Did you know that an attacker can flood your house via the water dispenser on your connected refrigerator? Or that bluetooth enabled locks can be picked from ¼ of a mile away using radio frequencies? I didn’t either, until I attended this year’s DefCon 24, an annual hacking convention in Las Vegas.
While a hotel in Las Vegas full of 22,000 hackers sounds like it might not be a good idea, it’s just the opposite. The purpose of this conference is to bring together Internet security professionals from all over the world to help educate, inform and learn how to make the Internet a safer place...
A form of phishing, smishing is when someone tries to trick you into giving them your private information via a text or SMS message. Smishing is becoming an emerging and growing threat in the world of online security. Read on to learn what smishing is and how you can protect yourself against it.
Put simply, smishing is any kind of phishing that involves a text message. Often times, this form of phishing involves a text message in an SMS or a phone number. Smishing is particularly scary because sometimes people tend to be more inclined to trust a text message than an email. Most people a...
This year, Norton visited DefCon 24, a hacking conference held in Las Vegas. Established in 1993, this conference is designed to bring together people from all realms of the Internet security sector to explore the latest threats that are currently on the Internet, and to learn how to get ahead of them. This year, the conference had a record-breaking attendance of 22,000 people ranging from hackers, coders, journalists (me!), security researchers and even federal government employees.
This was my first time attending this conference, and although I did my research on it, it was beyond my e...
You’re probably familiar with 3G, 4G, and Wi-Fi hotspots. In today’s increasingly connected mobile world, there are a variety of ways to get and stay connected to the Internet, but what’s really the safest way?
Truth be told, nothing is 100% safe. However, there are ways that you can beef up your own security to get as close to that 100% as possible. It begins with understanding what these technologies are, and the risks that come along with them.
How Do Mobile Devices Connect to the Internet?
Let’s break down the three different ways your mobile device can connect to the Internet, and...
Mobile payment apps are changing the way we do business, but they can also be convenient ways to send money to friends and family. It’s easier than ever to send money to the people who need it, but also easier than ever for hackers to gain access to that money before it gets where you want it. How do you keep yourself and your money safe, while also being able to access the convenience of mobile payment apps?
How Mobile Payment Apps Work
You can pay using your phone, even without apps. Some companies, such as your phone company, allow you to pay your bill using standard text messaging....
File sharing technology is an easy way for individuals or institutions to transfer content on the internet. There are several peer-to-peer (P2P) applications and services available. Some applications are free and others offer paid subscriptions for larger storage capacity, speedier service or extra security. File sharing is a very common activity for most online users, but file sharing also makes you susceptible to various online threats including identity theft, infection or attack.
If you plan on using file sharing technology be sure personal data and other sensitive materials are secur...
Children are among the most active Internet users, and are unfortunately subject to a number of threats. If you allow your children to spend considerable time surfing the web, it’s important to know what threats they face so you may deal with them accordingly.
Surfing the Internet means possible exposure to online scams, something your children might not have any concept of. If you’re allowing them to go online, it’s imperative that you discuss online scams. Such scams come in a variety of guises, including those that specifically target children.
Let’s look at how to best protect your kiddies from those who would scam them:
Educate Yourself First
The first step in protecting your children from online scams is to educate yourself on the types of scams currently floating around the Internet. One type of scam is the free trial offer, which clai...
Malware has become a catchall term for various types of cyber security risks, such as viruses, Trojan horses, worms, adware, ransomware and spyware. Many of us use these terms interchangeably to describe strange symptoms or behaviors encountered on a computer. However, all of them share a common goal, which is to compromise the safety of your devices. Symptoms of malware may appear obvious or discrete; knowing how to detect these dangerous intrusions will help you determine how to go about fixing the problem should it ever occur.
Malware is short for malicious software and refers to pro...
Have you ever run your Internet security software only to find out that there’s malware on your computer? How did it get there? When you’re running a full Internet security suite, it can be very frustrating to find out that, despite your best efforts, there’s malware on your computer anyway. The fight against malware is a complicated arms race of sorts. Here’s how it works.
