Login
Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the software. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.
In November 2022, researchers at Google’s Project Zero warned about active attacks on Samsung mobile phones which chained together three security vulnerabilities that Samsung patched in March 2021, and which would have allowed an app to add or read any files on the device.
Google said it believes the exploit chain for Samsung devices belonged to a “commercial surveillance vendor,” without elaborating further. The highly technical writeup also did not name the malicious app in question.
On Feb. 28, 2023, researchers at the Chinese security firm DarkNavy published a blog post purporting to show evidence that a major Chinese ecommerce company’s app was using this same three-exploit chain to read user data stored by other apps on the affected device, and to make its app nearly impossible to remove.
DarkNavy likewise did not name the app they said was responsible for the attacks. In fact, the researchers took care to redact the name of the app from multiple code screenshots published in their writeup. DarkNavy did not respond to requests for clarification.
“At present, a large number of end users have complained on multiple social platforms,” reads a translated version of the DarkNavy blog post. “The app has problems such as inexplicable installation, privacy leakage, and inability to uninstall.”
Update, March 27, 1:24 p.m. ET: Dan Goodin over at Ars Technica has an important update on this story that indicates the Pinduoduo code was exploiting a zero-day vulnerability in Android — not Samsung. From that piece:
“A preliminary analysis by Lookout found that at least two off-Play versions of Pinduoduo for Android exploited CVE-2023-20963, the tracking number for an Android vulnerability Google patched in updates that became available to end users two weeks ago. This privilege-escalation flaw, which was exploited prior to Google’s disclosure, allowed the app to perform operations with elevated privileges. The app used these privileges to download code from a developer-designated site and run it within a privileged environment.
“The malicious apps represent “a very sophisticated attack for an app-based malware,” Christoph Hebeisen, one of three Lookout researchers who analyzed the file, wrote in an email. “In recent years, exploits have not usually been seen in the context of mass-distributed apps. Given the extremely intrusive nature of such sophisticated app-based malware, this is an important threat mobile users need to protect against.”
On March 3, 2023, a denizen of the now-defunct cybercrime community BreachForums posted a thread which noted that a unique component of the malicious app code highlighted by DarkNavy also was found in the ecommerce application whose name was apparently redacted from the DarkNavy analysis: Pinduoduo.
A Mar. 3, 2023 post on BreachForums, comparing the redacted code from the DarkNavy analysis with the same function in the Pinduoduo app available for download at the time.
On March 4, 2023, e-commerce expert Liu Huafang posted on the Chinese social media network Weibo that Pinduoduo’s app was using security vulnerabilities to gain market share by stealing user data from its competitors. That Weibo post has since been deleted.
On March 7, the newly created Github account Davinci1010 published a technical analysis claiming that until recently Pinduoduo’s source code included a “backdoor,” a hacking term used to describe code that allows an adversary to remotely and secretly connect to a compromised system at will.
That analysis includes links to archived versions of Pinduoduo’s app released before March 5 (version 6.50 and lower), which is when Davinci1010 says a new version of the app removed the malicious code.
Pinduoduo has not yet responded to requests for comment. Pinduoduo parent company PDD Holdings told Reuters Google has not shared details about why it suspended the app.
The company told CNN that it strongly rejects “the speculation and accusation that Pinduoduo app is malicious just from a generic and non-conclusive response from Google,” and said there were “several apps that have been suspended from Google Play at the same time.”
Pinduoduo is among China’s most popular e-commerce platforms, boasting approximately 900 million monthly active users.
Most of the news coverage of Google’s move against Pinduoduo emphasizes that the malware was found in versions of the Pinduoduo app available outside of Google’s app store — Google Play.
“Off-Play versions of this app that have been found to contain malware have been enforced on via Google Play Protect,” a Google spokesperson said in a statement to Reuters, adding that the Play version of the app has been suspended for security concerns.
However, Google Play is not available to consumers in China. As a result, the app will still be available via other mobile app stores catering to the Chinese market — including those operated by Huawei, Oppo, Tencent and VIVO.
Google said its ban did not affect the PDD Holdings app Temu, which is an online shopping platform in the United States. According to The Washington Post, four of the Apple App Store’s 10 most-downloaded free apps are owned by Chinese companies, including Temu and the social media network TikTok.
The Pinduoduo suspension comes as lawmakers in Congress this week are gearing up to grill the CEO of TikTok over national security concerns. TikTok, which is owned by Beijing-based ByteDance, said last month that it now has roughly 150 million monthly active users in the United States.
A new cybersecurity strategy released earlier this month by the Biden administration singled out China as the greatest cyber threat to the U.S. and Western interests. The strategy says China now presents the “broadest, most active, and most persistent threat to both government and private sector networks,” and says China is “the only country with both the intent to reshape the international order and, increasingly, the economic, diplomatic, military, and technological power to do so.”
A new breach involving data from nine million AT&T customers is a fresh reminder that your mobile provider likely collects and shares a great deal of information about where you go and what you do with your mobile device — unless and until you affirmatively opt out of this data collection. Here’s a primer on why you might want to do that, and how.
Image: Shutterstock
Telecommunications giant AT&T disclosed this month that a breach at a marketing vendor exposed certain account information for nine million customers. AT&T said the data exposed did not include sensitive information, such as credit card or Social Security numbers, or account passwords, but was limited to “Customer Proprietary Network Information” (CPNI), such as the number of lines on an account.
Certain questions may be coming to mind right now, like “What the heck is CPNI?” And, ‘If it’s so ‘customer proprietary,’ why is AT&T sharing it with marketers?” Also maybe, “What can I do about it?” Read on for answers to all three questions.
AT&T’s disclosure said the information exposed included customer first name, wireless account number, wireless phone number and email address. In addition, a small percentage of customer records also exposed the rate plan name, past due amounts, monthly payment amounts and minutes used.
CPNI refers to customer-specific “metadata” about the account and account usage, and may include:
-Called phone numbers
-Time of calls
-Length of calls
-Cost and billing of calls
-Service features
-Premium services, such as directory call assistance
According to a succinct CPNI explainer at TechTarget, CPNI is private and protected information that cannot be used for advertising or marketing directly.
“An individual’s CPNI can be shared with other telecommunications providers for network operating reasons,” wrote TechTarget’s Gavin Wright. “So, when the individual first signs up for phone service, this information is automatically shared by the phone provider to partner companies.”
Is your mobile Internet usage covered by CPNI laws? That’s less clear, as the CPNI rules were established before mobile phones and wireless Internet access were common. TechTarget’s CPNI primer explains:
“Under current U.S. law, cellphone use is only protected as CPNI when it is being used as a telephone. During this time, the company is acting as a telecommunications provider requiring CPNI rules. Internet use, websites visited, search history or apps used are not protected CPNI because the company is acting as an information services provider not subject to these laws.”
Hence, the carriers can share and sell this data because they’re not explicitly prohibited from doing so. All three major carriers say they take steps to anonymize the customer data they share, but researchers have shown it is not terribly difficult to de-anonymize supposedly anonymous web-browsing data.
“Your phone, and consequently your mobile provider, know a lot about you,” wrote Jack Morse for Mashable. “The places you go, apps you use, and the websites you visit potentially reveal all kinds of private information — e.g. religious beliefs, health conditions, travel plans, income level, and specific tastes in pornography. This should bother you.”
Happily, all of the U.S. carriers are required to offer customers ways to opt out of having data about how they use their devices shared with marketers. Here’s a look at some of the carrier-specific practices and opt-out options.
AT&T’s policy says it shares device or “ad ID”, combined with demographics including age range, gender, and ZIP code information with third parties which explicitly include advertisers, programmers, and networks, social media networks, analytics firms, ad networks and other similar companies that are involved in creating and delivering advertisements.
AT&T said the data exposed on 9 million customers was several years old, and mostly related to device upgrade eligibility. This may sound like the data went to just one of its partners who experienced a breach, but in all likelihood it also went to hundreds of AT&T’s partners.
AT&T’s CPNI opt-out page says it shares CPNI data with several of its affiliates, including WarnerMedia, DirecTV and Cricket Wireless. Until recently, AT&T also shared CPNI data with Xandr, whose privacy policy in turn explains that it shares data with hundreds of other advertising firms. Microsoft bought Xandr from AT&T last year.
According to the Electronic Privacy Information Center (EPIC), T-Mobile seems to be the only company out of the big three to extend to all customers the rights conferred by the California Consumer Privacy Act (CCPA).
EPIC says T-Mobile customer data sold to third parties uses another unique identifier called mobile advertising IDs or “MAIDs.” T-Mobile claims that MAIDs don’t directly identify consumers, but under the CCPA MAIDs are considered “personal information” that can be connected to IP addresses, mobile apps installed or used with the device, any video or content viewing information, and device activity and attributes.
T-Mobile customers can opt out by logging into their account and navigating to the profile page, then to “Privacy and Notifications.” From there, toggle off the options for “Use my data for analytics and reporting” and “Use my data to make ads more relevant to me.”
Verizon’s privacy policy says it does not sell information that personally identities customers (e.g., name, telephone number or email address), but it does allow third-party advertising companies to collect information about activity on Verizon websites and in Verizon apps, through MAIDs, pixels, web beacons and social network plugins.
According to Wired.com’s tutorial, Verizon users can opt out by logging into their Verizon account through a web browser or the My Verizon mobile app. From there, select the Account tab, then click Account Settings and Privacy Settings on the web. For the mobile app, click the gear icon in the upper right corner and then Manage Privacy Settings.
On the privacy preferences page, web users can choose “Don’t use” under the Custom Experience section. On the My Verizon app, toggle any green sliders to the left.
EPIC notes that all three major carriers say resetting the consumer’s device ID and/or clearing cookies in the browser will similarly reset any opt-out preferences (i.e., the customer will need to opt out again), and that blocking cookies by default may also block the opt-out cookie from being set.
T-Mobile says its opt out is device-specific and/or browser-specific. “In most cases, your opt-out choice will apply only to the specific device or browser on which it was made. You may need to separately opt out from your other devices and browsers.”
Both AT&T and Verizon offer opt-in programs that gather and share far more information, including device location, the phone numbers you call, and which sites you visit using your mobile and/or home Internet connection. AT&T calls this their Enhanced Relevant Advertising Program; Verizon’s is called Custom Experience Plus.
In 2021, multiple media outlets reported that some Verizon customers were being automatically enrolled in Custom Experience Plus — even after those customers had already opted out of the same program under its previous name — “Verizon Selects.”
If none of the above opt out options work for you, at a minimum you should be able to opt out of CPNI sharing by calling your carrier, or by visiting one of their stores.
Why should you opt out of sharing CPNI data? For starters, some of the nation’s largest wireless carriers don’t have a great track record in terms of protecting the sensitive information that you give them solely for the purposes of becoming a customer — let alone the information they collect about your use of their services after that point.
In January 2023, T-Mobile disclosed that someone stole data on 37 million customer accounts, including customer name, billing address, email, phone number, date of birth, T-Mobile account number and plan details. In August 2021, T-Mobile acknowledged that hackers made off with the names, dates of birth, Social Security numbers and driver’s license/ID information on more than 40 million current, former or prospective customers who applied for credit with the company.
Last summer, a cybercriminal began selling the names, email addresses, phone numbers, SSNs and dates of birth on 23 million Americans. An exhaustive analysis of the data strongly suggested it all belonged to customers of one AT&T company or another. AT&T stopped short of saying the data wasn’t theirs, but said the records did not appear to have come from its systems and may be tied to a previous data incident at another company.
However frequently the carriers may alert consumers about CPNI breaches, it’s probably nowhere near often enough. Currently, the carriers are required to report a consumer CPNI breach only in cases “when a person, without authorization or exceeding authorization, has intentionally gained access to, used or disclosed CPNI.”
But that definition of breach was crafted eons ago, back when the primary way CPNI was exposed was through “pretexting,” such when the phone company’s employees are tricked into giving away protected customer data.
In January, regulators at the U.S. Federal Communications Commission (FCC) proposed amending the definition of “breach” to include things like inadvertent disclosure — such as when companies expose CPNI data on a poorly-secured server in the cloud. The FCC is accepting public comments on the matter until March 24, 2023.
