Protecting your financial information is important, and it doesn’t have to be difficult. When on-the-go tools such as mobile banking apps make managing financial tasks easy, you should also take precautions to manage the risk of accessing sensitive financial information anytime, anywhere. This Credit Education Month, practice safe online habits with a few easy tips.
Taking Basic Security Precautions
Take precautions to make sure that your online financial management activities are secure. Be aware and vigilant by practicing these safe online habits:
Make sure the websites with which you...
We all know that the Internet can house all kinds of cyber scams and exploits, but did you know that certain kinds of websites are statistically more likely to host malware than others? You might think avoiding the obviously dodgy corners of the Internet is enough, but in fact approximately 67 percent of websites used to distribute malware are legitimate but compromised sites. You could be visiting them every day.
Software is constantly changing, and it takes time and resources to keep a website running on the latest, fully patched software. According to Symantec’s security expert, Kevin ...
With the New Year ahead, and cyber threats continuing to loom over businesses, 2015 will likely bring more sophisticated and complex attacks. Security analysts called 2013 “The Year of The Mega Breach.” According to Symantec’s 2014 Internet Security Threat Report, businesses saw a 91 percent increase in targeted attacks and a 62 percent increase in the number of breaches. Additionally, the recent string of credit card breaches targeting major retailers also provide further reminder that cybercrime remains prevalent and that cyber threats show no sign of slowing down. The exploitable vuln...
Top 5 Tips To Protect Your Identity On Campus
Back to school season is upon us, and while you are caught up in the enthusiasm of moving into your new dorms and ogling your class schedules, it is doubtful that the thought of protecting your identity is at the forefront of your mind. However, with 41% of adults having fallen victim to attacks such as malware, viruses, hacking, phishing scams, fraud and theft last year, it’s important to take practical action to keep your information safe on campus.
There are the obvious precautions to take in protecting your devices, such as never le...
The Internet threat landscape was booming last year for cybercriminals. We reported on 54 major events in 2016. And that’s not counting the little stuff. The threat landscape shifted slightly in the past year, and we have seen some new trends. However, some of the older ones are sticking around and still going strong.
New Threat Predictions for 2017
1. The Internet of Things
The First Major Attack on IoT Devices
2016 was the breakout year for attacks on IoT devices. In October, the first massive cyber attack involving IoT devices, such as webcams and DVRs, occurred. The Mirai B...
Mobile devices are popular with employees and travel, granting them the ability to work while on the go. However, the information on these devices is very vulnerable if it were to fall into the wrong hands. Here are some tips on traveling with your company's data.
Email, cell phones, Facebook and now Twitter all have something in common: they are being used by fraudsters for phishing attacks. If you are a Twitter subscriber you should be aware of these recent phishing efforts and how to protect yourself. You may even have received a warning from Twitter in the past few days.
Here's the short and sweet (if I were really good at Twittering, I'd write this entry in 140 character segments but I'll spare you in the interest of getting you the facts):
Chris Pirillo broke the story on January 3rd: "Phishing Scam Spreading on Twitter" just a few moments aft...
The message might have come in early yesterday on your Twitter feed, "Want to know whos stalking you on twitter!?: http://twitviewer.net/" You might have clicked the link to visit the website. It all happened so fast, the fabulous offer (heck yeah, I want to know who the last 200 people are to look at my Twitter profile!) and the large scale distribution of the "tweet". Even seasoned journalists who should always wear their cynical and world-weary thinking caps fell for it. Yes, Virginia, it was a phishing scam that required people to cough up their Twitter username and password. It's true...
If you know anything about online security, you know that your phone is even more susceptible to malware than your computer. It gets worse. Once your phone is hacked, your computer can easily be next. That’s because your total online security is only as secure as the weakest link in the chain.
With the Internet threat landscape rapidly growing, online crime has become a fact of life. While we read about breaches and identity theft every day in our news outlets, we wanted to better understand Norton Cybersecurity Insights Report how you, the consumer, are impacted on a more human level. The Norton Cybersecurity Insights Report captures how consumers perceive and react to online transactions and threats prevalent on the Internet today.
