Pages

Share This

Showing posts with label data protection. Show all posts
Showing posts with label data protection. Show all posts

Thursday, August 15, 2019

How to outsmart smartphone scammers ?


You carry your smartphone everywhere. But the way you use it could leave you vulnerable to specific forms of identity theft, including robocall scams and hackers looking to hijack your phone number. — AP

Your smartphone is your confidante, your hand-held connection to the world – and one of your biggest vulnerabilities.

Scammers can take advantage of day-to-day tasks that seem innocuous, like checking a bank balance or charging a phone at a public USB port, to exploit personal information for their profit.

To keep that data safe, start by understanding the threats you face. Your phone has three main areas of vulnerability: its hardware, its software and your phone number. Each carries a risk, and there are steps you can take to mitigate them. Hardware vulnerability

A four-digit passcode alone isn't enough to secure your phone's hardware from intruders.

One weakness comes from the charging port. Think twice before plugging into a public USB jack for a quick charge at a cafe or airport.

“Any time you’re using a mobile port, you can be vulnerable to viruses or malware if you’re sharing it with other people who are plugging in their devices,” says Lisa Schifferle, ID theft programme manager at the US Federal Trade Commission.

Using a public charging port at an airport is like “finding a toothbrush on the side of the road and deciding to stick it in your mouth”, Caleb Barlow, vice president of X-Force Threat Intelligence at IBM Security, recently told Forbes .

Hackers can modify these ports to install malevolent software, aka malware, on your phone. Once installed, it can transfer your phone’s data to hackers. The hacked USB ports can also directly suck up your phone’s information. To avoid the risk, use your USB cord with your own charging block that can plug into a standard electrical outlet, or use an external battery pack.

For daily security, go beyond the four-digit passcode if possible, says Gary Davis, chief consumer security evangelist at the cybersecurity company McAfee. “Passcodes aren’t as effective as biometrics, like fingerprint readers or facial recognition software, because people can do shoulder surfing to see your passcode and get into your phone” if they steal it.

Software and network risks

Scammers can target your personal information using unsecured wireless networks and software vulnerabilities.

Network risks: Be wary of public WiFi networks.

“We advise against using public WiFi, but if you’re going to use it, avoid logging in to sensitive accounts,” says Allen Spence, director of product leadership at IDShield, an identity theft protection company.

To protect yourself from inadvertently using insecure WiFi networks, adjust your phone settings to avoid auto-connecting to WiFi.

Software: Hackers can exploit vulnerabilities in phone software. Schifferle of the FTC suggests consumers routinely check for and download software updates for their phones, because updates often include security patches.

Phone number vulnerabilities

There are two common ways that scammers target your phone number: robocall scams and phone number theft.

Robocalls: US consumers fielded nearly 48 billion robocalls in 2018, according to an estimate from robocall blocking service YouMail. That was a 57% increase from 2017.

A common scam comes from supposed representatives of the US Social Security Administration requesting you give your personal information or your benefits will be cut. If you get a call from a number you don’t recognise, don’t answer. That’s the best way to ensure you don’t get caught up in a phone scam. And know that government agencies won’t call you out of the blue seeking your personal information.

“You should never give personal info or money unless you have initiated the call,” Schifferle says. If you answer a call and realise it may be a scammer, hang up, she advises.

If you suspect your personal information was stolen by scammers, file a report with the FTC at identitytheft.gov .

Phone number theft: Scammers are stealing phone numbers, which can leave you vulnerable to other forms of identity theft.

The scam is clever: A malevolent actor calls your cellphone carrier pretending to be you, and after confirming some key information such as your mother’s maiden name, transfers your phone number to their device. You may not find out this has happened until you go to make a call and find that your SIM card has been deactivated.

Because phone numbers are often used as security keys, hackers may be able to get into many other accounts once they have access to your phone account. Make it harder to penetrate by avoiding common security questions, Davis says. “When you set up your security questions and answers, make sure you’re using really challenging questions that are going to be hard to figure out.” – NerdWallet/AP - Source link 

RELATED LINKS:
NerdWallet: Do you need identity theft protection services? http://bit.ly/nerdwallet-compares-identity-theft-protection-services
Forbes: Why you should never use airport USB charging stations http://bit.ly/forbes-airport-usb-stations
FTC: Report identity theft https://www.identitytheft.gov/
Sean Pyles Of Nerdwallet, The Associated Press

Related:

New phone scam imitates banks

https://youtu.be/lhHLuBQlSGUhttps://youtu.be/lhHLuBQlSGU


Related posts:

Taiwan telecom fraud suspects repatriated from Malaysia and Kenya

China urges Taiwan to give fraud suspects "punishment they deserve"

How to outsmart smartphone scammers ?


You carry your smartphone everywhere. But the way you use it could leave you vulnerable to specific forms of identity theft, including robocall scams and hackers looking to hijack your phone number. — AP

Your smartphone is your confidante, your hand-held connection to the world – and one of your biggest vulnerabilities.

Scammers can take advantage of day-to-day tasks that seem innocuous, like checking a bank balance or charging a phone at a public USB port, to exploit personal information for their profit.

To keep that data safe, start by understanding the threats you face. Your phone has three main areas of vulnerability: its hardware, its software and your phone number. Each carries a risk, and there are steps you can take to mitigate them. Hardware vulnerability

A four-digit passcode alone isn't enough to secure your phone's hardware from intruders.

One weakness comes from the charging port. Think twice before plugging into a public USB jack for a quick charge at a cafe or airport.

“Any time you’re using a mobile port, you can be vulnerable to viruses or malware if you’re sharing it with other people who are plugging in their devices,” says Lisa Schifferle, ID theft programme manager at the US Federal Trade Commission.