While it’s true that the leak of CPNI data does not involve sensitive information like Social Security or credit card numbers, one thing AT&T’s breach notice doesn’t mention is that CPNI data — such as balances and payments made — can be abused by fraudsters to make scam emails and text messages more believable when they’re trying to impersonate AT&T and phish AT&T customers.
The other problem with letting companies share or sell your CPNI data is that the wireless carriers can change their privacy policies at any time, and you are assumed to be okay with those changes as long as you keep using their services.
For example, location data from your wireless device is most definitely CPNI, and yet until very recently all of the major carriers sold their customers’ real-time location data to third party data brokers without customer consent.
What was their punishment? In 2020, the FCC proposed fines totaling $208 million against all of the major carriers for selling their customers’ real-time location data. If that sounds like a lot of money, consider that all of the major wireless providers reported tens of billions of dollars in revenue last year (e.g., Verizon’s consumer revenue alone was more than $100 billion last year).
If the United States had federal privacy laws that were at all consumer-friendly and relevant to today’s digital economy, this kind of data collection and sharing would always be opt-in by default. In such a world, the enormously profitable wireless industry would likely be forced to offer clear financial incentives to customers who choose to share this information.
But until that day arrives, understand that the carriers can change their data collection and sharing policies when it suits them. And regardless of whether you actually read any notices about changes to their privacy policies, you will have agreed to those changes as long as you continue using their service.
Related tags
An astrobiologist, analog astronaut, author and speaker, Dr. Michaela Musilova shares her experience as a woman at the forefront of space exploration and from her quest for scientific and personal excellence
The post ‘A woman from Mars’: Life in the pursuit of space exploration appeared first on WeLiveSecurity
A security firm has discovered that a six-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here’s a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service.
The BHProxies website.
First identified in 2017 by the security firm Deep Instinct, Mylobot employs a number of fairly sophisticated methods to remain undetected on infected hosts, such as running exclusively in the computer’s temporary memory, and waiting 14 days before attempting to contact the botnet’s command and control servers.
Last year, researchers at Minerva Labs spotted the botnet being used to blast out sextortion scams. But according to a new report from BitSight, the Mylobot botnet’s main functionality has always been about transforming the infected system into a proxy.
The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. BitSight researchers found significant overlap in the Internet addresses used by those domains and a domain called BHproxies[.]com.
BHProxies sells access to “residential proxy” networks, which allow someone to rent a residential IP address to use as a relay for their Internet communications, providing anonymity and the advantage of being perceived as a residential user surfing the web. The service is currently advertising access to more than 150,000 devices globally.
“At this point, we cannot prove that BHProxies is linked to Mylobot, but we have a strong suspicion,” wrote BitSight’s Stanislas Arnoud.
To test their hypothesis, BitSight obtained 50 proxies from BHProxies. The researchers were able to use 48 of those 50 proxies to browse to a website they controlled — allowing them to record the true IP addresses of each proxy device.
“Among these 48 recovered residential proxies IP addresses, 28 (58.3%) of those were already present in our sinkhole systems, associated with the Mylobot malware family,” Arnoud continued. “This number is probably higher, but we don’t have a full visibility of the botnet. This gave us clear evidence that Mylobot infected computers are used by the BHProxies service.”
BitSight said it is currently seeing more than 50,000 unique Mylobot infected systems every day, and that India appears to be the most targeted country, followed by the United States, Indonesia and Iran.
“We believe we are only seeing part of the full botnet, which may lead to more than 150,000 infected computers as advertised by BHProxies’ operators,” Arnoud wrote.
The website BHProxies[.]com has been advertised for nearly a decade on the forum Black Hat World by the user BHProxies. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022.
BHProxies initially was fairly active on Black Hat World between May and November 2012, after which it suddenly ceased all activity. The account didn’t resume posting on the forum until April 2014.
According to cyber intelligence firm Intel 471, the user BHProxies also used the handle “hassan_isabad_subar” and marketed various software tools, including “Subar’s free email creator” and “Subar’s free proxy scraper.”
Intel 471’s data shows that hassan_isabad_subar registered on the forum using the email address jesus.fn.christ@gmail.com. In a June 2012 private message exchange with a website developer on Black Hat World, hassan_isabad_subar confided that they were working at the time to develop two websites, including the now-defunct customscrabblejewelry.com.
DomainTools.com reports that customscrabblejewelry.com was registered in 2012 to a Teresa Shotliff in Chesterland, Ohio. A search on jesus.fn.christ@gmail.com at Constella Intelligence, a company that tracks compromised databases, shows this email address is tied to an account at the fundraising platform omaze.com, for a Brian Shotliff from Chesterland, Ohio.
Reached via LinkedIn, Mr. Shotliff said he sold his BHProxies account to another Black Hat World forum user from Egypt back in 2014. Shotliff shared an April 2014 password reset email from Black Hat World, which shows he forwarded the plaintext password to the email address legendboy2050@yahoo.com. He also shared a PayPal receipt and snippets of Facebook Messenger logs showing conversations in March 2014 with legendboy2050@yahoo.com.
Constella Intelligence confirmed that legendboy2050@yahoo.com was indeed another email address tied to the hassan_isabad_subar/BHProxies identity on Black Hat World. Constella also connects legendboy2050 to Facebook and Instagram accounts for one Abdala Tawfik from Cairo. This user’s Facebook page says Tawfik also uses the name Abdalla Khafagy.
Tawfik’s Instagram account says he is a former operations manager at the social media network TikTok, as well as a former director at Crypto.com.
Abdalla Khafagy’s LinkedIn profile says he was “global director of community” at Crypto.com for about a year ending in January 2022. Before that, the resume says he was operations manager of TikTok’s Middle East and North Africa region for approximately seven months ending in April 2020.
Khafagy’s LinkedIn profile says he is currently founder of LewkLabs, a Dubai-based “blockchain-powered, SocialFi content monetization platform” that last year reported funding of $3.26 million from private investors.
The only experience listed for Khafagy prior to the TikTok job is labeled “Marketing” at “Confidential,” from February 2014 to October 2019.
Reached via LinkedIn, Mr. Khafagy told KrebsOnSecurity that he had a Black Hat World account at some point, but that he didn’t recall ever having used an account by the name BHProxies or hassan_isabad_subar. Khafagy said he couldn’t remember the name of the account he had on the forum.
“I had an account that was simply hacked from me shortly after and I never bothered about it because it wasn’t mine in the first place,” he explained.
Khafagy declined to elaborate on the five-year stint in his resume marked “Confidential.” When asked directly whether he had ever been associated with the BHProxies service, Mr. Khafagy said no.
That Confidential job listing is interesting because its start date lines up with the creation of BHproxies[.]com. Archive.org indexed its first copy of BHProxies[.]com on Mar. 5, 2014, but historic DNS records show BHproxies[.]com first came online Feb. 25, 2014.
Shortly after that conversation with Mr. Khafagy, Mr. Shotliff shared a Facebook/Meta message he received that indicated Mr. Khafagy wanted him to support the claim that the BHProxies account had somehow gone missing.
“Hey mate, it’s been a long time. Hope you are doing well. Someone from Krebs on Security reached out to me about the account I got from you on BHW,” Khafagy’s Meta account wrote. “Didn’t we try to retrieve this account? I remember mentioning to you that it got stolen and I was never able to retrieve it.”
Mr. Shotliff said Khafagy’s sudden message this week was the first time he’d heard that claim.
“He bought the account,” Shotliff said. “He might have lost the account or had it stolen, but it’s not something I remember.”
If you liked this story, you may also enjoy these other investigations into botnet-based proxy services:
A Deep Dive Into the Residential Proxy Service ‘911’
911 Proxy Service Implodes After Disclosing Breach
Meet the Administrators of the RSOCKS Proxy Botnet
The Link Between AWM Proxy & the Glupteba Botnet
15-Year-Old Malware Proxy Network VIP72 Goes Dark
Who’s Behind the TDSS Botnet?
Millions of Americans receiving food assistance benefits just earned a new right that they can’t yet enforce: The right to be reimbursed if funds on their Electronic Benefit Transfer (EBT) cards are stolen by card skimming devices secretly installed at cash machines and grocery store checkout lanes.
On December 29, 2022, President Biden signed into law the Consolidated Appropriations Act of 2023, which — for the first time ever — includes provisions for the replacement of stolen EBT benefits. This is a big deal because in 2022, organized crime groups began massively targeting EBT accounts — often emptying affected accounts at ATMs immediately after the states disperse funds each month.
EBT cards can be used along with a personal identification number (PIN) to pay for goods at participating stores, and to withdraw cash from an ATM. However, EBT cards differ from debit cards issued to most Americans in two important ways. First, most states do not equip EBT cards with smart chip technology, which can make the cards more difficult and expensive for skimming thieves to clone.
More critically, EBT participants traditionally have had little hope of recovering food assistance funds when their cards were copied by card-skimming devices and used for fraud. That’s because while the EBT programs are operated by individually by the states, those programs are funded by the U.S. Department of Agriculture (USDA), which until late last year was barred from reimbursing states for stolen EBT funds.
The protections passed in the 2023 Appropriations Act allow states to use federal funds to replace stolen EBT benefits, and they permit states to seek reimbursement for any skimmed EBT funds they may have replaced from their own coffers (dating back to Oct. 1, 2022).
But first, all 50 states must each submit a plan for how they are going to protect and replace food benefits stolen via card skimming. Guidance for the states in drafting those plans was issued by the USDA on Jan. 31 (PDF), and states that don’t get them done before Feb. 27, 2023 risk losing the ability to be reimbursed for EBT fraud losses.
Deborah Harris is a staff attorney at The Massachusetts Law Reform Institute (MLRI), a nonprofit legal assistance organization that has closely tracked the EBT skimming epidemic. In November 2022, the MLRI filed a class-action lawsuit against Massachusetts on behalf of thousands of low-income families who were collectively robbed of more than $1 million in food assistance benefits by card skimming devices secretly installed at cash machines and grocery store checkout lanes across the state.
Harris said she’s pleased that the USDA guidelines were issued so promptly, and that the guidance for states was not overly prescriptive. For example, some security experts have suggested that adding contactless capability to EBT cards could help participants avoid skimming devices altogether. But Harris said contactless cards do not require a PIN, which is the only thing that stops EBT cards from being drained at the ATM when a participant’s card is lost or stolen.
Then again, nothing in the guidance even mentions chip-based cards, or any other advice for improving the physical security of EBT cards. Rather, it suggests states should seek to develop the capability to perform basic fraud detection and alerting on suspicious transactions, such as when an EBT card that is normally used only in one geographic area suddenly is used to withdraw cash at an ATM halfway across the country.
“Besides having the states move fast to approve their plans, we’d also like to see a focused effort to move states from magstripe-only cards to chip, and also assisting states to develop the algorithms that will enable them to identify likely incidents of stolen benefits,” Harris said.
Harris said Massachusetts has begun using algorithms to look for these suspicious transaction patterns throughout its EBT network, and now has the ability to alert households and verify transactions. But she said most states do not have this capability.
“We have heard that other states aren’t currently able to do that,” Harris said. “But encouraging states to more affirmatively identify instances of likely theft and assisting with the claims and verification process is critical. Most households can’t do that on their own, and in Massachusetts it’s very hard for a person to get a copy of their transaction history. Some states can do that through third-party apps, but something so basic should not be on the burden of EBT households.”
Some states aren’t waiting for direction from the federal government to beef up EBT card security. Like Maryland, which identified more than 1,400 households hit by EBT skimming attacks last year — a tenfold increase over 2021.
Advocates for EBT beneficiaries in Maryland are backing Senate Bill 401 (PDF), which would require the use of chip technology and ongoing monitoring for suspicious activity (a hearing on SB401 is scheduled in the Maryland Senate Finance Commission for Thursday, Feb. 23, at 1 p.m.).
Michelle Salomon Madaio is a director at the Homeless Persons Representation Project, a legal assistance organization based in Silver Spring, Md. Madaio said the bill would require the state Department of Human Services to replace skimmed benefits, not only after the bill goes into effect but also retroactively from January 2020 to the present.
Madaio said the bill also would require the state to monitor for patterns of suspicious activity on EBT cards, and to develop a mechanism to contact potentially affected households.
