FreshRSS

🔒
☐ ☆ ✇ The Hacker News

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

By Ravie Lakshmanan — January 24th 2023 at 09:21
Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when processing maliciously crafted web content. While it was originally addressed by the company on November
☐ ☆ ✇ McAfee Blogs

Start the New Year Right With This 3-Step Digital Detox

By McAfee — January 2nd 2023 at 17:33

Pledging to follow healthier habits is consistently the most popular new year’s resolution. That January 1st promise looks different to everyone: snacking less often, going to the gym more often, drinking more water, drinking less soda, etc. This year, instead of a juice cleanse subscription, opt for a healthier habit that’s not an unappetizing shade of green: follow this digital detox, instead! In three easy steps, you can make great strides in improving your digital wellness. 

1. Update

There are various aspects of your digital habits that you should consider updating for a more private and safer online life. For starters, update your passwords. Do you reuse the same password for multiple online accounts? Doing so puts your personally identifiable information (PII) at great risk. For example, if a business with which you have an online shopping account is breached by a cybercriminal, your login and password combination could make it on the dark web, through no fault of your own. Then, through a brute force attack, a criminal could use that same password and username combo to walk into your banking or tax filing accounts.   

Remembering unique, complicated passwords and passphrases for your dozens of online accounts would be impossible. Luckily, there’s software that remembers them for you! It’s called a password manager, which acts as a vault for all your login information. Just remember one master password, and you can be confident in the security of your accounts and never have to deal with the hassle of forgetting passwords. 

Another aspect of updating you should adopt in 2023 is making an effort to always upgrade to the latest software updates on all your devices. The easiest way to do this is to turn on automatic updates. From there, you don’t need to take any further action! Apps and operating systems (like Apple, Android, and Windows) often release updates to patch security vulnerabilities. When you run outdated software, there’s a chance a cybercriminal could take advantage of that security gap. 

Finally, make sure that you keep updated on the latest security headlines. Consider setting up news alerts to notify you when a breach occurs at a company that you frequent or have an account with. Speed is often key in making sure that your information remains safe, so it’s best practice to have your finger on the pulse on the security news of the day. 

2. Connect

A new year digital detox can be a whole family affair. Connect with your family, anyone connected to your home network, and your elderly relatives to get everyone on the same page with security best practices. Here are some common online security snags people of all ages encounter: 

Social media oversharing.

Everyone has an oversharer on their newsfeed. Alert your family members of the dangers of posting too much about their personal life. When someone takes those “get to know you” quizzes and posts their answers, cybercriminals can use that post to take educated guesses at your passwords. Additionally, social engineers can tailor social media scams to specific people in order to increase the chances of tricking someone into sending money or sharing valuable personal or banking details. 

Falling for phishing.

While spam filters catch a lot of phishing emails, phishers are getting smarter by the day and are making their attempts more and more believable. Connect with your loved ones and make sure they know how to recognize phishing emails, texts, and social media direct messages. Telltale signs of a phishing message include:  

  • Typos and grammar mistakes 
  • Over-the-top language that makes you feel very angry, sad, or excited 
  • Harsh consequences for not replying within a short timeframe 
  • Requests for passwords or Social Security Numbers 
  • Blurry logos 

If you’re ever unsure if a message is a phishing attempt, the best course of action is to just delete it. If the “sender” is a well-known institution, follow up with a phone call using the official customer service number listed on their website. The phisher may also claim to be someone you know personally. In that case, give the loved one in question a phone call. It’s a good excuse to reconnect and have a nice conversation! 

Visiting unsafe sites.

In the quest for free streams of the latest new show or movie, people often encounter unsafe sites that hide malware, spyware or other types malicious links and programs. Some types of malware can jump from one device to others connected to the same home Wi-Fi network. That’s why it’s important to make sure everyone under your roof practices excellent digital security habits. One wrong click could sink an entire household. Consider signing up your family for a safe browsing extension that can notify you when you stray onto a risky site. So, instead of putting your device at risk during movie night, connect with your friends or loved ones over one copy of a safely and officially purchased version. 

3. Balance

As with any new health regimen, immediately zooming from zero to a hundred will likely be overwhelming and result in failure. The same goes for adopting new digital safety habits. If you try to do too much at once, all the security measures you put in place will likely get in the way of your daily online activities. The more inconvenient it is, the more likely you may be to cut corners; thus, negating all the progress you’ve made. 

Being cybersafe doesn’t mean you can’t still enjoy your connected devices to the fullest. It just means that you may need to act with more intention and slow down before volunteering personal details online or clicking on links.  

Supplement Your Digital Detox With McAfee+ 

To supplement your digital detox, consider signing up for McAfee+ Ultimate to make 2023 the year for a safer online you. McAfee+ Ultimate includes all the tools you need to live your best online life safely and privately, including a password manager, web protection, unlimited VPN and antivirus, and $1 million in identity theft coverage and restoration for peace of mind. 

Cheers to a digitally smart 2023! 

The post Start the New Year Right With This 3-Step Digital Detox appeared first on McAfee Blog.

☐ ☆ ✇ McAfee Blogs

How to Browse Privately on Your Phone

By McAfee — December 15th 2022 at 09:11

Your phone is likely a daily companion, giving you access to work emails, chats with friends, weather reports, and more — all in the palm of your hand. You can also use your phone for browsing online, looking up everything from your favorite recipes to your most-read media webpages. 

While being able to browse whenever and wherever you want is convenient, you might prefer that your phone doesn’t save all your online searches. For example, if you frequently let other people use your phone, you may not want them to have access to a history of your Google searches. In this case, you can use private browsing or “incognito mode.” 

This allows you to browse online without leaving any trace of your browsing activity on your mobile phone. Configuring your phone to use incognito mode can give you greater confidence while surfing online, as you’ll enjoy the peace of mind that comes with knowing your browser history isn’t recorded on your device.  

This article explains what incognito mode is and how you can set it up on your mobile phone. 

What is Incognito Mode?

Incognito mode allows you to browse online without leaving certain data on the device you’re using. Also referred to as private browsing mode, it makes sure there’s no record of your search engine history, websites you visited, and even login details (and related passcodes) on that device.  

As soon as you close the incognito web browser window, any cookies are erased and all these details disappear instead of being saved. 

That said, if you leave an incognito browser window open on your phone — and then hand your phone to someone else — they’ll be able to see the activity. So, if you want to make the most of incognito mode, make sure to close the browser window after every surfing session.  

Further, if you actively bookmark a page, it will be saved — even if you’re in incognito mode. Read on for some more caveats surrounding incognito mode and the extent of privacy it gives you. 

Is incognito mode really private browsing?

It’s important to note that incognito mode or private browsing mode is a device-specific privacy measure. It makes sure that your search and web browsing history isn’t visible on the device itself.  

However, your traffic and activity are both still visible to third parties beyond your device, such as your network admin, internet service provider (ISP), and the websites and search engines that you visit. 

Viewing in private or incognito mode also won’t disguise your unique IP address from these parties. Incognito mode further doesn’t secure your device against cyberthreats like hackers.  

That said, there are plenty of other tools you can use to safeguard your device against cybercriminals. For example, McAfee+ helps to secure your Wi-Fi connection, shield you from malicious websites or links, and detect malware. 

Can I Get Incognito Mode on my Phone?

You may already be familiar with incognito mode through your computer. For example, many people set up incognito mode through browsers like Mozilla Firefox, Google Chrome, Safari, Microsoft Edge, or Internet Explorer.  

However, incognito mode isn’t just for computers — you can also use it on your phone’s web browsing apps. 

How to turn on incognito mode

The steps to setting up incognito mode are fairly straightforward. That said, it depends largely on which type of device you have.  

