz that popped up in your social media feed, think twice. The person holding the answers may be a hacker.
Where people go, hackers are sure to follow. So it’s no surprise hackers have set up shop on social media. This has been the case for years, yet now social media-based crime is on the rise. In 2019, total reported losses to this type of fraud reached $134 million. But reported losses hit $117 million in just the first six months of 2020, according to the U.S. Federal Trade Commission (FTC).
Among these losses are cases of identity theft, where criminals use social media to gather personal information and build profiles of potential victims they can target. Just as we discussed in our recent blog, “Can thieves steal identities with only a name and address?” these bits of information are important pieces in the larger jigsaw puzzle that is your overall identity.
Let’s uncover these scams these crooks use so that you can steer clear and stay safe.
“What’s your spooky Halloween name?” or “What’s your professional wrestler name?” You’ve probably seen a few of those and similar quizzes in your feed where you use the street you grew up on, your birthdate, your favorite song, and maybe the name of a beloved first pet to cook up a silly name or some other result. Of course, these are pieces of personal information, sometimes the answer to commonly used security questions by banks and other financial institutions. (Like, what was the model of your first car?) With this info in hand, a hacker could attempt to gain access to your accounts.
Similarly, scammers will also post surveys with the offer of a gift card to a popular retailer. All you have to do is fork over your personal info. Of course, there’s no gift card coming. Meanwhile, that scammer now has some choice pieces of personal info that they can potentially use against you.
How to avoid them: Simply put, don’t take those quizzes and surveys online.
The list here is long. These include posts and direct messages about phony relief funds, grants, and giveaways—along with bogus business opportunities that run the gamut from thinly-veiled pyramid schemes and gifting circles to mystery shopper jobs. What they all have in common is that they’re run by scammers who want your information, money or both. If this sounds familiar, like those old emails about transferring funds for a prince in some faraway nation, it is. Many of these scams simply made the jump from email to social media platforms.
How to avoid them: Research any offer, business opportunity, or organization that reaches out to you. A good trick is to do a search of the organization’s name plus the term “scam” or “review” or “complaint” to see if anything sketchy comes up.
If there’s one government official that scammers like use to put a scare in you, it’s the tax collector. These scammers will use social media messaging (and other mediums like emails, texts, and phone calls) to pose as an official that’s either demanding back taxes or offering a refund or credit—all of which are bogus and all of which involve you handing over your personal info, money, or both.
How to avoid them: Delete the message. In the U.S., the IRS and other government agencies will never reach out to you in this way or ask you for your personal information. Likewise, they won’t demand payment via wire transfer, gift cards, or cryptocurrency like bitcoin. Only scammers will.
These are far more targeted than the scams listed above, because they’re targeted and often rely upon specific information about you and your family. Thanks to social media, scammers can gain access to that info and use it against you. One example is the “grandkid scam” where a hacker impersonates a grandchild and asks a grandparent for money. Similarly, there are family emergency scams where a bad actor sends a message that a family member was in an accident or arrested and needs money quickly. In all, they rely on a phony story that often involves someone close to you who’s in need or in trouble.
How to avoid them: Take a deep breath and confirm the situation. Reach out to the person in question or another friend or family member to see if there really is a concern. Don’t jump to pay right away.
This is one of the most targeted attacks of all—the con artist who strikes up an online relationship to bilk a victim out of money. Found everywhere from social media sites to dating apps to online forums, this scam involves creating a phony profile and a phony story to go with it. From there, the scammer will communicate several times a day, perhaps talking about their exotic job in some exotic location. They’ll build trust along the way and eventually ask the victim to wire money or purchase gift cards.
How to avoid them: Bottom line, if someone you’ve never met in person asks you for money online, it’s a good bet that it’s a scam. Don’t do it.
Now with an idea of the bad actors are up to out there, here’s a quick rundown of things you can do to protect yourself further from the social media scams they’re trying to pull.
Above and beyond what we’ve covered so far, some online protection basics can keep you safer still. Comprehensive online protection software will help you create strong, unique passwords for all your accounts, help you keep from clicking links to malicious sites, and prevent you from downloading malware. Moreover, it can provide you with identity protection services like ours, which keep your personal info private with around-the-clock monitoring of your email addresses and bank accounts with up to $1M of ID theft insurance.
Together, with some good protection and a sharp eye, you can avoid those identity theft scams floating around on social media—and get back to enjoying time spent online with your true family and friends.
The post Quizzes and Other Identity Theft Schemes to Avoid on Social Media appeared first on McAfee Blog.