As a follow-up to my earlier post this week, I noticed that Walt Mossberg posted today a helpful article and short video clip on "social engineering" that offers several specific tips on avoiding online scams. For example:
1. Never, ever click on a link embedded in an email that appears to come from a financial institution, even if it’s your own bank or brokerage and even if it looks official right down to the logo. The same goes for payment or auction services, like PayPal or eBay (EBAY).
More solid tips are available at Mossberg's All Things Digital site.
I also recommend related post...
Introducing “Zero Days,” the real-life cyber warfare documentary featuring Symantec cyber-security experts Eric Chien and Liam O’Murchu.
You may have heard about the Stuxnet virus in the media over the years. However, brief news reports don’t even begin to uncover the darkness of this threat. In “Zero Days,” director Alex Gibney takes a deeper look at the sophisticated piece of weapons-grade malware that destroyed a part of an Iranian nuclear facility, as well as help facilitate espionage by spying on its target.
This thrilling documentary discusses the complexity of the virus with Sy...
Today we are proud to announce the launch of the second installment in our documentary series "The Most Dangerous Town on the Internet."
In episode one, we visited the town Râmnicu Vâlcea, which is better known as "Hackerville." In the first film, we met hackers from all walks of life, including white, grey and black hat hackers, and talked to them about their motivations behind what they do.
In the second installment, we travel all corners of the globe to find out where cybercrime goes to hide, by exploring what is called Bulletproof Hosting. While the hacker is the operator of the att...
This Blog is dedicated to you - as a past, present or future user of our products. A large team of our product managers, engineering, testers and designers will regularly be posting directly to this blog. Each of us care passionately about security, and share the responsibility to design, develop and test the solutions that protect our customers.
It is my hope that, through this Blog, you will be able to hear directly from the people who are working on the Norton products. Through your feedback, whether it is frustrations, accolades, opinions or ideas about our products, I believe we c...
Bots, or Internet robots, are also known as spiders, crawlers, and web bots. While they may be utilized to perform repetitive jobs, such as indexing a search engine, they often come in the form of malware. Malware bots are used to gain total control over a computer.
One of the typical “good” bot uses is to gather information. Bots in such guises are called web crawlers. Another “good” use is automatic interaction with instant messaging, instant relay chat, or assorted other web interfaces. Dynamic interaction with websites is yet another way bots are used for positive purposes.
A browser hijacker is defined as a “form of unwanted software that modifies a web browser’s settings without the user’s permission.” The result is the placement of unwanted advertising into the browser, and possibly the replacement of an existing home page or search page with the hijacker page. The idea is to make users visit certain websites whether they want to or not so the hijacker enjoys higher advertising revenue. Browser hijackers may also contain spyware to obtain banking information and other sensitive data.
As frustrating as browser hijackers can be, they luckily aren’t terribly...
Mention “cookies,” and most people expect a treat to appear. When talking about computers, however, cookies aren’t what’s on the dessert menu. In fact, they’re not even physical objects. Yet they do a great deal of the work that makes it possible for you to browse the Internet—and they can cause trouble if you don’t know how to manage them.
Meet the Cookie
A computer “cookie” is more formally known as an HTTP cookie, a web cookie, an Internet cookie, or a browser cookie. The name is a shorter version of “magic cookie,” which is a term for a packet of data that a computer receives, then s...
Most people are unaware of the fact that you don’t have to intentionally download a malicious attachment in order to compromise your computer’s security. Malicious websites and drive-by downloads are just two ways that your security can become compromised by doing nothing more than visiting a website.
Numerous laws in the U.S. cover Internet, data security, and privacy in the United States, with the 1974 Privacy Act arguably being the foundation for it all. The Privacy Act passed to establish control over the collection, maintenance, use, and dissemination of personal information by agencies in the executive branch of the U.S. government.
The invention of the Internet changed the definition of privacy, and made it necessary to enact new laws concerning electronic communications and security.
Let’s review some of the laws currently in place to provide a more solid idea of your rights a...
Now that the latest version of Norton Internet Security and Norton 360 are released, you may have noticed some improvements to the Norton Toolbar - the Share button and the Online Vault. Below is an explanation of the changes, and why we wanted them in the product.
Why Online Vaults?
The Online Vault is Convenient.