Setting up private browsing or incognito mode for an Android isn’t the same as setting it up for iOS. Read on to learn how to go incognito whether you’ve got an Apple iPhone or an Android phone like Samsung. 

Private browsing on your Android device

The process for setting up incognito mode also varies based on the browser you’re using. Here’s how to set it up in the Google Chrome browser for your Android (note that the Google Chrome app is the default browser for most Android phones): 

  1. Open Chrome. 
  2. Tap the three dots at the top-right corner of the screen. 
  3. Tap “New incognito tab.” This will open up a new incognito window. 
  4. Close the incognito window to end the incognito session. 

Remember, for Google Chrome’s incognito mode to do the trick, you need to close your browsing session after each use. If you leave the tab open and someone else uses your phone, they can see your activity. 

Private browsing on your iPhone 

For iPhones, the default browser is Safari. Here’s how to set up private browsing in Safari for your iPhone: 

  1. Open Safari. 
  2. Tap the tab icon at the bottom right of the screen (it looks like two overlapping squares). 
  3. Tap “private” at the bottom-left of the screen. 
  4. To exit private mode, tap “private” again. 

Again, remember to close your browser’s private tabs when you’re done surfing. This makes sure that cookies are deleted and the private session is safely hidden from your device’s history. 

Do certain apps offer incognito mode?

The above steps can help you set up incognito mode on your Apple or Android phone’s browser. However, you probably use your phone for much more than browsing.  

You might have apps for watching videos, getting driving directions, listening to music, and more. And the tips above will only protect your privacy when using the phone’s browser — not apps. 

That said, some apps offer their very own in-app incognito mode. Examples include YouTube, Google Maps, Spotify, and Instagram. Other apps simply offer the option of private sessions, requiring you to log in with a dedicated username and password if you’re going to use the app. These include Whatsapp, Dropbox, Amazon, PayPal, and Evernote.  

Some of these apps can even be configured so they’re only unlockable with touch ID or face ID. 

Enhance Your Device’s Security

Browsing in incognito or private mode on your phone allows you to surf online without leaving any trace of your search history on that specific device. However, it doesn’t block third parties like your internet service provider or network administrator from seeing what websites you’ve visited. Only your phone is affected. 

Incognito mode also doesn’t protect you against potential cyberthreats, like malware. To stay safe and browse with confidence, consider McAfee Mobile Security. It includes Wi-Fi privacy protection, browsing safeguards, shields against unauthorized third-party activities, and more — and it works for Android and iOS devices. Find out more. 

The post How to Browse Privately on Your Phone appeared first on McAfee Blog.

☐ ☆ ✇ The Hacker News

Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware

By Ravie Lakshmanan — December 10th 2022 at 05:52
Cisco has released a new security advisory warning of a high-severity flaw affecting IP Phone 7800 and 8800 Series firmware that could be potentially exploited by an unauthenticated attacker to cause remote code execution or a denial-of-service (DoS) condition. The networking equipment major said it's working on a patch to address the vulnerability, which is tracked as CVE-2022-20968 (CVSS score
☐ ☆ ✇ Naked Security

Apple pushes out iOS security update that’s more tight-lipped than ever

By Paul Ducklin — December 2nd 2022 at 21:02
We grabbed the update, based on no information at all, just in case we came across a reason to advise you not to. So far, so good...

☐ ☆ ✇ McAfee Blogs

How to Tell Whether a Website Is Safe or Unsafe

By McAfee — November 22nd 2022 at 20:49

It’s important to know that not all websites are safe to visit. In fact, some sites may contain malicious software (malware) that can harm your computer or steal your personal contact information or credit card numbers.  

Phishing is another common type of web-based attack where scammers try to trick you into giving them your personal information, and you can be susceptible to this if you visit a suspicious site.  

Identity theft is a serious problem, so it’s important to protect yourself when browsing the web. Online security threats can be a big issue for internet users, especially when visiting new websites or following site links. 

So how can you tell if you’re visiting a safe website or an unsafe website? You can use a few different methods. This page discusses key things to look for in a website so you can stay safe online. 

Key signs of website safety and security

When you’re visiting a website, a few key indicators can help determine whether the site is safe. This section explores how to check the URL for two specific signs of a secure website. 

”Https:” in the website URL

“Https” in a website URL indicates that the website is safe to visit. The “s” stands for “secure,” and it means that the website uses SSL (Secure Sockets Layer) encryption to protect your information. A verified SSL certificate tells your browser that the website is secure. This is especially important when shopping online or entering personal information into a website. 

When you see “https” in a URL, the site is using a protocol that encrypts information before it’s sent from your computer to the website’s server. This helps prevent anyone from intercepting and reading your sensitive information as it’s transmitted. 

A lock icon near your browser’s URL field

The padlock icon near your browser’s URL field is another indicator that a webpage is safe to visit. This icon usually appears in the address bar and means the site uses SSL encryption. Security tools and icon and warning appearances depend on the web browser. 

Let’s explore the cybersecurity tools on the three major web browsers: 

  • Safari. In the Safari browser on a Mac, you can simply look for the lock icon next to the website’s URL in the address bar. The lock icon will be either locked or unlocked, depending on whether the site uses SSL encryption. If it’s an unsafe website, Safari generates a red-text warning in the address bar saying “Not Secure” or “Website Not Secure” when trying to enter information in fields meant for personal data or credit card numbers. Safari may also generate an on-page security warning stating, “Your connection is not private” or “Your connection is not secure.” 
  • Google Chrome. In Google Chrome, you’ll see a gray lock icon (it was green in previous Chrome versions) on the left of the URL when you’re on a site with a verified SSL certificate. Chrome has additional indicator icons, such as a lowercase “i” with a circle around it. Click this icon to read pertinent information on the site’s cybersecurity. Google Safe Browsing uses security tools to alert you when visiting an unsafe website. A red caution symbol may appear to the left of the URL saying “Not secure.” You may also see an on-page security message saying the site is unsafe due to phishing or malware. 
  • Firefox. Like Chrome, Mozilla’s Firefox browser will tag all sites without encryption with a distinctive marker. A padlock with a warning triangle indicates that the website is only partially encrypted and may not prevent cybercriminals from eavesdropping. A padlock with a red strike over it indicates an unsafe website. If you click on a field on the website, it’ll prompt you with a text warning stating, “This connection is not secure.” 

In-depth ways to check a website’s safety and security

Overall, the ”https” and the locked padlock icon are good signs that your personal data will be safe when you enter it on a website. But you can ensure a website’s security is up to par in other ways. This section will explore five in-depth methods for checking website safety. 

Use McAfee WebAdvisor

McAfee WebAdvisor is a free toolbar that helps keep you safe online. It works with your existing antivirus software to provide an extra layer of protection against online threats. WebAdvisor also blocks unsafe websites and lets you know if a site is known for phishing or other malicious activity. In addition, it can help you avoid online scams and prevent you from accidentally downloading malware. Overall, McAfee WebAdvisor is a useful tool that can help you stay safe while browsing the web. 

Website trust seals

When you’re browsing the web, it’s important to be able to trust the websites you’re visiting. One way to determine if a website is trustworthy is to look for trust seals. Trust seals are logos or badges that indicate a website is safe and secure. They usually appear on the homepage or checkout page of a website. 

There are many types of trust seals, but some of the most common include the Better Business Bureau (BBB) seal, VeriSign secure seal, and the McAfee secure seal. These seals indicate that a third-party organization has verified the website as safe and secure. 

While trust seals can help determine whether a website is trustworthy, it’s important to remember that they are not foolproof. Website owners can create a fake trust seal, so it’s always important to do your own research to ensure a website is safe before entering personal information. 