“For most of the skimming victims we’ve worked with, the fraudulent transactions would be pretty easy to spot because they mostly happened in the middle of the night or out of state, or both,” Madaio said. “To make matters worse, a lot of families whose benefits were scammed then incurred late fees on many other things as a result.”
It is not difficult to see why organized crime groups have pounced on EBT cards as easy money. In most traditional payment card transactions, there are usually several parties that have a financial interest in minimizing fraud and fraud losses, including the bank that issued the card, the card network (Visa, MasterCard, Discover, etc.), and the merchant.
But that infrastructure simply does not exist within state EBT programs, and it certainly isn’t a thing at the inter-state level. What that means is that the vast majority of EBT cards have zero fraud controls, which is exactly what continues to make them so appealing to thieves.
For now, the only fraud controls available to most EBT cardholders include being especially paranoid about where they use their cards, and frequently changing their PINs.
According to USDA guidance issued prior to the passage of the appropriations act, EBT cardholders should consider changing their card PIN at least once a month.
“By changing PINs frequently, at least monthly, and doing so before benefit issuance dates, households can minimize their risk of stolen benefits from a previously skimmed EBT card,” the USDA advised.
Spoiler alert: it turned me down. But that’s far from the only thing I learned while playing around with the bot that the world has fallen in love with so badly.
The post ChatGPT, will you be my Valentine? appeared first on WeLiveSecurity
Cisco is honored to be this year’s winner of the Best Next Generation Firewall Award in the SE Labs 2023 Annual Report. This industry recognition validates Cisco’s continuous push towards harmonizing network, workload, and application security across hybrid and multicloud environments. I’m incredibly proud of the Cisco Secure Firewall team and am thankful for our amazing customers who continue to trust Cisco and develop their network security around our capabilities.
SE Labs, a cybersecurity testing and evaluation firm, provides impartial and independent assessments of various cybersecurity products and solutions. In their 2023 Annual Report, SE Labs states:
“Our Annual Security Awards recognizes security vendors that notonly do well in our tests, but perform well in the real world withreal customers. These awards are the only in the industry thatrecognize strong lab work combined with practical success.”
SE Labs performs tests on behalf of customers seeking independent proof-of-value assistance, as well as security vendors. At Cisco, we use third-party evaluations from multiple sources, including SE Labs, to augment our internal testing and to drive product improvement.
Winners were determined after months of in-depth testing, based on a combination of continual public testing, private assessments and feedback from corporate clients who use SE Labs to help choose security products and services. The award further validates that our customers can expect superior threat protection and performance with Cisco Secure Firewall.
SE Labs’ reports use the MITRE ATT&CK framework, employing both common “commodity” malware samples and sophisticated, targeted attacks. Their network security testing uses full attack chains to assess the detection and protection abilities of network devices and combinations of network and endpoint solutions. SE Labs publishes its testing methodologies and is BS EN ISO 9001: 2015 certified for The Provision of IT Security Product Testing.
As a worldwide leader in networking and security, Cisco is better positioned than any other security vendor to incorporate effective firewall controls into our customers’ infrastructure — anywhere data and applications reside. We offer a comprehensive threat defense with industry-leading Snort 3 IPS to protect users, applications, and data from continuously evolving threats. Our solutions also leverage machine learning and advanced threat intelligence from Cisco Talos, one of the world’s largest commercial threat intelligence teams.
In the constantly evolving world of cybersecurity, it is important to have access to the latest and most advanced technologies to stay ahead of threats. Whether you are an enterprise, government, healthcare, or a service provider organization, Cisco Secure Firewall provides top-ranked security.
When you invest in Cisco Secure Firewall, you are investing in award-winning threat defense with capabilities that are built for the real world. Learn more about SE Labs 2023 Annual Report, Cisco Secure Firewall and how you can refresh your firewall.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
For Cisco engineers working on Duo, having a remote-first workplace has helped them reach life goals, connect with colleagues around the world, and be intentional communicators. We understand that working remotely can be an adjustment — that’s why we’ve compiled the 10 parts of remote work that surprised our team members most and their advice for navigating the nuances. If you’re interested in being part of a remote-first workplace, check out our open positions.
Senior Engineering Leader David Rines has worked remotely for the past seven years. He’s found that Cisco’s approach to distributed teams has “enabled us to pick up the right talent, and not necessarily local talent. We are moving towards a global, follow the sun environment,” he said.
One of the aspects Rines appreciates most of this structure is getting “a widely varied set of perspectives and experiences that help build a more reliable, more robust product, which is why we’re here.”
Another benefit to having colleagues across the globe is the sharing of recipes, a perk Senior Site Reliability Engineer Bernard Ting particularly enjoys. Proactively communicating with colleagues virtually “helps you to form bonds with people from other teams. You can always learn something new about cultures elsewhere. I talk to people about food and so I’m always gathering recipes from people from all over the world,” Ting shared.
While some may fear that working remotely could lead to feelings of isolation and loneliness, a different camaraderie can flourish in the structure of our distributed teams. With colleagues across time zones, “there’s always someone there who you can reach out to help solve your problem,” Rines said.
Collaboration hours are another way Site Reliability Engineering Manager Jaya Sistla has cultivated virtual community and problem-solving. These hours are blocked off for team members to talk about what they’re working on. “The main thing is being able to ask for help so you don’t go into the rabbit hole debugging things,” Sistla said.
Ting points out that working in a distributed model allows you to really engage in virtual events and conversations. Given that the team mainly communicates through online chat, Ting has found that “forces you to see everyone as equally approachable, which has made me more comfortable reaching out to people from anywhere in the world.”
For folks sharing an office, collaboration can happen through casual chats over coffee. When facing a challenge, you can ask your neighbor for support. While ideally virtual communication could have a similar cadence and spontaneity, the logistics of remote and distributed work require intentionality and being proactive in connecting with colleagues as people and as co-workers.
When Ting first started working remotely, he felt that every meeting needed to be formal and have a business objective. By sharing his feelings with his manager, he was reassured that “socializing is a very important part of teamwork, because if you don’t have a good relationship with your colleagues you’re not going to be able to have healthy discussions, healthy conflict or be able to critique each other when the situation arises.”
Since that conversation, Ting has been more proactive about catching up with colleagues, which can include sharing a coffee over video chat. Duo’s “coffee roulette” formalizes the process as every month, employees who opt in can be randomly paired up for a quick half-hour chat focused exclusively on socializing. Ting has found being proactive about socializing virtually helpful. “It’s made me more intentional with my time and really treasure the social experience you can get,” he said.
Some folks may be concerned that without a manager observing their efforts and work ethic day in and day out, it may be harder to recognize accomplishments and challenges. Ting found that within his team “when you work on projects and in your one-on-ones with your managers, they’re always very intentional about learning what you’ve been doing and seeing what your progress is like on certain projects. I’ve been asked, ‘How do you think you can improve? What are some of the things you’ve been doing outside of the team work?’”
To cultivate cross-team collaboration and education, there are thoughtfully planned virtual lunch and learns. “We schedule training sessions and common meetings at times that are flexible for everyone. If it has to be repeated, we do it so people can comfortably attend rather than stretching themselves and attending at odd hours,” Sistla said.
For Software Engineer Nick Aspinall, an important and fun part of working remotely is keeping in touch with virtual messaging. One unique perk has been getting to create and customize emojis with team members including a few of himself in “various ridiculous states,” he said.
Connecting with colleagues on themed channels focused on personal and professional interests from coffee to pets “makes it really cool because you can meet people across different teams and still get some of the feeling of rubbing elbows that you get when you’re in the office,” Aspinall said. Participating in these virtual conversations boosts morale while also providing an endless supply of cute animal pics.
Given the multi-faceted nature of our work and the importance of consistent information sharing, having different communication channels and formats to communicate data with varying degrees of complexity is vital. Having information readily accessible, accurate and updated is particularly necessary in a field like cybersecurity.
Senior Software Engineer Mario Lopez finds that the variety of information sources contributes to an easeful remote working experience. For instance, for complex architecture decisions or detailing, Duo’s Wiki is the best source.
Software Engineer Hanna Fernandez has benefited from chat channels dedicated to design and engineering topics to “see what everyone’s up to and what thoughts people have,” she said. Sista pointed out these are great places to ask questions and open up dialogue to solve problems.
Our culture is “video-on,” meaning that it is preferred that during video meetings, as much as possible, attendees have their cameras on. Lopez loves this because “you get a bit of that personal human element.”
“We’re all people behind these screens. You definitely get some of people’s personality through text, but you get it more when you actually see them. It’s infectious when you see someone smiling. You’ve got to smile back,” he shared (while we both smiled).
When Fernandez started at Cisco, she was advised to schedule individual meetings with everyone she would be working with on every team that she joined. That suggestion is one she’s applied even virtually.
“It’s a great strategy because I already know that my team is super talented and very smart, but this way I also get to know them as humans beyond their roles,” Fernandez said. Fernandez also finds it important to check in with co-workers and ask how they’re feeling and how their time off was. “I know a lot of people hate small talk, but it’s not just small talk. I’m genuinely interested in how my co-workers are doing.”
One of Ting’s biggest goals was buying his first house in the countryside outside of London. By working remotely, Ting has flexibility in his location which allowed him to achieve his goal of buying a house and settling down with his partner, while giving their dogs the space they need to be dogs.
When transitioning from fully remote to hybrid, it’s important to recognize that there will be some shifts to get accustomed to. As the structures of remote, distributed and hybrid work evolve, it’s important to stay flexible and notice what’s possible through multiple modalities of team building. Many teams have enjoyed in-person gatherings and connecting through virtual lunches and team games when remote.
Fernandez has had multiple roles with multiple structures at Cisco. As an intern, she was fully in person and shared desk space with other interns who collaborated on full stack engineering. While working in finance IT, Fernandez was hybrid and many of her colleagues were distributed among multiple offices. The pandemic began while she was in a DevOps role, forcing her to maintain boundaries around her work time while working fully remotely. In her current role working on Duo, Fernandez is completely remote but advocates for in-person events if possible, because “humans are social creatures who want to see each other’s faces in real life once in a while.”
For Aspinall, “when we did come back to the office, there was a bit of an adjustment period where you were overstimulated from the office.” He also wanted to ensure team members who were 100% remote were fully included. Now he sees that while half his team is fully remote and the other half is hybrid, “that doesn’t stop anyone from doing anything. All of our meetings feel the same. They’re all seamless.”
If you’re interested in joining our team from wherever you are in the world, check out our open roles.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Related tags
Imagine this: Your CEO sends you an email asking for your help transferring $5,000 to a new vendor for an urgent project. You make the transfer, only to find out later that the email was actually from an imposter, and that money is now in the hands of cybercriminals. Oops, right? crickets
Business Email Compromise (BEC) is a type of cybercrime that involves compromising or imitating legitimate business email accounts to carry out fraudulent transactions or steal sensitive information. The goal of a BEC attack is typically to trick the victim into transferring money, clicking on a malicious link, or disclosing sensitive information such as login credentials. BEC attacks can have a devastating impact on organizations of all sizes and in all industries, making it essential for businesses to be aware of the threat, understand the business risk, and take the necessary steps to protect themselves.
According to the latest FBI IC3 report, BEC is “one of the most financially damaging online crimes” and in 2021 was accountable for $2.4 Billion in adjusted losses for businesses and consumers.
One of the most common types of BEC attacks is called impersonating or email spoofing. By pretending to be a trusted colleague or business partner to gain the victim’s trust, the attacker uses social engineering techniques to trick the victim into clicking on a link or attachment in an email that contains malware, takes the victim to a malicious website, and has them transfer funds or change payment information.
BEC attacks can be very sophisticated and are difficult to detect. Many times, what the end-user sees on their email client does not represent the true email address of that sender, or it shows one that has been spoofed.
Typically, the attacker tries to impersonate someone in the organization with enough authority to not be questioned about what he/she is asking to be done.
As with everything in security, to be able to succeed in stopping BEC attacks, additional security layers & techniques should be implemented. There are several options to mitigate or reduce the number of successful BEC attacks. Creating a list of the people who will be likely to be impersonated will provide the best results. Usually, with names from the CxO level, this is known as a High Impact Personnel list. It will be used along with other security analysis engines to make sure any impersonated/spoof emails, along with other threats, get stopped and will not reach the end user.