The Four Components of the Malware Arms Race
There are three main players in the malware arms race:
The malware coders are, unfortunately, generally the winners of the arms race. They write mali...
Every spring the NCAA college basketball tournament — known as March Madness — turns workplaces into play spaces. Betting on brackets and watching games seem more suited to sports bars, but since many of the games are played during the workday, it’s not unusual for otherwise dedicated employees to schedule in some pleasure along with business. However, March Madness can cost workers and small business owners much more than productivity as cybercriminals target unsuspecting fans with malware.
When you’re using the Internet, your Internet security suite can only go so far to protect you from potential dangers like spyware, ransomware and malware. You have to do some of the work yourself, because there are some threats that no Internet security suite can protect you against.
Social engineering is a good example of this. Social engineering is a technique that cybercriminals use, which involves human-to-human interaction in order to get the user to divulge information. Based on exploiting human nature and emotional reactions, there are many ways that attackers can try to trick y...
Spam is a problem on the Internet, coming at us from just about every angle of the online space. Some spammers develop sophisticated, well-planned strategies, while others can be sloppy and still drive results. Either way, spam tactics come in a variety of shades, and it’s up to users to identify signals early on and avoid unsolicited content.
Here’s a look at some spam tactics used in popular Internet spaces. Become familiar with these tactics to help identify them and avoid them whenever possible.
Spam on Social Media
A lot of the time, spam on social media is just bad social med...
As winter drags on, almost everyone starts to look forward to spring — but perhaps no group looks forward to March quite as much as true-blue baseball fans. After all, its arrival means Cactus League and Grapefruit League spring training baseball camps open in Arizona and Florida. If you decide to go big, just remember to watch for scams when buying merchandise or tickets online — or you might find yourself striking out on Internet security.
A browser hijacker is defined as a “form of unwanted software that modifies a web browser’s settings without the user’s permission.” The result is the placement of unwanted advertising into the browser, and possibly the replacement of an existing home page or search page with the hijacker page. The idea is to make users visit certain websites whether they want to or not so the hijacker enjoys higher advertising revenue. Browser hijackers may also contain spyware to obtain banking information and other sensitive data.
As frustrating as browser hijackers can be, they luckily aren’t terribly...
It’s barely spring and already you’re thinking about vacation. Where will you go? What will you do? Who will you meet? Vacations are an exciting, happy time for people to get away and avoid the everyday worries of home. But the fun and leisure comes to a screeching halt in the event that your personally data is compromised while traveling.
Vacations can often put your personal information at risk, due to careless missteps in how you go about preparing to leave, how you communicate while on vacation, and what you share on social media.
Here are seven ways to ensure your data stays safe wh...
Thanks to the Internet, booking travel online is simple. But as your ideas of a spring break or summer vacation take shape, remember to be cautious when making reservations online. The number of phony travel booking websites is growing because they’re so successful at scamming consumers. Learn what to do so you don’t take a quick trip to Fraudville instead of your dream destination.
Bots, or Internet robots, are also known as spiders, crawlers, and web bots. While they may be utilized to perform repetitive jobs, such as indexing a search engine, they often come in the form of malware. Malware bots are used to gain total control over a computer.
One of the typical “good” bot uses is to gather information. Bots in such guises are called web crawlers. Another “good” use is automatic interaction with instant messaging, instant relay chat, or assorted other web interfaces. Dynamic interaction with websites is yet another way bots are used for positive purposes.
There are few times your smartphone or tablet will be more at risk than when you go on vacation. Although these items have been specifically designed to accompany you on your travels, they’re full of personal information that can put you, your finances, and your personal property at risk.
There’s no reason to assume the worst when you go on vacation, but you can greatly reduce your chances of a security breach by preparing your smartphone or tablet ahead of time and remaining vigilant while on your trip. Here’s how to prepare a smartphone or tablet before you go on vacation.