Check for a privacy policy

Another way to determine if a website is safe to visit is to check for a privacy policy. A privacy policy is a document that outlines how a website collects and uses personal information. It should also state how the site protects your data from being accessed or shared by scammers, hackers, or other unauthorized individuals. 

If a website doesn’t have a privacy policy, that’s a red flag that you shouldn’t enter any personal information on the site. Even if a website does have a privacy policy, it’s important to read it carefully so you understand how the site uses your personal data. 

Check third-party reviews

It’s important to do some preliminary research before visiting a new website, especially if you’re shopping online or entering personal data like your address, credit card, or phone number. One way to determine if a website is safe and trustworthy is to check third-party reviews. Several websites provide reviews of other websites, so you should be able to find several reviews for any given site.  

Trustpilot is one example of a website that provides reviews of other websites. 

Look for common themes when reading reviews. If most of the reviews mention that a website is safe and easy to use, it’s likely that the site is indeed safe to visit. However, if a lot of negative reviews mention problems with viruses or malware, you might want to avoid the site. 

Look over the website design

You can also analyze the website design when deciding whether a website is safe to visit. Look for spelling errors, grammatical mistakes, and anything that appears off. If a website looks like it was made in a hurry or doesn’t seem to be well-designed, that’s usually a red flag that the site might not be safe. 

Be especially careful of websites that have a lot of pop-ups. These sites are often spammy or contain malware. Don’t download anything from a website unless you’re absolutely sure it’s safe. These malicious websites rarely show up on the top of search engine results, so consider using a search engine to find what you’re looking for rather than a link that redirects you to an unknown website. 

Download McAfee WebAdvisor for free and stay safe while browsing

If you’re unsure whether a website is safe to visit, download McAfee WebAdvisor for free. McAfee WebAdvisor is a program that helps protect you from online threats, such as malware and viruses. It also blocks pop-ups and other intrusive ads so you can browse the web without worry. Plus, it’s completely free to download and use. 

Download McAfee WebAdvisor now and stay safe while browsing the web. 

The post How to Tell Whether a Website Is Safe or Unsafe appeared first on McAfee Blog.

☐ ☆ ✇ McAfee Blogs

What Is Smishing and Vishing, and How Do You Protect Yourself?

By McAfee — November 10th 2022 at 11:57

Smishing and vishing are scams where criminals attempt to get users to click a fraudulent link through a phone text message, email, or voicemail. These scams are becoming increasingly popular as cybercriminals try to take advantage of people who are more likely to fall for them, such as those who aren’t as familiar with technology or who may be experiencing a crisis. 

Be aware that cybercrime and hacking can happen to anyone. Criminals are always looking for new ways to exploit people, and they know that others may not be cautious or recognize the warning signs of phishing scams when using the internet. That’s why it’s important to be aware of the different types of cybercrime and how to protect yourself. 

This article discusses how to protect yourself from smishing attempts and scams where criminals try to get you to click on a fraudulent link or respond to their voicemail message to steal your personal data. 

What is smishing?

Most people are familiar with phishing scams, where scammers try to trick you into giving them your personal or financial information by pretending to be a legitimate company or organization. But have you ever heard of smishing or vishing? 

Smishing is a type of phishing scam where attackers send SMS messages (or text messages) to trick victims into sharing personal information or installing malware on their devices. Vishing is almost identical to smishing, except cybercriminals use VoIP (Voice over IP) to place phone calls to trick victims instead of SMS (short message service) messages. 

Smishing messages often appear to be from a legitimate source, such as a well-known company or government agency. It may even include urgent language or threats in an effort to get victims to act quickly. In some cases, the message may also include a link that directs victims to a fake website where they are prompted to enter personal information or download malware. 

Examples of a smishing text message

Here are some examples of smishing text messages hackers use to steal your personal details: 

  • “We have detected unusual activity on your account. Please call this number to speak to a customer service representative.” 
  • “You have won a free gift card! Click here to claim your prize.” 
  • “Hi! We noticed that you’re a recent customer of ours. To finish setting up your account, please click this link and enter your personal information.” 
  • “Urgent! Your bank account has been compromised. Please click this link to reset your password and prevent any further fraud.” 
  • “Hey, it’s [person you know]! I’m in a bit of a bind and could really use your help. I sent you a link to my PayPal, could you send me some money?” 

How dangerous can smishing be?

If you fall for a smishing scam, you could end up giving away your personal information or money. Cybercriminals use smishing messages to get personal and financial information, like your credit card number or access to your financial services 

For example, one type of smishing scam is when you get a text message that looks like it’s from your bank. The message might say there’s been suspicious activity on your account and that you need to click on a link to verify your identity. If you do click on the link, you’ll be taken to a fake website where you’ll be asked to enter your banking information. Once the scammers have your login information, they have access to clean out your account. 

How can you protect yourself from smishing?

Smishing scams can be very difficult to spot, but there are some telltale signs to look for and steps to take to protect yourself. 

Recognize the signs of a smishing text

One of the easiest ways to protect yourself from smishing scams is to be able to recognize the signs of a smishing text message. Here are some tips: 

  • Be suspicious of any text messages that ask for personal information or include a link. 
  • Look closely at the sender’s name and number. Fraudulent messages often come from spoofed numbers that may look similar to a legitimate number but with one or two digits off. 
  • Look for errors in spelling or grammar. This can be another sign that the message is not legitimate. 
  • Beware of any text messages that create a sense of urgency or are threatening in nature. Scammers often use these tactics to get you to act quickly without thinking. 
  • If you’re not expecting a message from the sender, be extra cautious. 
  • If you’re unsure whether a text message is legitimate, call the company or organization directly to verify. 

Filter unknown text messages

While you can’t avoid smishing attacks altogether, you can block spam text messages you receive on your mobile phone. iPhone and Android have cybersecurity tools like spam filters and phone number blocking to help protect you from phishing attacks and malicious links. 

To set up spam filters on your iPhone: 

  1. Go to the Settings App 
  2. Go to Messages 
  3. Find the Filter Unknown Senders option and turn it on 

To set up spam filters on your Android mobile device: 

  1. Go to the Messaging App 
  2. Choose Settings 
  3. Tap Spam Protection and turn on Enable Spam Protection 

Use McAfee Mobile Security 

McAfee Mobile Security is a mobile security app that helps protect your phone from malware, phishing attacks, and other online threats. McAfee Mobile Security is available for Android and iOS cell phones. 

One of the benefits of using McAfee Mobile Security is that it can help detect and block smishing attacks. With identity monitoring, McAfee Mobile Security monitors your sensitive information like email accounts, credit card numbers, phone numbers, Social Security numbers, and more to protect against identity theft. They notify you if they find any security breaches. 

Other benefits include: 

  • Antivirus 
  • Secure VPN for privacy online 
  • Identity monitoring for up to 10 emails 
  • Guard your identity against risky Wi-Fi connections 
  • Safe browsing 
  • System Scan for the latest updates 

Keep your device and information secure with McAfee Mobile Security

These days, our lives are more intertwined with our mobile devices than ever. We use them to stay connected with our loved ones on social media, conduct our business, and even access our most personal, sensitive data. It’s no surprise that mobile cybersecurity is becoming increasingly important. 

McAfee Mobile Security is a comprehensive security solution that helps protect your device from viruses, malware, and other online threats. It also offers a variety of other features, like a secure VPN to protect your credit card numbers and other personal data 

Whether you’re browsing your favorite website, keeping up with friends on social media, or shopping online at Amazon, McAfee Mobile Security provides the peace of mind that comes from knowing your mobile device is safe and secure. 