The Cisco Secure Email Threat Defense solution leverages hundreds of detection engines that utilize state-of-the-art artificial intelligence/machine learning and natural language processing to convict messages from the most creative attackers! On top of this, our customers can define their High Impact Personnel list, and together with the other detection engines, will be able to not only block malicious messages but also understand the reasons and categories of why a message is being convicted as malicious.
In summary, Business Email Compromise (BEC) is a serious threat to organizations of all sizes and in all industries. To protect against BEC attacks, businesses should implement multiple techniques including identifying their High Impact Personnel for their organization, educating employees about the threat, and relying on reporting to understand who is being targeted most frequently so their security policies can be adjusted.
See how Secure Email Threat Defense identifies specific business risk factors to protect your organization.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Denis Emelyantsev, a 36-year-old Russian man accused of running a massive botnet called RSOCKS that stitched malware into millions of devices worldwide, pleaded guilty to two counts of computer crime violations in a California courtroom this week. The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.”
A copy of the passport for Denis Emelyantsev, a.k.a. Denis Kloster, as posted to his Vkontakte page in 2019.
First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device.
Customers could pay to rent access to a pool of proxies for a specified period, with costs ranging from $30 per day for access to 2,000 proxies, to $200 daily for up to 90,000 proxies.
Many of the infected systems were Internet of Things (IoT) devices, including industrial control systems, time clocks, routers, audio/video streaming devices, and smart garage door openers. Later in its existence, the RSOCKS botnet expanded into compromising Android devices and conventional computers.
In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet. But that action did not name any defendants.
Inspired by that takedown, KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Emelyantsev’s personal blog, where he went by the name Denis Kloster. The blog featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world,” and even included a group photo of RSOCKS employees.
“Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We make products that are used by thousands of people around the world, and this is very cool! And this is just the beginning!!! We don’t just work together and we’re not just friends, we’re Family.”
But by the time that investigation was published, Emelyantsev had already been captured by Bulgarian authorities responding to an American arrest warrant. At his extradition hearing, Emelyantsev claimed he would prove his innocence in an U.S. courtroom.
“I have hired a lawyer there and I want you to send me as quickly as possible to clear these baseless charges,” Emelyantsev told the Bulgarian court. “I am not a criminal and I will prove it in an American court.”
RSOCKS, circa 2016. At that time, RSOCKS was advertising more than 80,000 proxies. Image: archive.org.
Emelyantsev was far more than just an administrator of a large botnet. Behind the facade of his Internet advertising company based in Omsk, Russia, the RSOCKS botmaster was a major player in the Russian email spam industry for more than a decade.
Some of the top Russian cybercrime forums have been hacked over the years, and leaked private messages from those forums show the RSOCKS administrator claimed ownership of the RUSdot spam forum. RUSdot is the successor forum to Spamdot, a far more secretive and restricted community where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the forum imploded in 2010.
A Google-translated version of the Rusdot spam forum.
Indeed, the very first mentions of RSOCKS on any Russian-language cybercrime forums refer to the service by its full name as the “RUSdot Socks Server.”
Email spam — and in particular malicious email sent via compromised computers — is still one of the biggest sources of malware infections that lead to data breaches and ransomware attacks. So it stands to reason that as administrator of Russia’s most well-known forum for spammers, Emelyantsev probably knows quite a bit about other top players in the botnet spam and malware community.
It remains unclear whether Emelyantsev made good on his promise to spill that knowledge to American investigators as part of his plea deal. The case is being prosecuted by the U.S. Attorney’s Office for the Southern District of California, which has not responded to a request for comment.
Emelyantsev pleaded guilty on Monday to two counts, including damage to protected computers and conspiracy to damage protected computers. He faces a maximum of 20 years in prison, and is currently scheduled to be sentenced on April 27, 2023.
Gaming can help your children build and sharpen a range of life skills that will stand them in good stead in the future
The post 5 valuable skills your children can learn by playing video games appeared first on WeLiveSecurity
Does VALORANT’s approach to cheating signal a turning point in how we deal with the continued hacks afflicting our hybrid world of work and play?
The post Hybrid play: Leveling the playing field in online video gaming and beyond appeared first on WeLiveSecurity
Written by James Schmidt
Editor’s Note: We often speak of online scams in our blogs, ones that cost victims hundreds if not thousands of dollars. This account puts a face on one of those scams—along with the personal, financial, and emotional pain that they can leave in their wake. This is the story of “Meredith,” whose aunt “Leslie” fell victim to an emerging form on online elder fraud. Our thanks to James for bringing it forward and to “Meredith’s” family for sharing it, all so others can prevent such scams from happening to them.
“Embarrassing. Simply embarrassing.” She shook her head. “It’s too raw. I can’t talk about it right now. I need time.”
Her aunt had been scammed. To the tune of $100,000 dollars. My colleague—we both work in the security industry—felt a peculiar sense of loss.
“I work in this industry. I thought I’d done everything right. I’ve passed on enough warnings to my family and friends to ensure they’d avoid the fate of the scammed. Simply because I’m in this industry does not imply my circle is always aware of all the threats to them, even if I do my best to teach them.”
“My mental state, recently, borders on shame; this feeling, you know? How could someone working in my industry have something like this happen to a family member?”
I told her many people working in other industries cannot control what happens to people in their families even if people in that industry had knowledge that could have helped them or otherwise avoided a problem altogether.
“I know, but this simply should never have happened! My aunt is one of the smartest, most conscientious people I know, and she fell for this. It’s crazy and I can’t wrap my head around it.”
My colleague, let’s call her Meredith (not her real name as she’s a bit ashamed to know this happened to a family member), told me the beginnings.
Let’s call her aunt Leslie.
Her story unfolds, the overall picture a pastiche of millions of people in the United States today. Her aunt is retired, bored, lonely, and isolated. She feels adrift without something to occupy her time; she was looking for companionship, connections, someone (anyone) to talk to. Her feelings intensified during the pandemic. She morphed into perfect prey for scammers of what is now known as the “Pig Butchering Scam.”
The term “Pig Butchering” has a visceral and raw feel to it, which falls right in line with how brutal this scam can be. It’s a long con game, where the scammer befriends the victim and encourages them to make small investments through the scammer, which get bigger and bigger over time. The scammer builds trust early with what appear to be small investment wins. None of it is legit. The money goes right into the scammer’s pocket, even as the scammer shows the victim phony financial statements and dashboards to show off the bogus returns. Confidence grows. The scammer wrings even larger sums out of the victim. And then disappears.
It was a targeted attack that started innocuously enough with a “fake wrong number”. An SMS arrives. A text conversation starts. The scammer then apologizes but tells Leslie someone gave them the number to initiate the text.
The scammer then uses emotional and psychological techniques to keep Leslie hooked. “How are you, are you having a nice day?” Leslie, being bored and interested, engages willingly.
The scammer asks to talk directly, not via text: and a phone conversation ensues. The scammer proceeds to describe—in very soothing detail—what they are doing, helping people, like Leslie, invest their “hard-earned money” into something that will make them more money, to help them out in retirement.
Of course, it is too good to be true.
“The craziest part of all of this is my aunt refuses—to this day—to believe she’s been scammed!”
She still thinks this scammer is a “friend” even though the entire family is up in arms over this, all of whom beg her aunt to “open her eyes.”
“My aunt still thinks she’d going to see that money again, or even make some money, which is crazy. The scammers are so good at emotional intelligence; really leveraging heartstrings and psychological makeup of the forlorn in society. My aunt finally agreed to stop sending more money to the scammers, but only after the entire family threatened to cut her off from the rest of the family. It took a lot to get her to stop trusting the scammers.”
Meredith feels this is doubly sad as the aunt in question is not someone they’d ever imagine would in this predicament. She was always the upright one, always the diligent and hardworking and the best with money. She is smart and savvy and we could never imagine her to be taken by these people and taken so easily. It boggles the mind.”
She did start to change in the last few years. And the pandemic created a weird situation. Retirement, loneliness from loss of a partner, and the added burden of the pandemic created a perfect storm for her to open herself up to someone willingly, simply for the sake of connection.
“No one deserves this. It has rocked my family to the core. It is not only about the money, but we’ve found family bonds stretched. She believes these random people, these scammers, more than she believes her own family. Have we been neglectful of our aunt? Does she no longer put her faith in people she knows, rather gives money to complete strangers?”
Being a security professional does not provide magical protection. We are more aware of scams and scammers, and how they work, and what to look for, and we try to do all we can to keep our family aware of scams out there in the big wide world, but we are human. We fall short.
Diligence is action. Awareness is action. Education is action.
We need to be better, all of us, at socializing risky things. We need to consistently educate our family and friends to protect themselves, not only via security software (which everyone should have as default) but by providing tips and tricks and warnings for things we all need to be on the lookout. This is not a one-time thing. The cliché holds true: “If you see something say something.” Repetition helps.
In today’s world, the need for protecting people’s security, identity, and privacy is critical to keeping them safe. Scammers long stopped focusing on attacking only your computer. Now focus more than ever on YOU: your identity, your privacy, your trust. If they get you there, they soon get your money.
As for contributing factors to scammers success with their victims, such as loneliness, isolation, and boredom, they all have remedies. Make connections with your loved ones, especially those easily tagged as vulnerable, those you feel might be at risk. Reach out. It may be hard sometimes due to distance and other factors but make it a point to connect. There is a reason these scammers are succeeding. They are stepping into roles of companions to people who are desperate for connection.
Most people are greatly saddened at seeing other people being “taken.” Let’s work together to help stop the scammers.
Look out for each other, and get your people protected!
Editor’s Closing Note:
If you or someone you know suspects elder fraud, the following resources can help:
For further reading on scams and scam prevention, check out the guides in our McAfee Safety Series, which provide in-depth advice on protecting your identity and privacy—and your family from scams. They’re ready to download and share.
The post A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam appeared first on McAfee Blog.
It’s common practice to pull down the window shades at night. Homeowners invest in high fences. You may even cover the PIN pad when you type in your secret four-digit code at ATMs. Privacy is key to going about your daily life comfortably in your surroundings. Why shouldn’t privacy also extend to your digital surroundings?
This Data Privacy Day, round out your privacy protection toolbox with McAfee’s help so you can live your best online life safely.
An easy way to instantly boost the privacy of your every online move is to always connect to a virtual private network (VPN). A VPN scrambles your connected device’s internet session, meaning that it’s impossible for a cybercriminal to eavesdrop on your online comings and goings. VPNs are especially crucial for when you connect to public Wi-Fi networks or networks for which you cannot vouch for their security. Cybercriminals often lurk on public Wi-Fi networks at hotels, coffee shops, and libraries and pounce on users who connect their devices without the protection of a VPN.
Digital privacy not only implies remaining hidden from nefarious eyes, but also from the prying eyes of pesky advertisers. A VPN can assist with that too! When you have a VPN enabled, it confuses advertisers and targeted ads. The less information they have, the more privately you can surf online.
To improve your online privacy, it’s important to first know how safe you currently are. When you can identify your weakest digital privacy habits, you can make targeted improvements to them. Luckily, McAfee Protection Score can help you do just that! Protection Score is a helpful privacy tool that rates your current digital safety. Then, based on your score, the tool offers suggestions on how to boost your score.
For instance, Protection Score searches for your personally identifiable information (PII) on the dark web. If it finds a copy of your government ID or your financial records on a dubious site, your score will tank. While it may be alarming to have a low Protection Score, you can feel good that you’re making positive waves, hopefully before a cybercriminal takes advantage of your PII and uses it to steal your identity.
There are several easy ways to boost your score that require very little effort but have a huge payoff. Connecting to a VPN and running an antivirus scan on your device are just two things you can do and each only takes a few seconds. Changing your habits and turning your online safety around doesn’t have to be overwhelming! In some cases, there are services that’ll even do the work for you, like the service we’ll talk about next.
To round out your privacy protection toolbox, consider signing up for McAfee Personal Data Cleanup. This service is a great companion to Protection Score. While Protection Score identifies all the areas where you can improve your security, Personal Data Cleanup is a service that will remove your information from the web’s riskiest sites.