- It provides access to your most sensitive data from any iOS, Android, PC, or Mac device and from *any* device with a web browser.
- It automatically synchronizes data across devices.
The Online Vault is Secure.
- Norton uses 256bit AES encryption to encrypt the data. Thi...
The IRS has announced that it will be notifying taxpayers after third parties gained unauthorized access to information on about 100,000 accounts through the “Get Transcript” online application. You can view more about the breach via a statement on the IRS’s website.
More About Identity Theft:
According to the Federal Trade Commission’s 2014 Consumer Sentinel Network Data Book, identity theft once again tops consumer complaint categories in 2014. Identity theft can be committed in many ways: from non-technical methods such as stealing purses or “dumpster diving” for documents that have ...
The Internet is filled with threats to online security. Many of these threats are just productive, positive technologies turned to evil use. The botnet is an example of using good technologies for bad intentions. A botnet is nothing more than a string of connected computers coordinated together to perform a task. That can be maintaining a chatroom, or it can be taking control of your computer. Botnets are just one of the many perils out there on the Internet. Here’s how they work and how you can protect yourself.
Botnets are the workhorses of the Int...
A distributed denial-of-service (DDos) attack is one of the most powerful weapons on the Internet. Most times that you hear about a website being “brought down by hackers” what that means is that it’s become a victim of a DDoS. A distributed denial-of-service (DDos) attack is one of the most powerful weapons on the Internet. Most times that you hear about a website being “brought down by hackers” what that means is that it’s become a victim of a DDoS.
In a sense, a man-in-the-middle attack (MITM) is like eavesdropping. Data is sent from point A (computer) to point B (server/website), and an attacker can get in-between these transmissions. They then set up tools programmed to “listen in” on transmissions, intercept data that is specifically targeted as valuable, and capture the data. Sometimes this data can be modified in the process of transmission to try to trick the end user to divulge sensitive information, such as log in credentials. Once the user has fallen for the bait, the data is collected from the target, and the original data...
Many VPN providers safeguard their customers’ anonymity by offering a no-log network, meaning that they do not collect, or “log,” any information transmitted through the network. They don’t save information about your personal details, where you go online, what you download, or what you search for. Therefore your privacy and anonymity are protected from everybody — even your VPN provider.
A computer virus, much like a flu virus, is designed to spread from host to host and has the ability to replicate itself. Similarly, in the same way that viruses cannot reproduce without a host cell, computer viruses cannot reproduce and spread without programming such as a file or document.
In more technical terms, a computer virus is a type of malicious code or program written to alter the way a computer operates and that is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that...
If you’ve ever wondered if it’s safe to use public Wi-Fi, you are not alone. In fact, according to the Norton Cybersecurity Insights Report, 6 in 10 consumers believe using public Wi-Fi is riskier than using a public restroom. And it is. Surfing the Web or transacting on an unsecured Wi-Fi network means you’re placing your private information and anonymity at risk. That’s why a virtual private network, better known as a VPN, is a must for anyone worried about online security and privacy.
You’ve heard of malware, ransomware, botnets, and the like. What you don’t hear about is the technology behind these threats. These threats all have to come from somewhere, they’re not just out there floating around on the internet- they have to be stored someplace. Since a majority of these threats are illegal in a lot of countries, this is where bulletproof hosting helps facilitate these threats.
To clearly understand what bulletproof hosting is, we should first take a step back and talk about regular hosting. A regular web hosting service is a company that operates a facility, usually ...
When you think of espionage, characters like James Bond might come to mind- having to travel halfway around the world, pretending to be someone they’re not, infiltrating organizations and stealing secrets. Even though James Bond is just a fictional character, old school spies like that do exist. However, with the advancement of all of our data becoming digitized, we’re quickly becoming introduced to the new school version of spies- cyber spies.
New school espionage simplifies the spying process extremely. Companies and institutions store almost an overabundance of data in their systems. I...
Online socializing has both good and bad sides to it. While it has opened a whole new dimension of ways to communicate and has added convenience to our lifestyles, it unfortunately has some unpleasant effects too.
If you’re like most Internet users, you’ve never even heard of grayware, adware or madware. That’s because these are all lower on the threat scale in the world of malicious programming. What’s more, they toe the line between legitimate programs and actively harmful applications.