So why wait? Don‘t let the smishers win. Get started today with McAfee Mobile Security and rest easy knowing your mobile device and sensitive information are protected. 

The post What Is Smishing and Vishing, and How Do You Protect Yourself? appeared first on McAfee Blog.

☐ ☆ ✇ Naked Security

Updates to Apple’s zero-day update story – iPhone and iPad users read this!

By Paul Ducklin — October 28th 2022 at 18:04
Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...

☐ ☆ ✇ Naked Security

Apple megaupdate: Ventura out, iOS and iPad kernel zero-day – act now!

By Paul Ducklin — October 25th 2022 at 18:03
Ventura hits the market with 112 patches, Catalina's gone missing, and iPhones and iPads get a critical kernel-level zero-day patch...

☐ ☆ ✇ Naked Security

S3 Ep104: Should hospital ransomware attackers be locked up for life? [Audio + Text]

By Paul Ducklin — October 13th 2022 at 16:37
Have your say on three deep questions posed by this week's podcast. Read or listen as suits you best...

☐ ☆ ✇ McAfee Blogs

Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You

By McAfee — April 5th 2022 at 13:17

It’s hard to imagine a world without cellphones. Whether it be a smartphone or a flip phone, these devices have truly shaped the late 20th century and will continue to do so for the foreseeable future. But while users have become accustomed to having almost everything they could ever want at fingertips length, cybercriminals were busy setting up shop. To trick unsuspecting users, cybercriminals have set up crafty mobile threats – some that users may not even be fully aware of. These sneaky cyberthreats include SMSishing, fake networks, malicious apps, and grayware, which have all grown in sophistication over time. This means users need to be equipped with the know-how to navigate the choppy waters that come with these smartphone-related cyberthreats. Let’s get started.

Watch out for SMSishing Hooks

If you use email, then you are probably familiar with what phishing is. And while phishing is commonly executed through email and malicious links, there is a form of phishing that specifically targets mobile devices called SMSishing. This growing threat allows cybercriminals to utilize messaging apps to send unsuspecting users a SMSishing message. These messages serve one purpose – to obtain personal information, such as logins and financial information. With that information, cybercriminals could impersonate the user to access banking records or steal their identity.

While this threat was once a rarity, it’s rise in popularity is two-fold. The first aspect being that users have been educated to distrust email messages and the second being the rise in mobile phone usage throughout the world. Although this threat shows no sign of slowing down, there are ways to avoid a cybercriminal’s SMSishing hooks. Get started with these tips:

  1. Always double-check the message’s source. If you receive a text from your bank or credit card company, call the organization directly to ensure the message is legit.
  2. Delete potential SMSishing Do not reply to or click on any links within a suspected malicious text, as that could lead to more SMSishing attempts bombarding your phone.
  3. Invest in comprehensive mobile security. Adding an extra level of security can not only help protect your device but can also notify you when a threat arises.

Public Wi-Fi Woes  

Public and free Wi-Fi is practically everywhere nowadays, with some destinations even having city-wide Wi-Fi set up. But that Wi-Fi users are connecting their mobile device to may not be the most secure, given cybercriminals can exploit weaknesses in these networks to intercept messages, login credentials, or other personal information. Beyond exploiting weaknesses, some cybercriminals take it a step further and create fake networks with generic names that trick unsuspecting users into connecting their devices. These networks are called “evil-twin” networks. For help in spotting these imposters, there are few tricks the savvy user can deploy to prevent an evil twin network from wreaking havoc on their mobile device:

  1. Look for password-protected networks. As strange as it sounds, if you purposely enter the incorrect password but are still allowed access, the network is most likely a fraud.
  2. Pay attention to page load times. If the network you are using is very slow, it is more likely a cybercriminal is using an unreliable mobile hotspot to connect your mobile device to the web.
  3. Use a virtual private network or VPN. While you’re on-the-go and using public Wi-Fi, add an extra layer of security in the event you accidentally connect to a malicious network. VPNs can encrypt your online activity and keep it away from prying eyes. 

Malicious Apps: Fake It till They Make It

Fake apps have become a rampant problem for Android and iPhone users alike. This is mainly in part due to malicious apps hiding in plain sight on legitimate sources, such as the Google Play Store and Apple’s App Store. After users download a faulty app, cybercriminals deploy malware that operates in the background of mobile devices which makes it difficult for users to realize anything is wrong. And while users think they’ve just downloaded another run-of-the-mill app, the malware is hard at work obtaining personal data.

In order to keep sensitive information out of the hands of cybercriminals, here are a few things users can look for when they need to determine whether an app is fact or fiction:

  1. Check for typos and poor grammar. Always check the app developer name, product title, and description for typos and grammatical errors. Often, malicious developers will spoof real developer IDs, even just by a single letter or number, to seem legitimate.
  2. Examine the download statistics. If you’re attempting to download a popular app, but it has a surprisingly low number of downloads, that is a good indicator that an app is most likely fake.
  3. Read the reviews. With malicious apps, user reviews are your friend. By reading a few, you can receive vital information that can help you determine whether the app is fake or not.

The Sly Operation of Grayware

With so many types of malware out in the world, it’s hard to keep track of them all. But there is one in particular that mobile device users need to be keenly aware of called grayware. As a coverall term for software or code that sits between normal and malicious, grayware comes in many forms, such as adware, spyware or madware. While adware and spyware can sometimes operate simultaneously on infected computers, madware — or adware on mobile devices — infiltrates smartphones by hiding within rogue apps. Once a mobile device is infected with madware from a malicious app, ads can infiltrate almost every aspect on a user’s phone. Madware isn’t just annoying; it also is a security and privacy risk, as some threats will try to obtain users’ data. To avoid the annoyance, as well as the cybersecurity risks of grayware, users can prepare their devices with these cautionary steps:

  1. Be sure to update your device. Grayware looks for vulnerabilities that can be exploited, so be sure to always keep your device’s software up-to-date.
  2. Beware of rogue apps. As mentioned in the previous section, fake apps are now a part of owning a smartphone. Use the tips in the above section to ensure you keep malicious apps off of your device that may contain grayware.
  3. Consider a comprehensive mobile security system. By adding an extra level of security, you can help protect your devices from threats, both old and new.

 

The post Cybercrime’s Most Wanted: Four Mobile Threats that Might Surprise You appeared first on McAfee Blog.

☐ ☆ ✇ McAfee Blogs

A Guide to Remove Malware From Your iPhone

By McAfee — November 6th 2022 at 13:25

Malicious software, or “malware,” refers to any program designed to infect and disrupt computer systems and networks. The risks associated with a malware infection can range from poor device performance to stolen data. 

However, thanks to their closed ecosystem, built-in security features, and strict policies on third-party apps, Apple devices tend to be less prone to malware infections compared to their Android counterparts. But it’s important to note that they’re not completely without vulnerabilities 

Several iPhone viruses could infect your smartphone and affect its functionality, especially if you jailbreak your iPhone (that is, opening your iOS to wider features, apps, and themes).  

This article covers how you can detect malware infections and how to remove viruses from your device so you can get back to enjoying the digital world. 

How does malware affect iPhones?

Malware can affect your iPhone in a variety of ways. Here are a few telltale signs that your iPhone might have an unwelcome visitor.  

  • Your iPhone’s battery life is shorter than usual. 
  • Pop-up ads frequently appear. 
  • Apps crash for no apparent reason. 
  • Unfamiliar apps are installed on your iPhone. 
  • You notice high data usage. 
  • The operating system is noticeably slow. 
  • Your iPhone is overheating. 

How to check your iPhone for malware

If you notice any of the signs above, it’s a good idea to check for malware. Here are some steps you can take. 