Did you know that, on average, a person has their PII for sale on 31 sites? Plus, 95% of people haven’t even given their permission and have their personal information for sale on data brokerage sites. Data brokerage sites are legal and anyone can buy your information. Online advertisers are the usual clients, but a cybercriminal can jump in and buy valuable PII, as well.
You should care about data privacy every day not just when the calendar reminds you on Data Privacy Day. Take the steps and invest in the right solutions to shore up your online defenses. McAfee+ Ultimate is an all-in-one service that includes unlimited VPN, Protection Score, a full-service Personal Data Cleanup, and 13 other high-quality identity, privacy, and device security tools.
Live your online life more confidently with McAfee, knowing that cybercriminals are less likely to slip by and damage your credit, identity, or online reputation.
The post 3 Tools to Round Out Your Privacy Protection Toolbox appeared first on McAfee Blog.
Authored by Dennis Pang
Online protection software. Antivirus. The two words get used interchangeably often enough. But sure enough, they’re different. And yet directly related when you take a closer look.
The term “antivirus” has been with us for decades now, dating back to the first software that was designed to prevent computers from getting malware—malicious code, like viruses, that would lock up computers, scramble data, or otherwise damage computers and the data on them. Prime examples of these early types of malware include 1999’s “Melissa” virus spreads by infected email attachments and the even more devastating “ILOVEYOU” virus that incurred billions in damages worldwide.
There’s a good reason why people default to the word “antivirus” so easily. Viruses have been on our collective minds for some time. And computer purchases have often been accompanied by the question, “Do you have antivirus for your computer?” By and large, the notion of antivirus has become pretty much engrained.
Yet look ahead to today and you can see how dramatically things have changed since those early days. We still need antivirus, that’s for sure. But it takes far more than that to live life safely online right now. And that’s where online protection software comes in.
Online protection software protects you. It includes antivirus, yet it further protects your identity and privacy in addition to your devices.
The way we use our computers, tablets, and phones nowadays shows the reason why we need such broad protection. We conduct so much of our lives online. We bank, we shop, we plan our finance online. We also run portions of our homes with smart devices and smart speakers. Increasingly, we track our health and wellness with connected devices too—like workouts on our phone and biometrics with consumer-grade and even medical-grade devices.
All of this creates data. Data about who we are, what we’re doing, when we’re doing it, how often, and where. That’s precious information. Private information. Personal information. And understandably, that needs to be protected.
Put simply, today’s threats have evolved. While viruses and malware remain a problem, today’s bad actors are out for the bigger games. Like stealing personal and financial info for identity theft. Moreover, organizations large and small collect data from your devices and the things you do on them, personal data that many share and sell for profit. Some of this data collection gets quite exacting, compiled from a broad range of public sources that can include records like bankruptcies, real estate sales, and birth records—plus private sources that can further include your shopping habits, the people you chat with, and what your daily travels look like based on location information captured from your smartphone.
If you find yourself surprised by this, you’re not alone. Tremendous volumes of data collection activity occur without people’s knowledge or consent.
Now as to why anyone would want any of that kind of data about you, consider the multi-billion-dollar industry of online data brokers. They compile thousands of data points from millions of people and put these vats of data up for sale to anyone who’ll buy them. That could be advertisers, potential employers, private investigators, and background checkers. And it could be bad actors as well who could use your own data to spam, harass, impersonate, or otherwise harm you.
Once, so many of these intrusions on our privacy and identity were difficult to spot, let alone prevent. For example, your personal info gets caught up in a data breach and winds up posted for sale on the dark web. How are you to know that before it’s too late and thief racks up umpteen charges on your debit card? Also, with dozens and dozens of data brokers out there, how do you track down which ones have information posted about you and then request to have it taken down? And what if online identity theft happens to you and you’re faced with the time and dollar costs it involves to set things right?
So just as online threats have evolved, so has online protection software. We go about so much of our day online, and online protection like our own McAfee+ helps you do it more privately and more safely. It’s quite comprehensive, and the various plans for McAfee+ include:
For certain, protections like these remain a primary focus of ours, because they protect you. And that’s who thieves and bad actors are really after—you, your information, your accounts, and even your identity. Expect us to continue to roll out more protections that look after you in this way and more.
So, while antivirus and online protection software are different, they work together. Antivirus provides strong device security, which complements the additional privacy and identity features included with online protection. That reflects how times have changed. Once it was enough to protect our devices from viruses and malware. Now we have to protect ourselves as well. Antivirus alone won’t do it, but antivirus as part of online protection will.
The post The Big Difference Between Online Protection Software and Antivirus appeared first on McAfee Blog.
It is now acceptable to find a job on a dating app!
The post Hybrid commerce: Blurring the lines between business and pleasure appeared first on WeLiveSecurity
Are you an online oversharer? Do you give your full birthday to all your online shopping accounts? Have a few companies you have accounts with been breached but you didn’t take any action at the time? If you have bad digital habits, now is an excellent time to reset your digital presence.
In isolation, these small digital transgressions don’t seem like a problem; however, cybercriminals can gather the bits and pieces of information you release into the world and Frankenstein them together to create believable impersonations or entirely new identities.
To protect your identity, here are a few ways to limit the amount of personally identifiable information (PII) you share online, plus a few tools that can help you identify and close your current security holes.
Most digital bad habits seem insignificant; however, the more bad habits you have that pile-up, the more at risk your PII and your identity can be. Check out this list of three common habits that you should consider breaking today and why.
When you sign up for new online shopping accounts, some companies ask for your birthday, your age, your middle name, and primary and secondary phone numbers and email addresses. While it might be nice to receive a special coupon on your birthday, you may want to reconsider volunteering unnecessary private details. To compromise you can sign up with a nickname and leave your birth year blank. That way, if a cybergang ever breaches the company, the criminals won’t get far with your personal details. To steal an identity and ruin someone’s credit, sometimes all it takes it a full name, birthday, and phone number.
Do you post your every thought and movement on social media? While curating the perfect online profile can be fun, it can also be dangerous to your online safety. For instance, posting “get to know you” quizzes are a gold mine for social engineers and cyber criminals, as the results often reveal potential password inspiration, security question answers, and your likes and dislikes. From here, criminals can take educated guesses at your passwords or tailor a social engineering scheme that’s most likely to fool you. Consider setting your social media profiles to private and blocking followers you don’t know personally. Or, just keep parts of your life a mystery to the wider world.
We can all agree that increasingly strict password requirements are leading to longer and more complex passwords that are confusing to cyber criminals and to the rightful account holders, too! It’s tempting to reuse passwords to reduce the burden on your memory, but this puts your valuable PII in danger. Password and username combinations are often information that’s leaked in company breaches. In what’s called a brute force attack, a cybercriminal can plug that same pairing into hundreds of websites and wait for a hit. Since unique passwords for all your dozens of accounts is imperative, entrust their safekeeping to a password manager.
If you’re feeling uneasy about your online habits and the effect they may have had on your online safety, McAfee Protection Score gives you the information you need to take charge and make changes. Protection Score not only tells you how safe (or unsafe) you are, but the tool also offers suggestions on how you can raise your score, and thus be safer online. The service monitors data breaches and indicates when your email was part of a leak. Protection Score also dives into the dark web so you don’t have to. If your government ID or financial information appears, your score will take a large hit.
Protection Score not only tells you how safe (or unsafe) you are, but the tool also offers suggestions on how you can raise your score, and thus be safer online. The sooner you know your weak points, the quicker and more completely you can fortify your defenses and clean up after months (or years) of bad habits. Knowledge is power in the right against cyber criminals, so Protection Score is an excellent partner to help adopt smarter habits on the path to better online security.
With McAfee+ Ultimate, you not only get a Protection Score but a host of other top-rate tools to protect your identity, retain your online privacy, and help you recover from an identity theft. Running an antivirus, connecting to a VPN and installing web protection on your browser are all ways to increase your Protection Score, and these features are available with McAfee’s most thorough privacy, identity, and device protection service.
Make 2023 the year of living online confidently and safely!
The post New Year, New You: Start Fresh With McAfee Protection Score appeared first on McAfee Blog.
Ransomware. Even the name sounds scary.
When you get down to it, ransomware is one of the nastiest attacks a hacker can wage. They target some of our most important and precious things—our files, our photos, and the information stored on our devices. Think about suddenly losing access to all of them and being forced to pay a ransom to get access back. Worse yet, paying the ransom is no guarantee the hacker will return them.
That’s what a ransomware attack does. Broadly speaking, it’s a type of malware that infects a network or a device and then typically encrypts the files, data, and apps stored on it, digitally scrambling them so the proper owners can’t access them. Only a digital key can unlock them—one that the hacker holds.
Nasty for sure, yet you can take several steps that can greatly reduce the risk of it happening to you. Our recently published Ransomware Security Guide breaks them down for you, and in this blog we’ll look at a few reasons why ransomware protection is so vital.
The short answer is pretty bad—to the tune of billions of dollars stolen from victims each year. Ransomware targets people and their families just as explained above. Yet it also targets large organizations, governments, and even companies that run critical stretches of energy infrastructure and the food supply chain. Accordingly, the ransom amounts for these victims climb into millions of dollars.
A few recent cases of large-scale ransomware attacks include:
Who’s behind such attacks? Given the scope and scale of them, it’s often organized hacking groups. Put simply, these are big heists. It demands expertise to pull them off, not to mention further expertise to transfer large sums of cryptocurrency in ways that cover the hackers’ tracks.
As for ransomware attacks on people and their families, the individual dollar amounts of an attack are far lower, typically in the hundreds of dollars. Again, the culprits behind them may be large hacking groups that cast a wider net for individual victims, where hundreds of successful attacks at hundreds of dollars each quickly add up. One example: a hacker group that posed as a government agency and as a major retailer, which mailed out thousands of USB drives infected with malware.
Other ransomware hackers who target people and families are far less sophisticated. Small-time hackers and hacking groups can find the tools they need to conduct such attacks by shopping on the dark web, where ransomware is available for sale or for lease as a service (Ransomware as a Service, or RaaS). In effect, near-amateur hackers can grab a ready-to-deploy attack right off the shelf.
Taken together, hackers will level a ransomware attack at practically anyone or any organization—making it everyone’s concern.
Hackers have several ways of getting ransomware onto one of your devices. Like any other type of malware, it can infect your device via a phishing link or a bogus attachment. It can also end up there by downloading apps from questionable app stores, with a stolen or hacked password, or through an outdated device or network router with poor security measures in place. And as mentioned above, infected storage devices provide another avenue.
Social engineering attacks enter the mix as well, where the hacker poses as someone the victim knows and gets the victim to either download malware or provide the hacker access to an otherwise password-protected device, app, or network.
And yes, ransomware can end up on smartphones as well.
While not a prevalent as other types of malware attacks, smartphone ransomware can encrypt files, photos, and the like on a smartphone, just as it can on computers and networks. Yet other forms of mobile ransomware don’t have to encrypt data to make the phone unusable. The “Lockerpin” ransomware that has struck some Android devices in the past would change the PIN number that locked the phone. Other forms of mobile ransomware paste a window over the phone’s apps, making them unusable without decrypting the ransomware.
Part of avoiding ransomware involves reducing human error—keeping a watchful eye open for those spammy links, malicious downloads, bogus emails, and basically keeping your apps and devices up to date so that they have the latest security measures in place. The remainder relies on a good dose of prevention.
Our Ransomware Security Guide provides a checklist for both.
It gets into the details of what ransomware looks like and how it works, followed by the straightforward things you can do to prevent it, along with the steps to take if the unfortunate ends up happening to you or someone you know.
Ransomware is one of the nastiest attacks going because it targets our files, photos, and information, things we don’t know where we’d be without. Yet it’s good to know you can indeed lower your risk with a few relatively simple steps. Once you have them in place, chances are a good feeling will come over you, the one that comes with knowing you’ve protected what’s precious and important to you.
The post Your Guide to Ransomware—and Preventing It Too appeared first on McAfee Blog.
Hybrid work and hybrid play now merge into hybrid living, but where is the line between the two? Is there one?
The post Hybrid work: Turning business platforms into preferred social spaces appeared first on WeLiveSecurity
It has a way of sneaking up on you. Credit theft and fraud.