According to several studies on cost of ownership, users should replace their computer devices every four years. Not everyone will need to upgrade his or her computer every four years, but it’s a good rule to follow to ensure your data is safe and properly protected online.
To help you remember, every time we have a leap year ask yourself: when was the last time I bought a new computer? If you can’t remember, chances are you may be due for an upgrade. Once you’re ready to make the switch, you’ll need to follow a few steps to ensure your old technology has been properly wiped and recycled,...
Mention “cookies,” and most people expect a treat to appear. When talking about computers, however, cookies aren’t what’s on the dessert menu. In fact, they’re not even physical objects. Yet they do a great deal of the work that makes it possible for you to browse the Internet—and they can cause trouble if you don’t know how to manage them.
Meet the Cookie
A computer “cookie” is more formally known as an HTTP cookie, a web cookie, an Internet cookie, or a browser cookie. The name is a shorter version of “magic cookie,” which is a term for a packet of data that a computer receives, then s...
Have you heard of something called cyber hygiene? Surely brushing teeth and taking showers isn’t something we traditionally associate with technology—yet the term is a useful metaphor for those of us who need to make smart decisions about our smart devices.
Good hygiene is something we’re taught as children and something that generally sticks with us for the rest of our lives. It involves three basic principles: using products/tools that fit our hygiene needs, performing these hygienic tasks correctly, and establishing a routine.
But what does that have to do with your computer?
Realizing your mobile device has been stolen is a sickening feeling, and often one that elicits panic. As challenging as it may be, you must remain calm so you can take the necessary steps to retrieve the device, or at least keep your data protected. You may never see your phone again, but you’ll know that your personal information is safe from those who would abuse it.
Let the Right People Know
The first thing to do is to let the authorities know your mobile device was stolen. File a report with the police—not only is this helpful for insurance purposes but it also increases recovery ch...
The security argument between Apple’s iOS and Google’s Android system for smartphones is heating up yet again. In a recent study conducted by Daniel R. Thomas, Alastair R. Beresford, and Andrew Rice at the University of Cambridge, research concluded that 90 percent of Android devices are exposed to at least one critical vulnerability.
The threat model was constructed using three common attack vectors: installation attack (malicious codes installed through app download); dynamic code loading (an existing app downloads new malicious codes); and injection (an attacker injects malicious code...
Falling for an email scam is something that can happen to anyone. It’s a frightening concept, and one that frequently results in undiluted panic. Also known as a phishing scam, an email scam involves using email and fraudulent websites to steal sensitive information such as passwords, credit card numbers, account data, addresses, and more.
Fraudulent emails are crafted to appear legitimate, such as messages from your bank or another trusted source. They request personal information, which criminals then use for identity theft.
So what should you do if you find yourself a victim of an e...
Companies of all sizes use online surveys to gather important market research, which they later utilize to direct product development and marketing initiatives. This critical step in the marketing process is appealing to some online users because they get paid to complete surveys, and earn rewards or special discounts from popular brands. Some surveys aren’t paid at all, offering consumers little more than the opportunity to participate in the development process of a product or service.
There’s been a lot of hype about people allegedly making a living off of these online surveys, causing...
Once upon a time, a photograph provided only the information one could see in the physical print—no hidden data about locations, time and date, or the device that took the photo.
With the advent of easy digital photography, however, connecting extra information to the photos became easy as well. This information, known as “metadata,” might include items like the GPS coordinates of the photo’s location, the date and time it was taken, the camera type and shutter settings, and the software used to edit the photo.
Many digital photographers don’t realize that their photos might carry this...
If you’re like most people, you don’t read the Terms of Service when you get a new app or buy a new device. That’s a big mistake, because a lot of apps on the market that are less-than-ideal, known as “grayware,” count on you allowing them access to your information. They know most people don’t read the Terms of Service, so their Terms of Service include language authorizing a massive invasion of your privacy. At the same time, you might have noticed that most Terms of Service is just boilerplate. How do you read the Terms of Service and find out what you need to know about privacy without...