  1. Look for unfamiliar apps. If you’re anything like the average smartphone user, you’ve probably downloaded dozens (if not hundreds) of apps. The sheer number of programs on your iPhone makes it easy for malicious apps to hide in plain sight and remain undetected for a long time. Take some time to swipe through all of your apps and closely inspect any that you don’t remember downloading or installing. 
  2. Check your data usage. Heavy data usage can be a sign of a malware infection, which is why you should keep an eye on it if you suspect a virus is in your system. To do so, go to Settings > Mobile Data and check if your data usage is higher than usual. 
  3. Check power consumption. Some types of malware run in the background and consume a significant amount of power without you noticing. To make sure that no such apps are installed on your phone, head over to Settings > Battery and select a period of your choice. Uninstall any unfamiliar apps that stand out. 
  4. Keep an eye on pop-up ads. Running into pop-up ads is inevitable when browsing the internet. However, your phone might be infected with adware if you’re getting them at an alarming frequency. 
  5. Scan your phone using antivirus software. As helpful as these steps are, running a complete scan using antivirus software is one of the most effective ways to detect malware. If you don’t have one installed already, consider using McAfee Mobile Security. This comprehensive security solution provides full-scale protection that includes a safe browsing feature to protect your digital life, Wi-Fi privacy, and a VPN for a more secure internet connection. Highly effective scans detect malicious apps and unwanted visitors before they enter your digital space. 

How to remove malware from your iPhone

If you’ve confirmed malware on your iPhone, don’t worry. There’s still time to protect yourself and your data. Below is an action plan you can follow to remove malware from your device. 

Update your iOS (if applicable)

In many cases, hackers exploit outdated versions of iOS to launch malware attacks. If you don’t have the latest version of your operating system, it’s a good idea to update iOS to close this potential vulnerability. Just follow these steps: 

  1. Go to Settings. 
  2. Click on General. 
  3. Click on Software Update. 
  4. Follow the instructions to update your iPhone. 

Restart your device

It might sound simple, but restarting your device can fix certain issues. The system will restart on its own when updating the iOS. If you already have the latest version, restart your iPhone now. 

Clear your iPhone browsing history and data

If updating the iOS and restarting your device didn’t fix the issue, try clearing your phone’s browsing history and data. If you’re using Safari, follow these steps: 

  1. Go to Settings. 
  2. Click on Clear History and Website Data 
  3. Click on Clear History and Data 

Keep in mind that the process is similar for Google Chrome and most other popular web browsers. 

Remove any suspicious apps

Malicious software, such as spyware and ransomware, often end up on phones by masquerading as legitimate apps. To err on the side of caution, delete any apps that you don’t remember downloading or installing. 

Restore your iPhone

The option to restore to a previous backup is one of the most valuable features found on the iPhone and iPad. Essentially, this allows you to restore your device to an iCloud backup made before the malware infection 

Here’s how: 

  1. Go to Settings. 
  2. Click on General. 
  3. Click on Transfer or Reset iPhone. 
  4. Choose Erase All Content and Settings. 
  5. Choose Restore from iCloud Backup. 

Factory reset your iPhone

If none of the steps above solves the problem, a factory reset might be the next order of business. Restoring your phone to factory settings will reset it to its out-of-factory configuration, deleting all of your apps, content, and settings in the process and replacing them with original software only. 

To factory reset your iPhone, follow these steps: 

  1. Go to Settings. 
  2. Click on General.  
  3. Click on Transfer or Reset iPhone 
  4. Choose Erase All Content and Settings. 
  5. Choose Set Up as New iPhone. 

How to keep your iPhone safe from malware

The best way to protect your iOS device is to avoid malware in the first place. Follow these security measures to safeguard your device: 

  • Don’t click on suspicious links. 
  • Don’t install apps that Apple doesn’t recognize. 
  • Only download apps from the App Store. 
  • Don’t jailbreak your iPhone, as this will remove most Apple security features. 
  • Enable automatic updates for iOS and iTunes to stay in line with Apple’s security updates and bug fixes. 
  • Keep frequent data backups. 
  • Avoid engaging with suspicious text messages on iMessage, as hackers use them to spread phishing scams. 

Secure your iPhone with McAfee Mobile Security 

If you have an iPhone and are like most other people, you probably use your device for almost everything you do online. And while it’s amazing to have the internet in the palm of your hands, it’s also important to be aware of online threats like malware, which can put your digital life at risk. 

The good news is that McAfee has your back with our award-winning and full-scale mobile security app. McAfee Mobile Security provides full protection against various types of malware targeting the Apple ecosystem. With safe browsing features, a secure VPN, and antivirus software, McAfee Security for iOS delivers protection against emerging threats, so you can continue to use your iPhone with peace of mind. 

Download the McAfee Security app today and get all-in-one protection. 

The post A Guide to Remove Malware From Your iPhone appeared first on McAfee Blog.

☐ ☆ ✇ McAfee Blogs

How Do Hackers Hack Phones and How Can I Prevent It?

By McAfee — September 29th 2022 at 14:00

How do hackers hack phones? Several ways. Just as there are several ways you can prevent it from happening to you. 

The thing is that our phones are like little treasure chests. They’re loaded with plenty of personal data, and we use them to shop, bank, and take care of other personal and financial matters—all of which are of high value to identity thieves.  

However, you can protect yourself and your phone by knowing what to look out for and by taking a few simple steps. Let’s break it down by first taking a look at some of the more common attacks.  

Types of Smartphone Hacks and Attacks 

Hacking software 

Whether hackers sneak it onto your phone by physically accessing your phone or by tricking you into installing it via a phony app, a sketchy website, or a phishing attack, hacking software can create problems for you in a couple of ways: 

  • Keylogging: In the hands of a hacker, keylogging works like a stalker by snooping information as you type, tap, and even talk on your phone.  
  • Trojans: Trojans are types of malware that can be disguised in your phone to extract important data, such as credit card account details or personal information. 

Some possible signs of hacking software on your phone include: 

  • A battery that drains way too quickly. 
  • Your phone runs a little sluggish or gets hot. 
  • Apps quit suddenly or your phone shuts off and turns back on. 
  • You see unrecognized data, text, or other charges on your bill.   

In all, hacking software can eat up system resources, create conflicts with other apps, and use your data or internet connection to pass along your personal information into the hands of hackers—all of which can lead to some of the symptoms listed above. 

Phishing attacks 

These are a classic form of attack. In fact, hackers have leveled them at our computers for years now too. Phishing is where hackers impersonate a company or trusted individual to get access to your accounts or personal info or both. And these attacks take many forms, like emails, texts, instant messages, and so forth, some of which can look really legitimate. Common to them are links to bogus sites that attempt to trick you into handing over that info or that install malware to wreak havoc on your device or likewise steal information. Learning how to spot a phishing attack is one way to keep yourself from falling victim to one. 

Bluetooth hacking 

Professional hackers can use dedicated technologies that search for vulnerable mobile devices with an open Bluetooth connection. Hackers can pull off these attacks when they are range of your phone, up to 30 feet away, usually in a populated area. When hackers make a Bluetooth connection to your phone, they can possibly access your data and info, yet that data and info must be downloaded while the phone is within range. As you probably gathered, this is a more sophisticated attack given the effort and technology involved. 

SIM card swapping 

In August of 2019, the CEO of Twitter had his SIM card hacked by SIM card swapping scam. SIM card swapping occurs when a hacker contacts your phone provider, pretends to be you, and then asks for a replacement SIM card. Once the provider sends the new SIM to the hacker, the old SIM card will be deactivated, and your phone number will be effectively stolen. This means the hacker has taken control of your phone calls, messages, and so forth. This method of hacking requires the seemingly not-so-easy task of impersonating someone else, yet clearly, it happened to the CEO of a major tech company. Protecting your personal info and identity online can help prevent hackers from impersonating you to pull off this and other crimes.  