With the holidays on the horizon, spirits are high—and it’s those same high spirits that hackers want to exploit. ‘Tis the season for clever social engineering attacks that play on your emotions, designed to trick you into giving up personal info or access to your accounts.
Social engineering attacks unfold much like a confidence scam. A crook takes advantage of someone’s trust, applies a little human psychology to further fool the victim, and then pulls off a theft. Online, a social engineering attack will likely involve a theft attempt of personal or account information that the crook can then use to make purchases, drain accounts, and so forth.
Not at all in the holiday spirit, right? Let’s take a look at some of their top tricks so that you can spot and avoid them.
As said, spirits can get high this time of year. There’s looking forward to gatherings with family and friends, the fun that comes along with hunting for that perfect gift, and the excitement of the holidays overall. And that’s what hackers count on—people getting caught up in the rush of the holidays, to the point where they may not look at emails, offers, shipping notices, and such with a critical eye. That’s how the scammers get their foot in the door.
Some of their favored tricks can look a little like this:
What are the holidays without that trendy “must-get” gift item, the one that’s seemingly out of stock no matter where you look? Scammers are keen on these items as well and will prop up phony ads and storefronts that pretend to sell those items but really don’t. Instead, they’re just a shady way for them to steal your debit or credit card information—or to lift a few bucks out of your pocket in return for nothing.
One way to keep from getting burned by one of these scams is to follow the old adage, “If it looks too good to be true, it probably is.” In this case, crooks are using feelings of scarcity and urgency to get you to bite. Here’s where you can take a moment before you click to do some research.
Answers to these questions can separate the good businesses from the bogus ones.
Like the above, crooks will create a sense of urgency about a hot holiday item or limited time offer. The twist comes when they request payment via a gift card rather than by credit or debit card or other legitimate online payment methods. This request is highly deliberate because gift cards are much like cash. Once the money on the card is spent, it’s gone, and these cards do not offer the same protections that come with other payment methods.
You can avoid this one easily. If anyone asks you to use a gift card as payment, it’s a scam. Gift cards are for gifts, not payment, says the Federal Trade Commission (FTC). If you come across such a scam, you can report it to the FTC as well.
Donating to a charity in someone else’s name is often a popular gift. Much the same, giving a donation to a worthy cause feels particularly good this time of year. Once again, scammers will take advantage of these good intentions by propping up phony charities designed to do nothing more than dupe you out of your money. Whether that’s a flat-out phony charity or one of the many other scam charities that have been known to pocket 90 cents of every dollar donated, this is the time of year to be on the lookout for both.
The advice here is much the same as the advice for avoiding phony businesses and retailers. Do your homework. The Better Business Bureau maintains a listing of charities that can help you make good donation choices. Also, your state government’s charity officials can help you separate good charities from bad—and even file a report if you suspect a scam is at play.
And once again, if a charity is asking for donations in the form of cash, gift cards, or wire transfer, just say no. That’s a surefire sign of a scam.
Scammers know you have packages in transit this holiday season, loaded with gifts that you’re eagerly tracking. Enter another classic scam—the phony shipping notice. The idea is that you already have so many packages on their way that you won’t think twice about opening an email with a “shipping notice” that comes in the form of an attachment. Of course, that attachment is a fake. And it’s loaded with malware.
Too bad for scammers, though. This is another one you can steer clear of rather easily. Don’t open such attachments. Shipping companies will almost certainly send along notices and invoices in the body of an email, not as an attachment. If you have a question, you can always visit the shipper’s website and look up your tracking info there. Likewise, follow up with the customer service department of the company that you purchased the item from in the first place.
While the holidays are a special time for scammers too, there are several things you can do to up the level of your protection now and year ‘round. A quick list includes:
No doubt, the holidays have a feel all to themselves, one which hackers and crooks want to take advantage of. They’ll craft their tricks accordingly and try to twist the good times that roll around at the end of the year into scams that capitalize on your good intentions. As you can see, it’s not too tough to spot them for what they are if you pause and take a moment to scrutinize those emails, offers, and sales. And that’s the thing with the holidays. We can all feel pinched for time at some point or other during this stretch. Look out for their pressure tactics and seemingly clever ways of using social engineering to rip you off. That way, you can spend the holidays focusing on what’s important—your friends and family.
The post Social Engineering: Tis the Season for Tricky Hackers appeared first on McAfee Blog.
How does that information get collected in the first place? We share personal information with companies for multiple reasons simply by going about our day—to pay for takeout at our favorite restaurant, to check into a hotel, or to collect rewards at the local coffee shop. Of course, we use our credit and debit cards too, sometimes as part of an online account that tracks our purchase history.