February 8th is National Clean out Your Computer day, and as they say, “Cleanliness is next to Godliness.” For centuries, this saying applied to tasks like scrubbing the floors and dusting the bookcases. Today, however, it applies to your computer just as much as it does to your house.
When you “clean” your computer, you don’t just dust off the keyboard and wipe fingerprints from the screen. You also pay attention to the state of the hard drive, updating software and removing old programs.
Cleaning both your computer’s hardware and its software matters.
Clean hardware help...
Biometrics are part of the cutting edge of technology. Put simply, biometrics are any metrics related to human features. Fingerprinting is a very early and simple version of biometrics, like when you login to your phone using your fingerprint. As with any emerging technology, the first question you should ask is if they are safe.
How Do Biometrics Work?
If you’ve ever put your fingerprint into an device, you have a vague idea of how biometrics work. Basically, you record your biometric information, in this case a fingerprint. The information is then stored, to be accessed later for compa...
A distributed denial-of-service (DDos) attack is one of the most powerful weapons on the Internet. Most times that you hear about a website being “brought down by hackers” what that means is that it’s become a victim of a DDoS. A distributed denial-of-service (DDos) attack is one of the most powerful weapons on the Internet. Most times that you hear about a website being “brought down by hackers” what that means is that it’s become a victim of a DDoS.
Cyber criminals are not run-of-the-mill street hooligans. Assailants of online crimes are educated, tech-savvy, sophisticated individuals who don’t care if you prefer PC to Mac or vice versa. There has been considerable debate in the tech arena regarding the security of one machine over the other. Are PCs more prone to cyber attacks? Is a Macbook really less vulnerable to online threats? The debate wages on.
For a long time Mac users enjoyed a period of peace—they felt impervious to threats, only to realize years later that the sophisticated hacker would eventually evolve to this platform...
Identity theft is the most common complaint lodged with the Federal Trade Commission, to the tune of 11.7 million a year. That means roughly one-in-five Americans over the age of 16 have become victims of identity theft. 14 percent of those victims experienced a monetary loss of $1 or more. Half of all victims resolved the issue within a day, but nearly one-third (29 percent) had to spend a month or more getting their life back on track. While identity theft gets a lot of the press, there are other forms of fraud out there, both on the Internet and off. The good news is that there are a my...
Malware isn’t just for laptops and desktops. In fact, it can be a lot easier for malware to end up on your mobile phone or tablet than your computer. When it comes to mobile malware, a little bit of paranoia goes a long way. Malicious apps can steal your personal information, including sensitive financial information that can then be used to steal your identity. A lot of malware ends up on your phone due to malicious apps. So what are signs that you might already have a malicious app on your phone?
Slow Internet Connections
A slow Internet connection doesn’t always mean malware, but it...
Looking for employment today is dramatically different from how it was just two decades ago. It’s rare to just walk into a business, fill out an application, and get hired within the same day; today’s job hunt often begins and ends online.
With connected kids today, it can be a full-time job for parents to be able to monitor their online activities. We’ve put together some helpful tips and guidelines so that you and your whole family can enjoy social media safely.
Our favorite holiday IT elf is back with some more holiday shopping tips! This week he reviews "paper or plastic," and we're not talking about grocery bags.
Most people are unaware of the fact that you don’t have to intentionally download a malicious attachment in order to compromise your computer’s security. Malicious websites and drive-by downloads are just two ways that your security can become compromised by doing nothing more than visiting a website.
Thanksgiving not only marks the start of the fantastic holiday season—it’s also a time to reflect on what you’re thankful for. One of the many things to be thankful for this holiday is cybersecurity, which has gotten more and more advanced as of late.
Malvertising is a shortened term for malicious advertising, and is defined as using online advertising to spread malware. Malvertising requires placing malware-laden advertisements on legitimate web pages and through authentic online advertising networks in order to infect a web browser and device. Often, it’s very difficult to distinguish between legitimate and malicious online ads.