Ten tips to prevent your phone from being hacked 

While there are several ways a hacker can get into your phone and steal personal and critical information, here are a few tips to keep that from happening: 

  1. Use comprehensive security software on your phone. Over the years, we’ve gotten into the good habit of using this on our computers and laptops. Our phones? Not so much. Installing security software on your smartphone gives you a first line of defense against attacks, plus several of the additional security features mentioned below. 
  2. Update your phone and its apps. Aside from installing security software, keeping current with updates is a primary way to keep you and your phone safe. Updates can fix vulnerabilities that cybercriminals rely on to pull off their malware-based attacks. Additionally, those updates can help keep your phone and apps running smoothly while also introducing new, helpful features. 
  3. Stay safer on the go with a VPN. One way that crooks can hack their way into your phone is via public Wi-Fi, such as at airports, hotels, and even libraries. These networks are public, meaning that your activities are exposed to others on the network—your banking, your password usage, all of it. One way to make a public network private is with a VPN, which can keep you and all you do protected from others on that Wi-Fi hotspot.  
  4. Use a password manager. Strong, unique passwords offer another primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one. 
  5. Avoid public charging stations. Charging up at a public station seems so simple and safe. However, some hackers have been known to “juice jack” by installing malware into the charging station. While you “juice up,” they “jack” your passwords and personal info. So what to do about power on the road? You can look into a portable power pack that you can charge up ahead of time or run on AA batteries. They’re pretty inexpensive and easy to track down.  
  6. Keep your eyes on your phone. Preventing the actual theft of your phone is important too, as some hacks happen simply because a phone falls into the wrong hands. This is a good case for password or PIN protecting your phone, as well as turning on device tracking so that you can locate your phone or even wipe it remotely if you need to. Apple provides iOS users with a step-by-step guide for remotely wiping devices, and Google offers up a guide for Android users as well.  
  7. Encrypt your phone. Encrypting your cell phone can save you from being hacked and can protect your calls, messages, and critical information. To check if your iPhone is encrypted can go into Touch ID & Passcode, scroll to the bottom, and see if data protection is enabled (typically this is automatic if you have a passcode enabled). Android users have automatic encryption depending on the type of phone. 
  8. Lock your SIM card. Just as you can lock your phone, you can also lock the SIM card that is used to identify you, the owner, and to connect you to your cellular network. By locking it, keeps your phone from being used on any other network than yours. If you own an iPhone, you can lock it by following these simple directions. For other platforms, check out the manufacturer’s website. 
  9. Turn off your Wi-Fi and Bluetooth when not in use. Think of it as closing an otherwise open door. There are several attacks that a dedicated and well-equipped hacker can make on devices where Wi-Fi and Bluetooth are open and discoverable. Likewise, while not a hack, some retailers will track your location in a store using Bluetooth technology for marketing purposes—so switching it off can protect your privacy in some situations as well. You can easily turn off both from your settings and many phones let you do it from a pulldown menu on your home screen as well. 
  10. Steer clear of third-party app stores. Google Play and Apple’s App Store have measures in place to review and vet apps to help ensure that they are safe and secure. Third-party sites may not have that process in place. In fact, some third-party sites may intentionally host malicious apps as part of a broader scam. Granted, cybercriminals have found ways to work around Google and Apple’s review process, yet the chances of downloading a safe app from them are far greater than anywhere else. Furthermore, both Google and Apple are quick to remove malicious apps once discovered, making their stores that much safer. 

The post How Do Hackers Hack Phones and How Can I Prevent It? appeared first on McAfee Blog.

☐ ☆ ✇ WIRED

Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine

By Matt Burgess — September 21st 2022 at 11:00
But as Ukrainians retake ground, some of the firms are erasing their online presence.
☐ ☆ ✇ McAfee Blogs

Smartphone Alternatives: Ease Your Way into Your Child’s First Phone

By McAfee — September 1st 2022 at 13:21

“But everyone else has one.” 

Those are familiar words to a parent, especially if you’re having the first smartphone conversation with your tween or pre-teen. In their mind, everyone else has a smartphone so they want a one too. But does “everyone” really have one? Well, your child isn’t wrong.  

Our recent global study found that 76% of children aged 10 to 14 reported using a smartphone or mobile device, with Brazil leading the way at 95% and the U.S. trailing the global average at 65%.   

Our figures show that younger children with smartphones and mobile devices make up a decisive majority of younger children overall. 

Of course, just because everyone else has smartphone doesn’t mean that it’s necessarily right for your child and your family. After all, with a smartphone comes access to a wide and practically unfettered world of access to the internet, apps, social media, instant messaging, texting, and gaming, all within nearly constant reach. Put plainly, some tweens and pre-teens simply aren’t ready for that just yet, whether in terms of their maturity, habits, or ability to care for and use a device like that responsibly. 

Yet from a parent’s standpoint, a first smartphone holds some major upsides. One of the top reasons parents give a child a smartphone is “to stay in touch,” and that’s understandable. There’s something reassuring knowing that your child is a call or text away—and that you can keep tabs on their whereabouts with GPS tracking. Likewise, it’s good to know that they can reach you easily too. Arguably, that may be a reason why some parents end up giving their children a smartphone a little sooner than they otherwise would.  

However, you don’t need a smartphone to do to text, track, and talk with your child. You have alternatives. 

Smartphone alternatives 

One way to think about the first smartphone is that it’s something you ease into. In other words, if the internet is a pool, your child should learn to navigate the shallows with some simpler devices before diving into the deep end with a smartphone.  

Introducing technology and internet usage in steps can build familiarity and confidence for them while giving you control. You can oversee their development, while establishing rules and expectations along the way. Then, when the time is right, they can indeed get their first smartphone. 

But how to go about that? 

It seems a lot of parents have had the same idea and device manufacturers have listened. They’ve come up with smartphone alternatives that give kids the chance to wade into the mobile internet, allowing them to get comfortable with device ownership and safety over time without making the direct leap to a fully featured smartphone. Let’s look at some of those options, along with a few other long-standing alternatives. 

GPS trackers for kids 

These small and ruggedly designed devices can clip to a belt loop, backpack, or simply fit in a pocket, giving you the ability to see your child’s location. In all, it’s quite like the “find my” functionality we have on our smartphones. When it comes to GPS trackers for kids, you’ll find a range of options and form factors, along with different features such as an S.O.S. button, “geofencing” that can send you an alert when your child enters or leaves a specific area (like home or school), and how often it sends an updated location (to regulate battery life).  

Whichever GPS tracker you select, make sure it’s designed specifically for children. So-called “smart tags” designed to locate things like missing keys and wallets are just that—trackers designed to locate things, not children. 

Smart watches for kids 

With GPS tracking and many other communication-friendly features for families, smart watches can give parents the reassurance they’re looking for while giving kids a cool piece of tech that they can enjoy. The field of options is wide, to say the least. Smart watches for kids can range anywhere from devices offered by mobile carriers like Verizon, T-Mobile, and Vodaphone to others from Apple, Explora, and Tick Talk. Because of that, you’ll want to do a bit of research to determine the right choice for you and your child.  

Typical features include restricted texting and calling, and you’ll find that some devices are more durable and more water resistant than others, while yet others have cameras and simple games. Along those lines, you can select a smart watch that has a setting for “school time” so that it doesn’t become a distraction in class. Also, you’ll want to look closely at battery life, as some appear to do a better job of holding a charge than others.  