Maybe it’s happened to you. Maybe it’s happened to a friend or family member. There’s a call from the bank, a notification in your financial app, or a charge on the statement that’s beyond explanation. Someone else has tapped into your funds. Or worse yet, someone stole your identity and took out a loan in your name. You find out only after it’s happened.
That’s the trick with credit theft and fraud. People typically discover it after the damage is done. Then they’re left picking up the pieces, which can cost both time and money. Not to mention a potential knock to their credit score.
However, you can help keep it from happening to you. Our recently published Credit Protection Security Guide breaks down several ways. Here we’ll get into a quick introduction on the topic and show how you can prevent against credit theft and fraud better than ever before.
It’s an unfortunate reality in the world we live in today. Credit theft and fraud are something we all need to look out for, particularly as we increasingly shop and conduct our finances online, potentially exposing that information to thieves. Some figures estimate that for nearly every $100 in purchases made with debit and credit cards worldwide, somewhere around 7 cents can be stolen or fraudulent. As you can imagine, that figure adds up quickly, to the tune of more than $28 billion globally each year.
The flipside is this: today we have plenty of tools that make protecting our credit far easier than they ever were before. Up until now, that called for a time-consuming and sometimes rather manual process. You had to check credit separately with the different bureaus, place locks and freezes the same way, scan each credit report closely for suspicious activity, and so forth.
Now, online protection software can take much of that work off your hands. Comprehensive protection like McAfee+ has plans that offer credit monitoring, identity monitoring, and even identity theft protection & restoration—all quickly spotting any changes, notifying you if your personal information pops up on the dark web, and providing $1 of coverage toward restoring your credit along with the help of a licensed recovery pro if the unexpected happens to you.
Another thing online protection can do for you removes your personal information from those “people finder” and data broker sites. Identity thieves lean on those sites because they contain valuable information that they can piece together to commit theft and fraud in someone else’s name. If you think about your identity as a big jigsaw puzzle, these sites contain valuable pieces that can help complete the picture—or just enough to take a crack at your credit.
In fact, personal information fuels a global data trading economy estimated at $200 billion U.S. dollars a year. Run by data brokers that keep hundreds and even thousands of data points on billions of people, these sites gather, analyze, buy, and sell this information to other companies as well as to advertisers. Likewise, these data brokers may sell this information to bad actors, such as hackers, spammers, and identity thieves who would twist this information for their own purposes. In short, data brokers don’t discriminate. They’ll sell personal information to anyone.
Getting your info removed from these sites can seem like a daunting task. (Where do I start, and just how many of these sites are out there?) Our Personal Data Cleanup can help by regularly scanning these high-risk data broker sites for you and info associated with you like your home address, date of birth, and names of relatives—along with other detailed information about you that could include marriage licenses, voter registration and motor vehicle records, even real estate records too. It identifies which sites are selling your data, and depending on your plan, automatically requests removal.
How things have changed. Even as thieves have gotten savvier in the digital age, so have we. Collectively, we have a growing arsenal of ways that we can keep on top of our credit and protect ourselves from credit theft and fraud.
Our Credit Protection Security Guide breaks it all down in detail. In it, you’ll learn more about how thieves work, ways you can secure your credit online and off, how to monitor and lock it down, plus protect your mobile wallets too. It’s thorough. Yet you’ll find how straightforward the solution is. A few changes in habits and a few extra protections at your side will go a long way toward prevention—helping you avoid that call, text, or notification that your credit has been compromised.
In all, you can take control of your credit and make sure you’re the only one putting it to good use.
The post Your Guide to Protecting Your Credit appeared first on McAfee Blog.
Are your virtual doctor visits private and secure? Here’s what to know about, and how to prepare for, connecting with a doctor from the comfort of your home.
The post The doctor will see you now … virtually: Tips for a safe telehealth visit appeared first on WeLiveSecurity
Pledging to follow healthier habits is consistently the most popular new year’s resolution. That January 1st promise looks different to everyone: snacking less often, going to the gym more often, drinking more water, drinking less soda, etc. This year, instead of a juice cleanse subscription, opt for a healthier habit that’s not an unappetizing shade of green: follow this digital detox, instead! In three easy steps, you can make great strides in improving your digital wellness.
There are various aspects of your digital habits that you should consider updating for a more private and safer online life. For starters, update your passwords. Do you reuse the same password for multiple online accounts? Doing so puts your personally identifiable information (PII) at great risk. For example, if a business with which you have an online shopping account is breached by a cybercriminal, your login and password combination could make it on the dark web, through no fault of your own. Then, through a brute force attack, a criminal could use that same password and username combo to walk into your banking or tax filing accounts.
Remembering unique, complicated passwords and passphrases for your dozens of online accounts would be impossible. Luckily, there’s software that remembers them for you! It’s called a password manager, which acts as a vault for all your login information. Just remember one master password, and you can be confident in the security of your accounts and never have to deal with the hassle of forgetting passwords.
Another aspect of updating you should adopt in 2023 is making an effort to always upgrade to the latest software updates on all your devices. The easiest way to do this is to turn on automatic updates. From there, you don’t need to take any further action! Apps and operating systems (like Apple, Android, and Windows) often release updates to patch security vulnerabilities. When you run outdated software, there’s a chance a cybercriminal could take advantage of that security gap.
Finally, make sure that you keep updated on the latest security headlines. Consider setting up news alerts to notify you when a breach occurs at a company that you frequent or have an account with. Speed is often key in making sure that your information remains safe, so it’s best practice to have your finger on the pulse on the security news of the day.
A new year digital detox can be a whole family affair. Connect with your family, anyone connected to your home network, and your elderly relatives to get everyone on the same page with security best practices. Here are some common online security snags people of all ages encounter:
Everyone has an oversharer on their newsfeed. Alert your family members of the dangers of posting too much about their personal life. When someone takes those “get to know you” quizzes and posts their answers, cybercriminals can use that post to take educated guesses at your passwords. Additionally, social engineers can tailor social media scams to specific people in order to increase the chances of tricking someone into sending money or sharing valuable personal or banking details.
While spam filters catch a lot of phishing emails, phishers are getting smarter by the day and are making their attempts more and more believable. Connect with your loved ones and make sure they know how to recognize phishing emails, texts, and social media direct messages. Telltale signs of a phishing message include:
If you’re ever unsure if a message is a phishing attempt, the best course of action is to just delete it. If the “sender” is a well-known institution, follow up with a phone call using the official customer service number listed on their website. The phisher may also claim to be someone you know personally. In that case, give the loved one in question a phone call. It’s a good excuse to reconnect and have a nice conversation!
In the quest for free streams of the latest new show or movie, people often encounter unsafe sites that hide malware, spyware or other types malicious links and programs. Some types of malware can jump from one device to others connected to the same home Wi-Fi network. That’s why it’s important to make sure everyone under your roof practices excellent digital security habits. One wrong click could sink an entire household. Consider signing up your family for a safe browsing extension that can notify you when you stray onto a risky site. So, instead of putting your device at risk during movie night, connect with your friends or loved ones over one copy of a safely and officially purchased version.
As with any new health regimen, immediately zooming from zero to a hundred will likely be overwhelming and result in failure. The same goes for adopting new digital safety habits. If you try to do too much at once, all the security measures you put in place will likely get in the way of your daily online activities. The more inconvenient it is, the more likely you may be to cut corners; thus, negating all the progress you’ve made.
Being cybersafe doesn’t mean you can’t still enjoy your connected devices to the fullest. It just means that you may need to act with more intention and slow down before volunteering personal details online or clicking on links.
To supplement your digital detox, consider signing up for McAfee+ Ultimate to make 2023 the year for a safer online you. McAfee+ Ultimate includes all the tools you need to live your best online life safely and privately, including a password manager, web protection, unlimited VPN and antivirus, and $1 million in identity theft coverage and restoration for peace of mind.
Cheers to a digitally smart 2023!
The post Start the New Year Right With This 3-Step Digital Detox appeared first on McAfee Blog.
Happy Download Day! (Yes, there’s a day for that.) Today is an excellent day to share downloading best practices to keep all your devices safe from malicious content. It’s tempting to download “free” shows, movies, and video games, but the consequences of doing so can be quite expensive. All it takes is for one malicious download to compromise your identity or leak your banking information to cybercriminals.
Luckily, there are a few ways to keep your devices and personally identifiable information (PII) safe. Here’s how!
How many streaming services do you subscribe to? Two? Ten? No matter how many premium entertainment subscriptions you have, the hottest new show always seems to be on the channel you can’t access. This is a common scenario that often drives people to download episodes from websites that claim crystal-clear, safe downloads. In actuality, these sites could harbor malware, spyware, or other types of malware that lurk in the shadows until an unsuspecting person downloads them to their desktop, tablet, or cellphone.
Malware, which stands for malicious software, often hides behind legitimate-looking links or downloadable content. It’s only until it’s on your device that you realize there’s a criminal hiding behind it. For example, earlier in 2022, a ransomware program (a type of malware) disguised itself as a Microsoft system update. The criminal behind the scheme then threatened leaking or permanently deleting sensitive files if the person didn’t pay the ransom.
Once malware infects one device, some malware programs can infect an entire home network and spread to other connected devices.1 From there, the cybercriminal can steal the online shopping, banking, or personal details of a whole household and either sell their findings on the dark web or keep it for themselves.
Before you download anything to any of your devices, go through this checklist to help you determine the safety of most content:
Overall, while downloading entertainment for free is appealing to people on a budget, it’s better to avoid doing so altogether. The risk isn’t worth it. Consider scheduling a watch party with a friend or family member who has the subscription service you’re seeking.
In case you slip up and accidentally download malware, spyware, or ransomware, McAfee+ Ultimate can defend your devices, remove the software, and monitor the dark web to make sure your PII wasn’t compromised. McAfee antivirus is compatible with macOS, iOS, and Android devices and Chromebooks, so you can regularly scan all your devices for programs that shouldn’t be there. If the worst does happen and a cybercriminal gets a grip on your personal information, McAfee can back you up with $1 million in identity theft coverage and restoration and continuous identity monitoring.
Browse confidently and enjoy your devices to the fullest! Just remember these safe downloading tips and partner with McAfee for peace of mind.
1Federal Trade Commission, “Malware from illegal video streaming apps: What to know”
The post Celebrate National Download Day With This Safe Downloading Checklist appeared first on McAfee Blog.
There are no ifs, ands, or buts about it: A stolen identity creates a mess. Once they have a few key pieces of personally identifiable information (PII), an identity thief can open new credit lines, create convincing new identities, and ruin an innocent person’s good credit.
If you suspect you’ve been affected by identity theft, acting quickly is key to stopping the thief and repairing the damage. Here are the definitive five steps of identity remediation, or the process of restoring and protecting the privacy of your identity.
With a stolen identity in hand, thieves can open new lines of credit or apply for large loans using someone else’s excellent credit score for leverage. If undetected, fraudsters can run up huge bills, never pay them, and in turn, ruin the credit score that you spent years perfecting. When you suspect or confirm that your identity has been compromised and you’re in the United States, alert the three major credit bureaus: Equifax, TransUnion, and Experian.
Freezing your credit means that no one (not even you) can open a new credit card or bank account. This prevents criminals from misusing your identity. Initiating a credit freeze is free and it doesn’t affect your credit score.
Once you suspect a criminal has stolen your identity, file a report with the Federal Trade Commission. Its official identity theft website includes a form for you to detail the circumstances. From there, the FTC will investigate.
It’s important to file a report because law enforcement can get involved and hopefully stop the criminal from striking again. Also, an official document from law enforcement or the FTC may help your bank and the credit bureaus resolve the damage.
Whenever a company with which you have an account is breached, the first step you should take is to quickly change your password. The same goes for when your identity is compromised with the added step of getting in touch with your banks and asking their fraud department to issue you new credit and debit cards and put them on alert for possible suspicious charges.
Having unique passwords for all your accounts is crucial to keeping them secure. For instance, if one of your accounts is breached and a cybercriminal lifts that username and password combination, they may then attempt to use it on other sites. To ensure you have strong passwords and passphrases for every site, consider using password manager software. Password managers are incredibly secure and make it so you only have to remember one password ever again.
In addition to freezing your credit, you may have to sync up with each bureau to remedy any damage the identity thief may have done to your credit. Each bureau’s fraud department is very familiar with these scenarios, so their customer service department is experienced and more than willing to help you work through it.