In other words, we leave trails of data practically wherever we go these days, and that data is of high value to hackers. Thus, all those breaches we read about.
Whether it’s a major breach that exposes millions of records or one of many other smaller-scale breaches like the thousands that have struck healthcare providers, each one serves as a reminder that data breaches happen regularly and that we could find ourselves affected. Depending on the breach and the kind of information you’ve shared with the business or organization in question, information stolen in a breach could include:
What do crooks do with that data? Several things. Apart from using it themselves, they may sell that data to other criminals. Either way, this can lead to illicit use of credit and debit cards, draining of bank accounts, claiming tax refunds or medical expenses in the names of the victims, or, in extreme cases, assuming the identity of others altogether.
In all, data is a kind of currency in of itself because it has the potential to unlock several aspects of victim’s life, each with its own monetary value. It’s no wonder that big breaches like these have made the news over the years, with some of the notables including:
Facebook – 2019: Two sets of data exposed the records of more than 530 million users, including phone numbers, account names, and Facebook IDs.
Marriott International (Starwood) – 2018: Half a million guests had names, email and physical mailing addresses, phone numbers, passport numbers, Starwood Preferred Guest account information, dates of birth, and other information about their stays exposed.
Equifax – 2017: Some 147 million records that included names, addresses, dates of birth, driver’s license numbers, and Social Security Numbers were exposed, along with a relatively small subset of 200,000 victims having their credit card information exposed as well.
As mentioned, these are big breaches with big companies that we likely more than recognize. Yet smaller and mid-sized businesses are targets as well, with some 43% of data breaches involving companies of that size. Likewise, restaurants and retailers have seen their Point-of-Sale (POS) terminals compromised, right on down to neighborhood restaurants.
When a company experiences a data breach, customers need to realize that this could impact their online safety. If your favorite coffee shop’s customer database gets leaked, there’s a chance that your personal or financial information was exposed. However, this doesn’t mean that your online safety is doomed. If you think you were affected by a breach, there are multiple steps you can take to help protect yourself from the potential side effects.
One of the most effective ways to determine whether someone is fraudulently using one or more of your accounts is to check your statements. If you see any charges that you did not make, report them to your bank or credit card company immediately. They have processes in place to handle fraud. While you’re with them, see if they offer alerts for strange purchases, transactions, or withdrawals.
File a police report and a Federal Trade Commission (FTC) Identity Theft Report. This will help in case someone uses your Social Security number to commit fraud, since it will provide a legal record of the theft. The FTC can also assist by guiding you through the identity theft recovery process as well. Their site offers a step-by-step recovery plan that you can follow and track your progress as you go.
If you suspect that your data might have been compromised, place a fraud alert on your credit. This not only ensures that any new or recent requests undergo scrutiny, but also allows you to have extra copies of your credit report so you can check for suspicious activity. You can place one fraud alert with any of the three major credit reporting agencies (Equifax, Experian, TransUnion) and they will notify the other two. A fraud alert typically lasts for a year, although there are options for extending it as well.
Freezing your credit will make it highly difficult for criminals to take out loans or open new accounts in your name, as a freeze halts all requests to pull your credit—even legitimate ones. In this way, it’s a far stronger measure than placing a fraud alert. Note that if you plan to take out a loan, open a new credit card, or other activity that will prompt a credit report, you’ll need to take extra steps to see that through while the freeze is in place. (The organization you’re working with can assist with the specifics.) Unlike the fraud alert, you’ll need to contact each major credit reporting agency to put one in place. Also, a freeze lasts as long as you have it in place. You’ll have to remove it yourself, again with each agency.
Ensure that your passwords are strong and unique. Many people utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials, such as one you’ll find in comprehensive online protection software.
A solution such as this will help you to monitor your accounts and alert you of any suspicious activity. Specifically, our own Identity Protection Service will monitor several types of personally identifiable information, alert you of potentially stolen personal info, and offer guided help to neutralize the threat. Also, it can help you steer clear of some types of theft with preventative guidance that can help keep theft from happening in the first place. With this set up on your computers and smartphone you can stay in the know and address issues immediately.
To use your credit card safely online to make purchases, add both a VPN and password manager into your toolbox of security solutions. A VPN keeps your shopping experience private, while a password manager helps you keep track of and protect all your online accounts. Again, you’ll find a VPN as part of comprehensive online protection software.
The post Affected by a Data Breach? Here Are Security Steps You Should Take appeared first on McAfee Blogs.