Smartphones for kids 

Another relatively recent entry on the scene are smartphones designed specifically for children, which offer a great step toward full-blown smartphone ownership. These devices look, feel, and act like a smartphone, but without web browsing, app stores, and social media. Again, features will vary, yet there are ways kids can store and play music, stream it via Bluetooth to headphones or a speaker, and install apps that you approve of.  

Some are paired with a parental control app that allows you to introduce more and more features over time as your child as you see fit—and that can screen texts from non-approved contacts before they reach your child. Again, a purchase like this one calls for some research, yet names like Gabb wireless and the Pinwheel phone offer a starting point. 

The flip phone 

The old reliable. Rugged and compact, and typically with a healthy battery life to boot, flip phones do what you need them to—help you and your child keep in touch. They’re still an option, even if your child may balk at the idea of a phone that’s “not as cool as a smartphone.” However, if we’re talking about introducing mobile devices and the mobile internet to our children in steps, the flip phone remains in the mix.  

Some are just phones and nothing else, while other models can offer more functionality like cameras and slide-out keyboards for texting. And in keeping with the theme here, you’ll want to consider your options so you can pick the phone that has the features you want (and don’t want) for your child. 

Ease into that first smartphone 

Despite what your younger tween or pre-teen might think, there’s no rush to get that first smartphone. And you know it too. You have time. Time to take eventual smartphone ownership in steps, with a device that keeps you in touch and that still works great for your child.  

By easing into that first smartphone, you’ll find opportunities where you can monitor and guide their internet usage. You’ll also find plenty of moments to help your child start forming healthy habits around device ownership and care, etiquette, and safety online. In all, this approach can help you build a body of experience that will come in handy when that big day finally comes—first smartphone day. 

The post Smartphone Alternatives: Ease Your Way into Your Child’s First Phone appeared first on McAfee Blog.

☐ ☆ ✇ The Hacker News

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

By Ravie Lakshmanan — September 1st 2022 at 03:24
Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The shortcoming, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. WebKit is the
☐ ☆ ✇ McAfee Blogs

Privacy, please! Why a VPN on your smartphone may be a smart move for you.

By Natalie Maxfield — August 30th 2022 at 17:55

Using a VPN on your smartphone can boost your privacy in a big way, particularly with all the data tracking that’s happening out there today. 

For some time now, we’ve recommended a VPN when using public Wi-Fi in airports, libraries, hotels, and coffee shops. Given that these are public networks, a determined hacker can snoop on the other devices transmitting data on it. With a VPN, any connection becomes a secure connection, which includes public Wi-Fi. That advice still holds true. Yet there’s a good reason to use it on your smartphone all the time—for your privacy. 

Let’s start with a quick look at the two big things a VPN does for you. 

It makes you more secure. 

The bank-grade encryption used by a strong VPN shields your data and information while it’s in transit, which makes it terrifically difficult for hackers to spy on your connection. (Think of your data and information traveling through a tunnel that no one else can use or see into.) In that way, at VPN makes all kinds of online activities more secure—like banking, shopping, and checking up on your finances.  

It protects your privacy. 

By masking your whereabouts and your IP address, along with encryption that helps keep your activities private, a VPN reduces the personal information that others can collect and track. That includes internet service providers, social media companies, businesses, app developers, websites, and others who gather your data for marketing purposes or for resale to third parties. 

Your smartphone, your privacy, and a VPN 

As far as your privacy is concerned, a VPN on a smartphone can be a smart move. There are a couple of reasons for that: first, because of the way smartphones have additional tracking technologies built in, and second, because of all the trackable data we create when using smartphones as frequently as we do—up to six hours per day for some. 

As for how your smartphone is built, data collectors can harvest your personal information that reveals what you’re doing, when you’re doing it, and where you’re doing it as well. Several technologies allow them to pinpoint where you are at any given time, such as GPS and location services, along with Bluetooth connectivity and location tracking based on which cell phone tower you’re connected to. Even scanning a QR code with your phone can reveal location information. It can all get rather precise, which is of interest to advertisers, businesses, and even governments. 

Next, think about all the activities you do on your phone, with a special emphasis on the apps you use and the data they create, about your health, your shopping habits, your travels, who you’re chatting with, and what content you’re posting online—just to name a few things. Once again, that information in of itself is valuable to data collectors. It becomes even more valuable when they know where you do these things.  

Taken together, data broker companies readily gather this information from millions of devices, generating billions of data points, and create massive lists of targeted information. And that information gets quite specific. With some data brokers collecting hundreds and into the thousands of data points per person, they can provide interested buyers with a high-resolution snapshot of who you are, where you live, who’s in your family, your income, where you shop, what you like to buy—right on down to your favorite shampoo. And that’s just for starters. 

It’s little surprise that all this data brokering activity fuels a global business estimated at $200 billion U.S. dollars a year. 

How’s this happening? In large part by way of the privacy policies you may or may not have read. 

Within those policies, device manufacturers, social media companies, app developers, and so on will detail what data they collect, under what conditions, what they do with it, and if they share or resell that data to other parties. However, if you’ve ever taken a dive into the fine print of a privacy policy, what’s stated there isn’t always clear. Now consider all the apps you have on your phone and the privacy policies associated with each one—your personal data privacy picture gets even less clear. 

With digital data and information collection baked into so much of what we do online, it’s little wonder that more than 70% of people feel like their data privacy is out of their control. 

Yet there are things you can do. 

Protect your privacy on your smartphone with a VPN 

Using a VPN on your smartphone can make you far more anonymous online. A VPN can minimize the data that gets exposed as it transmits to and from your smartphone. As a result, companies and data brokers can potentially learn far less about you, your shopping, your travels, your habits, and any other information that they could possibly collect and otherwise profit from. 

While you have free VPN options available, I suggest steering clear of them. As with many “free” services, there’s going to be some catch, often involving data collection. For example, some so-called “free VPNs” have served up tracking malware or actually collected private data and information for sale—the very things you want a VPN to prevent.  

Given that this is your privacy we’re talking about, do a little background check. Has the VPN you’re considering been independently audited for security? The technology that powers ours undergoes a thorough audit every year. Search news articles and see if the VPN you’re looking at has a track record of collecting and selling data in any way. Again, with our VPN technology, we don’t log or track what you do online so your online activity remains private. ​ 

And a Personal Data Cleanup too … 

What about the information that’s already out there? Our Personal Data Cleanup can help you remove your personal information from high-risk data broker sites, so you can prevent it from being further collected and sold online. If you’re unsure if your data and information are out there, consider what one major data brokers has touted in the past—a reach of over 62 countries and the ability to reach over 2.5 billion consumers globally. With 5 billion internet users today, that accounts for half of the world’s online population. And that’s just one data broker alone. 

Moreover, consider that data brokers acquire plenty of information from places other than your smartphone and other connected devices. They skim and collate public records associated with you, information purchased from retailers with loyalty card programs, not to mention census data, court records, and motor vehicle records. And that’s just a few of the many sources. Using our Personal Data Cleanup can help remove those sorts of records too.  

Getting more privacy on your smartphone 

Together, the combination of a VPN and Personal Data Cleanup can help you become far more private than before. With so much of our digital lives getting collected, tracked, and tabulated, often without our knowledge thanks to confusing privacy policies, taking control of your privacy makes sense and only gets easier to do thanks to the tools and services available to you. 

The post Privacy, please! Why a VPN on your smartphone may be a smart move for you. appeared first on McAfee Blog.

☐ ☆ ✇ Naked Security

S3 Ep97: Did your iPhone get pwned? How would you know? [Audio + Text]

By Paul Ducklin — August 25th 2022 at 15:37
Latest episode - listen now! (Or read the transcript if you prefer the text version.)