Here’s your quick guide to the new wave of code you don’t want on your computer:
What Is Grayware?
Grayware is a more succinct name for “potentially unwanted programs.” It’s not a virus and it’s not as obviously malicious as a lot of other problematic code floating around on the Internet. Make no mistake about...
Malvertising is a shortened term for malicious advertising, and is defined as using online advertising to spread malware. Malvertising requires placing malware-laden advertisements on legitimate web pages and through authentic online advertising networks in order to infect a web browser and device. Often, it’s very difficult to distinguish between legitimate and malicious online ads.
A form of phishing, smishing is when someone tries to trick you into giving them your private information via a text or SMS message. Smishing is becoming an emerging and growing threat in the world of online security. Read on to learn what smishing is and how you can protect yourself against it.
Put simply, smishing is any kind of phishing that involves a text message. Often times, this form of phishing involves a text message in an SMS or a phone number. Smishing is particularly scary because sometimes people tend to be more inclined to trust a text message than an email. Most people a...
We talk about software vulnerabilities a lot, and the human versions of those are our emotions. When people are faced with frightening scenarios, their first impulse is to act first and think later. This is the exact “vulnerability” that social engineers depend upon for a successful attack.
Types of Social Engineering Attacks
Social engineering is a way that cybercriminals use human-to-human interaction in order get the user to divulge sensitive information. Since social engineering is based on human nature and emotional reactions, there are many ways that at...
Spear phishing isn’t what you do when you’re on vacation in Hawaii. It’s a targeted attack on your personal information. An updated version of the old trick “phishing,” where scam artists simply ask you for your password or other private information, spear phishing takes this trick to the next level, using social engineering. Before you respond to that email asking for you to verify your address or other personal information, read this article to protect yourself against spear phishing.
There are many layers to the Internet that you may not be aware of. There’s the part that everyone sees Facebook, YouTube, Twitter, news websites and everything else under the search engine sun. This is known as the “surface web.”
Not all hackers are inherently bad. When used in mainstream media, the word, “hacker,” is usually used in relation to cyber criminals, but a hacker can actually be anyone, regardless of their intentions, who utilizes their knowledge of computer software and hardware to break down and bypass security measures on a computer, device or network. Hacking itself is not an illegal activity unless the hacker is compromising a system without the owner’s permission. Many companies and government agencies actually employ hackers to help them secure their systems.
VoIP is an acronym for “voice over Internet Protocol.” That means any phone call that takes place over the Internet, rather than on landlines or through mobile towers. This alternative to traditional phone calls is gaining in popularity exponentially with both companies and consumers. Skype, Google Voice, and FaceTime are well-known and extremely popular examples of Internet telephony services. The question is: Are phone calls made over the Internet vulnerable to standard online security risks? The answer is yes, as is any other information transmitted this way, especially in light of recent hacks to VoIP apps. Read on to find out how to secure your VoIP calls.
Some 10 million identity thefts happen in the United States every year. Taking extra steps to protect your personal information—and knowing what information you need to safeguard—is the best way to prevent identity theft from happening to you. Let’s review this information to help you protect yourself as much as possible:
Among the information considered “low risk” in regard to personal information sensitivity is your full name, address, and phone number.
Information regarded as “medium” in terms of sensitivity includes your date of birth, place of bi...
You may have heard in the news recently that an Internet crime group, Carbanak, stole up to one billion USD by targeting the institutions themselves rather than individual customers. They transferred funds to controlled accounts and hacked ATMs via SMS messaging over the last two years. Cyber security experts at Symantec have been tracking Carbanak for some time now.
What can cybercriminals do with my data in the event of a banking or financial institution breach?
Cybercriminals are attracted to stealing data that they can make money from, such as credit and debit card numbers, bank a...
Stories of massive corporate data breaches in the media are becoming all too common today. So common that the FBI now considers cyber attacks on US companies one of its top law enforcement priorities. Unfortunately, as technology progresses and all of our information becomes more and more digitized, cyber attacks will continue to be an unfortunate part of our lives in the future. Corporations and even smaller businesses are an extremely attractive target to cybercriminals, simply due to the large payday of data that can be stolen.