Once you’ve cleaned up the immediate mess made by an identity thief, it’s important to continuously monitor your identity in case the thief is biding their time or pieces of your PII are still circulating on the dark web. Plus, the headache of one compromised identity incident is enough for someone to never want it to happen again. Identity monitoring is a very thorough process that will give you peace of mind that you’ll be protected and can enjoy your online life safely.
These five steps, while important, can be tedious. It may require a lot of patience to sit on hold and sift through all the relevant forms. Luckily, McAfee is an excellent partner who can help you with all your identity remediation needs with just one service: McAfee+ Ultimate. For example, security freeze is an easy way to put a halt on your credit. McAfee’s identity monitoring service monitors up to 60 unique types of personal details. If your PII appears on the dark web, Personal Data Cleanup can remove it.
Recover and move forward confidently after an identity theft with McAfee by your side.
The post Everything You Need to Know About Identity Remediation appeared first on McAfee Blog.
For many Aussies, identity theft was always something that happened to other people. People on TV, usually. But the recent spate of data breaches at Optus, Medibank and Energy Australia has made many of us pay far more attention than ever to one of the fastest growing crimes in our country.
According to the Department of Home Affairs, 1 in 4 Aussies will be the victim of identity theft over the course of their lives with an annual economic impact of more than $2 billion. And with the financial fallout from the recent data breaches only just starting to be counted, these statistics will no doubt increase dramatically next year.
Identity theft is when a cybercriminal gains access to your personal information to steal money or gain other benefits. Armed with your personal info, they can apply for real identity documents in your name but with another person’s photograph. This enables them to then apply for loans or benefits in your name, sign up for memberships or even apply for credit cards.
And it goes without saying that the financial and emotional fallout from identity theft can be huge. Since the Optus and Medibank hacking stories broke just a few months ago, there has been multiple stories of Aussie families who have had their identities stolen and who are in a world of pain. This Melbourne family who have had over $40,000 stolen from ATM withdrawals alone is just one example.
Your personal information is any piece of information or data that can confirm who you are or how to find you. It may be a single piece of information, or several pieces used together. It’s often referred to as personally identifiable information (PII). So, it includes your name, parents’ name, address, date of birth, phone numbers, email address, usernames/passwords or passphrases, bank account details, school or university attended, location check-ins even RSVPS for events.
Every time you register with a new shopping site or social media platform, you will be asked to share some personally identifiable information. However, what you share may be stolen or even misused – just think about the recent list of Australian companies who had their customers’ private information stolen by hackers. So that’s why you need to ensure you are only sharing your information with trusted online sites and take every possible step to protect your personal information online.
While there are no guarantees in life, there are steps you can take to ensure your online identity is as safe as possible. Here are my top 5 tips:
Multi-Factor Authentication (MFA) or 2 Factor Authentication (2FA) is a no-brainer because it makes a hacker’s life a lot harder. In short, it requires the user to provide two or more verification factors to gain access to an account or app. This might be a text, email or even a code generated by an authentication app. So, even if a hacker has your password and username, they still need that final piece of information before they can get their hands on your account!
Now this may take a bit of work to set up but using a unique and complex password on every account is one of the best things you can do to protect your online identity. And here’s the rationale – if you use the same password on all your accounts and your login details are stolen then hackers have access to all the accounts that are accessed with that password. Yikes!!! So, a unique password for each account is a great measure. I love using a password manager to make this process a little easier. Not only do they generate complex passwords, but they remember them too! All you need to do is remember your Master Password which needs to be extremely complex!!!
Updates are most commonly about addressing security weaknesses. And yes, I know they can be a pain but if you ignore them, you are essentially making it easier for hackers to find their way into your life via weak spots. And don’t forget to ensure your security software remains updated too!
I always recommend keeping a backup of all your important info in case something goes wrong. This should include all your photos, key documents and all your personally identifiable information. A hard drive works well but saving to the cloud is also a good option. I once dropped a hard drive and lost treasured family photos, so the cloud is my personal preference.
We all know knowledge is power so investing in top notch security and identity monitoring software will help keep you ahead of threats. McAfee+, McAfee’s new all in one privacy, identity and device protection solution is a fantastic way for Aussies to protect themselves online. It features identity monitoring and a password manager but also an unlimited VPN, a file shredder, protection score and parental controls. And the Rolls Royce version called McAfee+ Advanced, also offers subscribers additional identity protections including access to licensed restoration experts who can help you repair your identity and credit, in case you’re affected by a data breach. It also gives subscribers access to lost wallet protection which help you cancel and replace your ID, credit cards if they are lost or stolen.
Public, unsecured Wi-Fi can make life so much easier when you’re out and about but it’s also a tried and tested way for scammers to access your personal information. Unsecured Wi-Fi is free Wi-Fi that is available in public places such as libraries, cafes, or shopping centres. So, instead of using Wi-Fi, just use the data in your phone plan. Or alternatively invest in a Virtual Private Network (VPN) that cleverly encrypts everything you share on your device.
About 2 months ago, I embarked on a project to clean up my online life. I’m working through the list of sites I have accounts with and am closing those I no longer use, I’m also doing a huge password audit to ensure they are all unique to each site and are super complex, thanks to my password manager. Now, I’m not quite done yet, but things are in better shape than they were. Why not consider doing the same? With the holiday season fast approaching, why not dedicate a little of your poolside time to practicing a little cyber hygiene.
Till next time, keep those identities safe!
Alex
The post The Best Way To Protect Your Online Identity appeared first on McAfee Blog.
Attackers specifically craft business email compromise (BEC) and phishing emails using a combination of malicious techniques, expertly selected from an ever-evolving bag of tricks. They’ll use these techniques to impersonate a person or business that’s well-known to the targeted recipient and hide their true intentions, while attempting to avoid detection by security controls.
As a result of the requisite expertise needed to combat these complex attacks, email security has traditionally been siloed away in disparate teams and security controls. Practitioners are buried under an ever-growing pile of RFCs, requiring extensive domain-specific knowledge, unending vigilance, and meticulous manual interventions, such as tweaking trust levels and cultivating allow/block lists with IPs, domains, senders, and vendors.
Cisco Secure Email Threat Defense is leading the industry forward with a major shift, elevating email security into a new era; where administration will consist of merely associating specific business risks with the appropriate due diligence response required to remediate against them.
Email Threat Defense has introduced a new Threat Profile that provides the customer with deep insights into the specific business risks of individual email threats and the confidence to act quickly. This new visualization is powered by a new patent-pending threat detection engine. This engine leverages intelligence distilled from Talos global-scale threat research across a massive volume of email traffic into machine learning, behavioral modeling, and natural language understanding.
The detection engine granularly identifies specific underlying threat techniques utilized in the message by the attacker. The identified techniques provide the full context of the threat message as the supporting foundation for the engine to determine threat categorization and the specific risk to the business. These malicious Techniques, together with the threat category and specific business risk, are used to populate the Threat Profile.
Each message’s Threat Profile is identified in real-time, automatically remediated per policy, and surfaced directly to the operator in the message detail views, providing deep contextual insights into the attacker’s intent and the associated risks to the business. As part of a larger Extended Detection and Response (XDR) strategy, the actionable intelligence in Email Threat Defense is integrated with the wider enterprise orchestration of security controls via SecureX, easing the operational burden by decreasing your mean time to remediation (MTTR).
Email Threat Defense delivers a distinct understanding of malicious messages, the most vulnerable targets within the organization, and the most effective means of protecting them from phishing, scams, and BEC attacks. With a clean design and core focus on simplifying administration, Email Threat Defense deploys in minutes to strengthen protection of your existing Microsoft 365 Exchange Online platform against the most advanced email threats.
For more information, visit the Cisco Secure Email product pages, read the Email Threat Defense data sheet, and view the demo video below.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Payment applications make splitting restaurant bills, taxi fares, and household expenses so much easier. Without having to tally totals at the table or fumble with crumpled bills, you and your companions can spend less stress and more time on the fun at hand.
There are various payment apps available, and the company that may first come to mind is PayPal. PayPal is regarded as a safe platform where security and strong encryption are a priority; however, a recent and advanced phishing scam is putting PayPal users at risk of giving up large sums of money and their personally identifiable information (PII).1
Let’s look at this “triple-pronged” PayPal phishing scam and review some tips to help you identify and proceed should you encounter it.
The typical part of this three-sided scam is the phishing email component. According to one source, the phishing email comes from a legitimate-looking PayPal service email address. Luckily, the typos, odd punctuation, extra spaces, and grammar errors in the body of the email give away that it is a phishing attempt. Remember, phishing emails are often worded poorly or have errors. Large companies, especially ones like PayPal, have teams of content experts vetting all automated messages for such mistakes, so several mistakes in an email should set off your alarm bells. Proceed with caution and do not click on any links in the message.
The email also included wording that encouraged the user to act quickly or be charged a lot of money. That’s another trademark of phishing emails: urgency. Take a deep breath and make sure to reread carefully all emails that “require” a quick response. Don’t be scared by dire consequences. Phishers rely on people to rush and not give themselves time to listen to their better judgement.
The PayPal phishing email included a support phone number that claimed it was toll free. In actuality, it was an international phone number. So, if the recipient of the phishing email didn’t quite believe the message but wanted to follow up, the scam could catch them with what’s called a one-ring phone scam.2 This occurs when someone unknowingly calls an international phone number and then gets charged by their phone company for the long-distance call.
The best way to avoid one-ring phone scams is to never call a number you don’t recognize. Always go to an organization’s official website to find their contact information.
The third dimension of this PayPal scam was the international phone number in the phishing email connected the caller directly with the scammer who posed as the PayPal fraud department. The “customer service representative” then asked prying personal and financial questions to glean enough PII to break into a PayPal account or compromise the caller’s identity. This is the most damaging part of the scam. An excellent customer support team may be able to reimburse you your lost money; however, once your personal details are in nefarious hands, you can’t take them back.
In addition to never calling numbers you haven’t verified, never give out passwords and never give out more personal information than you need to. Even in legitimate customer service calls, it’s not rude to ask why the representative requires the information they’re asking for. In a fake call, questions like that may fluster the scammer, so keep an ear tuned to their tone.
Overall, our best advice for handling suspicious emails is to delete them. If it’s truly important, the sender will contact you again. And if a thief somehow stole money from one of your payment apps, the customer service team should be able to walk you through the steps to recover it.
The transfer and handling of large sums of money would make anyone nervous. To give you peace of mind, consider partnering with a service that can help you recover should you ever fall for a scheme and compromise your PII. McAfee+ Ultimate helps you live your best life in private, and the service includes credit monitoring with all three credit bureaus, security freeze, and expert online support to help you navigate any scams you encounter.
Having McAfee+ can protect you from email phishing scams like this. Here are some of the top agencies to report this scam to, if it happens to you: Paypal Fraud Department, Federal Trade Commision , Cybersecurity & Infrastructure Security Agency USA.gov IC3
“Report it. Forward phishing emails to reportphishing@apwg.org (an address used by the Anti-Phishing Working Group, which includes ISPs, security vendors, financial institutions, and law enforcement agencies). Let the company or person that was impersonated know about the phishing scheme.” – FTC.gov
1ZDNET, “Watch out for this triple-pronged PayPal phishing and fraud scam.”
2Federal Communications Commission, “‘One Ring’ Phone Scam.”
The post A PayPal Email Scam Is Making the Rounds: Here’s How to Identify and Avoid It appeared first on McAfee Blog.
ESET experts offer their reflections on what the continued blurring of boundaries between different spheres of life means for our human and social experience – and especially our cybersecurity and privacy
The post Cybersecurity Trends 2023: Securing our hybrid lives appeared first on WeLiveSecurity
For these Cisconians, hands-on is the way to go when it comes to giving back. Using Cisco’s Time2Give benefit that provides 10 paid days to volunteer each year, team members rolled up their sleeves to build homes, cuddle and care for animals, distribute food and more. If you also value giving back, check out our open roles.
Marketing Specialist, Global Events Julie Kramer used Time2Give to build a shed with Habitat for Humanity of Huron Valley. Kramer especially appreciated learning about the organization’s purpose in addition to learning how to build.