☐ ☆ ✇ McAfee Blogs

7 Signs Your Phone Has a Virus and What You Can Do

By McAfee — August 25th 2022 at 02:04

Our phones store a lot of personal data, including contacts, social media account details, and bank account logins. We use our smartphones for everything under the sun, from work-related communication to online shopping. 

However, like computer viruses, our phones can be vulnerable to malware. Viruses are a type of malware that replicate themselves and spread throughout the entire system. They can affect your phone’s performance or, worse, compromise your sensitive information so that hackers can benefit monetarily. 

In this article, we give you a rundown of viruses that can infect your phone and how you can identify and eliminate them. We also provide some tips for protecting your phone from viruses in the first place. 

Can iPhone and Android devices get viruses?

iPhones and Android devices run on different operating systems. So, there are differences in the viruses that affect each type of mobile device and how resistant each operating system is to viruses.  

Viruses have a harder time penetrating iOS because of its design (although iOS hacks can still happen). By restricting interactions between apps, Apple’s operating system limits the movement of an iPhone virus across the device. However, if you jailbreak your iPhone or iPad to unlock tweaks or install third-party apps, then the security restrictions set by Apple’s OS won’t work. This exposes iPhone users to vulnerabilities that cybercriminals can exploit.   

While Android phones are also designed with cybersecurity in mind, their reliance on open-source code makes them an easier target for hackers. Android devices allow users to access third-party apps not available in the Google Play Store 

Main types of phone viruses

Cybercriminals today are sophisticated and can launch a variety of cyberattacks on your smartphone. Some viruses that can infect your phone include:  

  • Malware: Malware encompasses programs that steal your information or take control of your device without your permission. 
  • Adware: These are ads that can access information on your device if you click on them. 
  • Ransomware: These prevent you from accessing your phone again unless you pay a ransom to the hacker. The hacker may use personal data like your pictures as blackmail. 
  • Spyware: This tracks your browsing activity, then steals your data or affects your phone’s performance. 
  • Trojan: Aptly named, this type of virus hides inside an app to take control of or affect your phone and data. 

How do phones get viruses?

Smartphones and computers get viruses in a similar way. The most common include: 

  • Clicking on links or attachments from unverified sources. These are most commonly distributed as emails and SMS. 
  • Clicking on seemingly innocent ads that take you to an unsecured webpage or download mobile malware to your device. 
  • Visiting suspicious websites, often by ignoring security warnings. 
  • Downloading malicious apps from an unverified source, usually outside the Apple App Store or Google Play Store. 
  • Connecting your phone to an unsecured internet connection like public Wi-Fi (McAfee offers a secure VPN that makes it safe to use unsecured Wi-Fi networks by encrypting your data.) 

7 signs your phone has a virus

Now that you know how your phone could be the target of a virus, look out for these seven signs to determine if your device has been infected with malicious software. 

You see random pop-up ads or new apps 

Most pop-up ads don’t carry viruses but are only used as marketing tools. However, if you find yourself shutting pop-up ads more often than usual, it might indicate a virus on your phone. 

Don’t open any apps in your library that you don’t remember installing. Instead, uninstall them immediately. These apps tend to carry malware that’s activated when the app is opened or used. 

Your device feels physically hot

Your phone isn’t built to support malware. When you accidentally download apps that contain malware, the device has to work harder to continue functioning. In this case, your phone might be overheating. 

Random messages are sent to your contacts

If your contacts receive unsolicited scam emails or messages on social media from your account, especially those containing suspicious links, a virus may have accessed your contact list. It’s best to let all the recipients know that your phone has been hacked so that they don’t download any malware themselves or forward those links to anybody else. 

The device responds slowly

An unusually slow-performing device is a hint of suspicious activity on your phone. The device may slow down because it needs to work harder to support the downloaded virus. Alternatively, unfamiliar apps might be taking up storage space and running background tasks, causing your phone to run slowly. 

You find fraudulent charges on your accounts

Be sure to follow up on charges on your credit card or transactions in your banking statements that you don’t recognize. It could be an unfamiliar app or malware making purchases through your account without your knowledge. 

The phone uses excess data

A sudden rise in your data usage or phone bill can be suspicious. A virus might be running background processes or using your internet connection to transfer data out of your device for malicious purposes. 

Your battery drains quickly

An unusually quick battery drain may also cause concern. Your phone will be trying to meet the energy requirements of the virus, so this problem is likely to persist for as long as the virus is on the device. 

How can I check if my phone has a virus?

You may have an inkling that a virus is housed inside your phone, but the only way to be sure is to check.  

An easy way to do this is by downloading a trustworthy antivirus app. The McAfee Mobile Security app scans for threats regularly and blocks them in real time. It prevents suspicious apps from attaching themselves to your phone and secures any public connections you might be using. 

How to remove a virus from Android and iPhone

If you detect a virus on your iPhone or Android device, there are several things you can do.  

  • Download antivirus software like McAfee’s award-winning antivirus software or a mobile security app to help you locate existing viruses and malware. By identifying the exact problem, you know what to get rid of and how to protect your device in the future. 
  • Do a thorough sweep of your app library to make sure that whatever apps are on your phone were downloaded by you. Delete any apps that aren’t familiar. 
  • To protect your information, delete any sensitive text messages and clear history regularly from your mobile browsers. Empty the cache in your browsers and apps. 
  • In some instances, you may need to reboot your smartphone to its original factory settings. This can lead to data loss, so be sure to back up important documents to the cloud. 
  • Create strong passwords for all your accounts after cleaning up your phone. You can then protect your passwords using a password management system like McAfee True Key, which uses the most robust encryption algorithms available so only you have access to your information.  

7 tips to protect your phone from viruses

It’s never too late to start caring for your phone. Follow these tips to stay safe online and help reduce the risk of your phone getting a virus. 

  • Only download an app from a trusted source, i.e., the app store or other verified stores. You should read app reviews and understand how the app intends to use your data. 
  • Set up strong, unique passwords for your accounts instead of using the same or similar passwords. This prevents a domino effect in case one of the accounts is compromised. 
  • Think twice before you click on a link. If you believe it looks suspicious, your gut is probably right! Avoid clicking on it until you have more information about its trustworthiness. These links can be found across messaging services and are often part of phishing scams. 
  • Clear your cache periodically. Scan your browsing history to get rid of any links that seem suspicious. 
  • Avoid saving login information on your browsers and log out when you’re not using a particular browser. Although this is a convenience trade-off, it’s harder for malware to access accounts you’re not logged into during the attack.  
  • Update your operating system and apps frequently. Regular updates build upon previous security features. Sometimes, these updates contain security patches created in response to specific threats in prior versions. 
  • Don’t give an app all the permissions it asks for. Instead, you can choose to give it access to certain data only when required. Minimizing an application’s access to your information keeps you safer. 

Discover how McAfee Mobile Security keeps your phone safe

McAfee Mobile Security is committed to keeping your mobile phone secure, whether it’s an iPhone or Android device. In addition to regularly scanning your phone to track suspicious activity, our technology responds to threats in real time. Our comprehensive tools also secure your internet connections and let you browse peacefully. Using our app makes sure that your phone and data are protected at all times.  

So, what are you waiting for? Download McAfee Mobile Security today!  

The post 7 Signs Your Phone Has a Virus and What You Can Do appeared first on McAfee Blog.

☐ ☆ ✇ The first stop for security news | Threatpost

iPhone Users Urged to Update to Patch 2 Zero-Days

By Elizabeth Montalbano — August 19th 2022 at 15:25
Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.
❌