What Can Cybercriminals Do With My Stolen Data?
Realizing your mobile device has been stolen is a sickening feeling, and often one that elicits panic. As challenging as it may be, you must remain calm so you can take the necessary steps to retrieve the device, or at least keep your data protected. You may never see your phone again, but you’ll know that your personal information is safe from those who would abuse it.
Let the Right People Know
The first thing to do is to let the authorities know your mobile device was stolen. File a report with the police—not only is this helpful for insurance purposes but it also increases recovery ch...
Falling for an email scam is something that can happen to anyone. It’s a frightening concept, and one that frequently results in undiluted panic. Also known as a phishing scam, an email scam involves using email and fraudulent websites to steal sensitive information such as passwords, credit card numbers, account data, addresses, and more.
Fraudulent emails are crafted to appear legitimate, such as messages from your bank or another trusted source. They request personal information, which criminals then use for identity theft.
So what should you do if you find yourself a victim of an e...
Symantec Maximum Repair (SMR) is a brand new security engine that drives our new Norton Power Eraser recovery tool. It combines aggressive heuristics and advanced removal capabilities to combat the newest and toughest threats. I thought I would share with you some of the background on why we developed this new engine.
Why the need?
The threat landscape has radically changed over the last few years and that has driven the need for new approaches to protection. Most notable are the following trends:
A new micro distribution model for malicious threats. A couple of years ago, the norm wa...
So, "Norton AntiVirus for Mac" has been around for a long time. Everyone seems to know it (alongside Norton Utilities for Mac, another topic for another time), but I gotta tell you, sometimes I think the name does the software a disservice. I mean, literally, as soon as I even say the name of the product, I inevitably hear, “But I thought Macs don’t get viruses!” Everywhere I get this. I was, no joke, getting a physical with my doctor, and when he was done he asked, “You know, I don’t mean to, well, whatever, but I thought that Macs didn’t get viruses.”Can I at least get my pants on before...
We at Norton are very excited to
share the Beta release for Norton Internet Security and Norton Antivirus 2012
products with you. Below are descriptions of the new features and great
enhancements provided with this release.
2012 introduces several new technologies to combat emerging threats.
Fake AV is one of the most visible and wide-spread threats that Internet users face today. Fake AV pretends to be security software and tempts the user to pay for it. Even worse, it can install additional malware on the system and claim the system is clean. New for 2012, we’ve included...
Consumers often shun software with even modest price tags in favor of the next tempting giveaway. But stop and think for a second and it’s pretty obvious these free downloads can’t really cost nothing, or the skilled people who make them wouldn’t be able to earn a living. No, free rarely means free, and you should always be wary of downloading more than you expected.
The acceptable way to monetise free software is to use advertising, and whether you’re okay with that will largely depend on how much you want that new app without paying for it. As the saying goes, “if you’re no...
We are very excited to release Norton Internet Security and Norton AntiVirus 2011. After undergoing months of Beta testing, getting feedback from our enthusiastic Norton community and incorporating much of that feedback, we are finally releasing what we think are our best products to date.
While this post is somewhat similar to the 2011 Beta post, it has some important additions that warrant an update.
2011 Security Features
In our 2009 products, we introduced Norton Insight which dramatically improved performance by not scanning known good files.
In 2010 products, we w...
The new Norton AntiVirus 2011 and Norton Internet Security 2011 beta products include several new and improved features which I'm going to detail here.
In our 2009 products, we introduced Norton Insight which dramatically improved performance by not scanning known good files.
In 2010 products, we went one step further by using reputation data to mark files as good, bad or unknown.
With 2011, we are enhancing this even more by providing fine-grained reputation information about files and by allowing users to perform a Reputation Scan of their files. You...
There’s already enough to stress about with the upcoming holiday season- finding the perfect present for everyone on your list, making holiday treats for friends and neighbors, and of course, sending out all of the holiday greeting cards. One less thing that needs to be added to that list is the stress of a credit card data breach. This holiday season, we’re examining all of the ways to pay, on and offline, and the safest way to take care of all of your holiday purchasing needs.
Credit Cards and the Recent POS Breaches
The topic of data breaches and identity theft has been in the med...