John Hindman, an account executive, used Time2Give to spend a week in Nicaragua with SuNica, an organization centered on clean water and fellowship. Hindman cleared out downed trees, picked coffee and built treehouses to allow the organization to host more children from surrounding communities.
In the community Hindman visited, repurposing recycled materials is critical to the economy, and one way that happens is through “mining” the local landfill. Hindman’s team encouraged local employees and led games and activities for local children.
For those considering Time2Give, Hindman says, “Do it. Unplug, find something you’re passionate about, set up your out-of-office, and ignore everything work-related for the time you’re serving.”
Animal lover Carrie Cordeiro, a Cisco Secure digital strategist/manager on the Brand Marketing team, volunteers with Hopalong and Muttville as a kitten cuddler and dog walker. Most of her time is spent transporting kittens, puppies, cats and dogs around the Bay Area to vet appointments, adoption centers and foster locations.
The best part for Cordeiro is “getting to interact with so many adorable animals,” she said. As for leadership support around utilizing Time2Give? “I love doing it and my management team absolutely supports it, especially when I share photos.”
Customer Success Manager Kristen Gehrke reminds us that, “You don’t always have to look far to utilize Time2Give.” She sewed a baby blanket for Bluebonnet Trails Community Services. “The best part of the experience was giving back to mothers and their babies, as I am an expecting mother myself,” she said.
Engineering Manager Blake Ellingham organized food pantry shelves and packed bags for food distributions with HTB Food Bank. “I love getting to do work with my hands that helps others,” he said.
Ellingham recommends scheduling something routine for Time2Give. “Consistency matters! By going in every week for a half day of volunteering, I was able to make great friends with the staff,” he said.
From empowering youth globally and remotely to volunteering across community hubs, Cisconians deeply value innovative ways to contribute their time and talents.
If you are interested in increasing the impact of your skills and passions at work and beyond, check out our open positions.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Whether you’re standing around the water cooler at work, waiting for your kids at the school gate or sitting around the dinner table, data breaches are without doubt the hot topic of conversation. In late September, we were all shaken when news of the biggest Australian data breach to date broke – a record 10 million Optus customers had their details stolen. But unfortunately, the data breach stories have continued with Medibank, Energy Australia, and, most recently, Woolworths also reporting that private customer data had been stolen.
Inevitably, many of us are feeling vulnerable worrying that our private identifying information (and our family’s) such as our Medicare and Drivers Licence details have potentially been stolen. We’ve all read the stories about victims of identity theft and are, rightly concerned, that it could happen to us. So, if you’re unsure as to what to do next – don’t worry – I’ve got you! In fact – I’m going to give you two action plans. The first is for those who have been personally affected by a data breach (or consider it highly likely they were affected) and the second, is a long-term plan to help you protect yourself and your family’s data online.
If you or a family member has been contacted by a company and informed that your private details have been compromised, then you need to caffeine up and bring your entire focus to this situation. And if you’re still awaiting the call but you’re thinking it’s likely you’re affected, then my advice is to assume you are. It never hurts to be too cautious when you’re dealing with a potential identity theft situation. So, here’s your plan:
So, now it’s time to think long term. We all know prevention is key. So, what can we do to protect ourselves to minimise the risk of becoming a victim of identity theft (if and when) the next data breach occurs? Here’s your plan:
As we all know, it’s often the simplest things that can have the biggest impact. Ensuring you have a different but super complex password or passphrase for each of your online accounts is one of the best things you can do to protect yourself online. I appreciate that this may take a lot of work to implement but it’s so worth it. And here’s why – if you’re the victim of a data breach and your login details are stolen then you could be in a world of pain if you have just one password for all your accounts. Because within seconds of stealing your details, a hacker could potentially access your bank accounts, credit card accounts and online shopping sites where your credit card is saved – you get the picture! You see why it makes such sense! If it all feels a little overwhelming, why not use a password manager? Password managers can create and remember passwords that no human could even think of – genius!
In summary, Multi-Factor Authentication (MFA) or 2 Factor Authentication (2FA) makes a hacker’s life a lot harder. In short, it requires the user to provide two or more verification factors to gain access to an account or app. This might be a text, email or even a code generated by an authentication app. So, even if a hacker has your password and username, if they can’t access the last piece of the puzzle, then you’re safe!!!
McAfee has just released a super-duper solution to help Aussies protect themselves online. McAfee+ is an all-in-one privacy, identity and device protection solution. Not only does it feature identity monitoring and a password manager but also an unlimited VPN, a file shredder, a protection score and parental controls. And the Rolls Royce version called McAfee+ Advanced, also offers subscribers additional identity protections including access to licensed restoration experts who can help you repair your identity and credit. It also gives subscribers access to lost wallet protection which help you cancel and replace your ID, credit cards if they are lost or stolen.
Limiting your exposure online will also reduce the chance of being affected by a data breach. So, take some time to delete accounts you no longer use. Perhaps you had a side hustle on eBay a few years back but hadn’t bothered to close your accounts – well, now is the time. Close down those old eBay (and PayPal) accounts and any other accounts or subscriptions that you no longer use.
And next time you purchase something from a new website, consider conducting your transaction as a guest only and not creating an account on their website. If there’s no benefit beyond saving a minute or two when you check out, why store your credit card number, address, and other identifying info on a website that may eventually be breached?
If there is ever a time to take the management of your online data seriously, it’s now. Assuming that you won’t be a victim of a data breach and that ‘things like that don’t happen to you’ just doesn’t cut it. So, be proactive: sort out your passwords, turn on 2-factor authentication and practice some good quality cyber hygiene! And do yourself a favour and invest in some top-notch privacy and identity protection program like McAfee+ so you can continue living your best life online!
The post How To Help Your Family Protect Their Online Data appeared first on McAfee Blog.
Even with the holidays in full swing, scammers won’t let up. In fact, it’s high time for some of their nastiest cons as people travel, donate to charities, and simply try to enjoy their time with friends and family.
Unfortunate as it is, scammers see this time of year as a tremendous opportunity to profit. While people focus giving to others, they focus on taking, propping up all manner of scams that use the holidays as a disguise. So as people move quickly about their day, perhaps with a touch of holiday stress in the mix, they hope to catch people off their guard with scams that wrap themselves in holiday trappings.
Yet once you know what to look for, they’re relatively easy to spot. The same scams roll out every year, sometimes changing in appearance yet remaining the same in substance. With a sharp eye, you can steer clear of them.
With Black Friday and Cyber Monday in the books, we can look forward to what’s next—a wave of post-holiday sales events that will likewise draw in millions of online shoppers. And just like those other big shopping days, bad actors will roll out a host of scams aimed at unsuspecting shoppers. Shopping scams take on several forms, which makes this a topic unto itself, one that we cover thoroughly in our Black Friday & Cyber Monday shopping scams blog. It’s worth a read if you haven’t done so already, as digs into the details of these scams and shows how you can avoid them.
However, the high-level advice for avoiding shopping scams is this: keep your eyes open. Deals that look too good to be true likely are, and shopping with retailers you haven’t heard of before requires a little bit of research to determine if their track record is clean. In the U.S., you can turn to the Better Business Bureau (BBB) for help with a listing of retailers you can search simply by typing in their names. You can also use https://whois.domaintools.com to look up the web address of the shopping site you want to research. There you can see its history and see when it was registered. A site that was registered only recently may be far less reputable than one that’s been registered for some time.
Plenty of new tech makes its way into our homes during the holiday season. And some of that tech can be a little challenging to set up. Be careful when you search for help online. Many scammers will establish phony tech support sites that aim to steal funds and credit card information. Go directly to the product manufacturer for help. Often, manufacturers will offer free support as part of the product warranty, so if you see a site advertising support for a fee, that could be a sign of a scam.
Likewise, scammers will reach out to you themselves. Whether through links from unsolicited emails, pop-up ads from risky sites, or by spammy phone calls, these scammers will pose as tech support from reputable brands. From there, they’ll falsely inform you that there’s something urgently wrong with your device and that you need to get it fixed right now—for a fee. Ignore these messages and don’t click on any links or attachments. Again, if you have concerns about your device, contact the manufacturer directly.
With the holidays comes travel, along with all the online booking and ticketing involved. Scammers will do their part to cash in here as well. Travel scams may include bogus emails that pose as reputable travel sites telling you something’s wrong with your booking. Clicking a link takes you to a similarly bogus site that asks for your credit card information to update the booking—which then passes it along to the scammer so they can rack up charges in your name. Other travel scams involve ads for cut-rate lodging, tours, airfare, and the like, all of which are served up on a phony website that only exists to steal credit card numbers and other personal information.
Some of these scams can look quite genuine, even though they’re not. They’ll use cleverly disguised web addresses that look legitimate, but aren’t, so don’t click any links. If you receive notice about an issue with your holiday travel, contact the company directly to follow up. Also, be wary of ads with unusually deep discounts or that promise availability in an otherwise busy season or time. These could be scams, so stick with reputable booking sites or with the websites maintained by hotels and travel providers themselves.
Donations to an organization or cause that’s close to someone’s heart make for a great holiday gift, just as they offer you a way to give back during the holiday season. And you guessed it, scammers will take advantage of this too. They’ll set up phony charities and apply tactics that pressure you into giving. As with so many scams out there, any time an email, text, direct message, or site urges you into immediate action—take pause. Research the charity. See how long they’ve been in operation, how they put their funds to work, and who truly benefits from them.
Likewise, note that there some charities pass along more money to their beneficiaries than others. As a general rule of thumb, most reputable organizations only keep 25% or less of their funds for operations, while some less-than-reputable organizations keep up to 95% of funds, leaving only 5% for advancing the cause they advocate. In the U.S., the Federal Trade Commission (FTC) has a site full of resources so that you can make your donation truly count. Resources like Charity Watch and Charity Navigator, along with the BBB’s Wise Giving Alliance can also help you identify the best charities.
The holidays also mean a flight of big-time sporting events, and with the advent of online betting in many regions scammers want to cash in. This scam works quite like shopping scams, where bad actors will set up online betting sites that look legitimate. They’ll take your bet, but if you win, they won’t pay out. Per the U.S. Better Business Bureau (BBB), the scam plays out like this:
“You place a bet, and, at first, everything seems normal. But as soon as you try to cash out your winnings, you find you can’t withdraw a cent. Scammers will make up various excuses. For example, they may claim technical issues or insist on additional identity verification. In other cases, they may require you to deposit even more money before you can withdraw your winnings. Whatever you do, you’ll never be able to get your money off the site. And any personal information you shared is now in the hands of scam artists.”
You can avoid these sites rather easily. Stick with the online betting sites that are approved by your regional gambling commission. Even so, be sure to read the fine print on any promo offers that these sites advertise because even legitimate betting sites can freeze accounts and the funds associated with them based on their terms and conditions.
A complete suite of online protection software, such as McAfee+ Ultimate can offer layers of extra security. In addition to more private and secure time online with a VPN, identity monitoring, and password management, it includes web browser protection that can block malicious and suspicious links that could lead you down the road to malware or a phishing scam—which antivirus protection can’t do alone. Additionally, we offer $1M identity theft coverage and support from a recovery pro, just in case.
And because scammers use personal information such as email addresses and cell phone numbers to wage their attacks, other features like our Personal Data Cleanup service can scan high-risk data broker sites for your personal information and then help you remove it, which can help reduce spam, phishing attacks, and deny bad actors the information they need to commit identity theft.
That’s why they enjoy the holidays so much. With all our giving, travel, and charity in play, it’s prime time for their scams. Yet a little insight into their cons, along with some knowledge as to how they play out, you can avoid them.
Remember that they’re playing into the hustle and bustle of the season and that they’re counting on you to lower your guard more than you might during other times of the year. Keep an eye open for the signs, do a little research when it’s called for, and stick with reputable stores, charities, and online services. With a thoughtful pause and a second look, you can spare yourself the grief of a scam and fully enjoy your holidays.
The post Unwrapping Some of the Holiday Season’s Biggest Scams appeared first on McAfee Blog.
With the rapidly rising energy prices putting a strain on many households, what are some quick wins to help reduce the power consumption of your gadgets?
The post Top tips to save energy used by your electronic devices appeared first on WeLiveSecurity
FreshRSS