The holidays are just around the corner, and that means many of us will be making purchases online to avoid large crowds and busy mall traffic, especially during Black Friday and Cyber Monday.
Encryption is the process of protecting personal data, often with a form of “secret code,” so that it cannot be read by anyone who doesn’t have the code key. Today, huge amounts of personal information are managed online, via computer applications, and stored in the cloud, or servers with an ongoing connection to the Web.
A “denial of service” or DOS attack is used to tie up a website’s resources so that users who need to access the site cannot do so. Many major companies, have been the focus of DOS attacks in recent years. Because a DOS attack can be easily engineered from nearly any location, finding those responsible can be next to impossible.
Ransomware is a form of malware that will lock files on a computer using encryption. Encryption converts files into another format, like a secret code and can only be decoded by a specific decryption key.
Types of Ransomware
Ransomware can present itself in two forms.
Locker ransomware will encrypt the whole hard drive of the computer, essentially locking the user out of the entire system.
Crypto ransomware will only encrypt specific, seemingly important files on the computer, such as word documents, PDFs and image files.
Once the ransomware installs itself, ...
According to the credit reporting firm Experian, the average Internet user has about 19 different online accounts, for which they only have seven different passwords. In addition, one in ten users never change their online passwords, and one in 20 uses the same passwords for all of their online accounts.
Those statistics definitely show that the password system is broken. When passwords were invented in the 60's, they were rather simplistic, as there was not a wide scale need for them. Today we have passwords for an exponential amount of web services. Couple that with the fact that we no...
When you think of espionage, characters like James Bond might come to mind- having to travel halfway around the world, pretending to be someone they’re not, infiltrating organizations and stealing secrets. Even though James Bond is just a fictional character, old school spies like that do exist. However, with the advancement of all of our data becoming digitized, we’re quickly becoming introduced to the new school version of spies- cyber spies.
New school espionage simplifies the spying process extremely. Companies and institutions store almost an overabundance of data in their systems. I...
It may seem like stories of massive data breaches are popping up in the news on a weekly basis these days. Unfortunately, this is not surprising. As technology progresses, all of our information moves to the digital world, and, as a result, cyber attacks are becoming the new wave of crime. Corporations and even small businesses are extremely attractive targets to cybercriminals, simply due to the large payday of data that can be nabbed in one fell swoop.
What is a data breach and how and why do they happen?
The main reason that cybercriminals are stealing personal information is for us...
Not all hackers are inherently bad. When used in mainstream media, the word, “hacker,” is usually used in relation to cyber criminals, but a hacker can actually be anyone, regardless of their intentions, who utilizes their knowledge of computer software and hardware to break down and bypass security measures on a computer, device or network. Hacking itself is not an illegal activity unless the hacker is compromising a system without the owner’s permission. Many companies and government agencies actually employ hackers to help them secure their systems.
Guest post by Jeff Barto, Trust Strategist, Evangelist & Website Security Advocate for Symantec
In 1994, the first online purchase crossed the World Wide Web: a large pepperoni pizza with mushrooms and extra cheese from Pizza Hut. Over the next 20 years, e-commerce has exploded into a bustling economy, exceeding $1.2 trillion in sales in 2013.
This growth in online purchases rests upon a foundation of trust. People trust that the websites they use to track finances and make online purchases are secure and legitimate largely because of Secure Socket Layer (SSL) certificates- otherwi...
In other posts, we’ve explained the different types of malware on the threat landscape, and some of the less complicated ways your computer can become infected with malware. In this article we’ll talk about the more complicated types of attacks that cybercriminals use to try to get your information.
Exploit kits are malicious toolkits that attackers use to search for software vulnerabilities on a target’s computer. The kits come with prewritten code that will search for the vulnerabilities, and once it is found, the kit can then inject malware into the computer through tha...