Using a public charging port at an airport is like “finding a toothbrush on the side of the road and deciding to stick it in your mouth”, Caleb Barlow, vice president of X-Force Threat Intelligence at IBM Security, recently told Forbes .

Hackers can modify these ports to install malevolent software, aka malware, on your phone. Once installed, it can transfer your phone’s data to hackers. The hacked USB ports can also directly suck up your phone’s information. To avoid the risk, use your USB cord with your own charging block that can plug into a standard electrical outlet, or use an external battery pack.

For daily security, go beyond the four-digit passcode if possible, says Gary Davis, chief consumer security evangelist at the cybersecurity company McAfee. “Passcodes aren’t as effective as biometrics, like fingerprint readers or facial recognition software, because people can do shoulder surfing to see your passcode and get into your phone” if they steal it.

Software and network risks

Scammers can target your personal information using unsecured wireless networks and software vulnerabilities.

Network risks: Be wary of public WiFi networks.

“We advise against using public WiFi, but if you’re going to use it, avoid logging in to sensitive accounts,” says Allen Spence, director of product leadership at IDShield, an identity theft protection company.

To protect yourself from inadvertently using insecure WiFi networks, adjust your phone settings to avoid auto-connecting to WiFi.

Software: Hackers can exploit vulnerabilities in phone software. Schifferle of the FTC suggests consumers routinely check for and download software updates for their phones, because updates often include security patches.

Phone number vulnerabilities

There are two common ways that scammers target your phone number: robocall scams and phone number theft.

Robocalls: US consumers fielded nearly 48 billion robocalls in 2018, according to an estimate from robocall blocking service YouMail. That was a 57% increase from 2017.

A common scam comes from supposed representatives of the US Social Security Administration requesting you give your personal information or your benefits will be cut. If you get a call from a number you don’t recognise, don’t answer. That’s the best way to ensure you don’t get caught up in a phone scam. And know that government agencies won’t call you out of the blue seeking your personal information.

“You should never give personal info or money unless you have initiated the call,” Schifferle says. If you answer a call and realise it may be a scammer, hang up, she advises.

If you suspect your personal information was stolen by scammers, file a report with the FTC at identitytheft.gov .

Phone number theft: Scammers are stealing phone numbers, which can leave you vulnerable to other forms of identity theft.

The scam is clever: A malevolent actor calls your cellphone carrier pretending to be you, and after confirming some key information such as your mother’s maiden name, transfers your phone number to their device. You may not find out this has happened until you go to make a call and find that your SIM card has been deactivated.

Because phone numbers are often used as security keys, hackers may be able to get into many other accounts once they have access to your phone account. Make it harder to penetrate by avoiding common security questions, Davis says. “When you set up your security questions and answers, make sure you’re using really challenging questions that are going to be hard to figure out.” – NerdWallet/AP - Source link 

RELATED LINKS:
NerdWallet: Do you need identity theft protection services? http://bit.ly/nerdwallet-compares-identity-theft-protection-services
Forbes: Why you should never use airport USB charging stations http://bit.ly/forbes-airport-usb-stations
FTC: Report identity theft https://www.identitytheft.gov/
Sean Pyles Of Nerdwallet, The Associated Press

Related:

New phone scam imitates banks

https://youtu.be/lhHLuBQlSGUhttps://youtu.be/lhHLuBQlSGU


Related posts:

Taiwan telecom fraud suspects repatriated from Malaysia and Kenya

China urges Taiwan to give fraud suspects "punishment they deserve"

Monday, July 10, 2017

Six simple steps to defend your data from ransomware


Recent ransomware attacks have rattled internet users around the world. This malicious software blackmails users by encrypting the files on their computer or mobile device and demanding payment, generally in the virtual currency bitcoin, to unlock them. But these six simple security measures can significantly reduce the risk of a computer being hit by an attack.

1. Regular updates: Software updates for browsers and operating systems don't just add new functions – they also install security patches to protect computers against the latest malicious software.

The German Federal Office for Information Security (BSI) recommends enabling automatic updates on a device and advises against the use of older operating systems such as Windows XP, for which Microsoft has stopped providing regular security updates.

Microsoft will also discontinue updates for the operating system's successor, Windows Vista, this summer – all the more reason to replace it with a newer version.

2. Be vigilant: Don't trust anyone, says nomoreransom.org, a website run by IT security companies and European law enforcement. Never open email attachments from suspicious accounts, don't click on questionable links and don't download unverified software.

Even emails from friends and co-workers should not necessarily be trusted. Before opening an attachment or clicking on a link, always take time to consider whether the sender's online account could have been hacked or their computer software infiltrated by malicious software.

3. Antivirus software: Enable all the security applications in your operating system, advises the BSI. Reliable antivirus software can provide further protection, but must be kept up-to-date.

4. Back up data: Creating digital duplicates of your files can protect your personal information from disappearing forever. In the event of an attack, you can just transfer over your back-up files.

Windows (Backup and Restore) and MacOS (Time Machine) have in-built applications for backing up your data, but they might not be accessible in the event of an attack. A more secure option would be to save your files in an external device, such as a hard disk drive, solid-state drive, DVD, or in the cloud.

To reduce the risk of spreading viruses, only connect the external drive to a device during file transfers. As an extra precaution, save your data in two separate external hard drives.

5. Fight back: If you happen to accidentally install malicious software or receive suspicious messages, immediately disconnect your device from the internet, instructs  nomoreransom.org. to be decrypted. This will prevent the infection from spreading.

You can then run a clean installation of your computer software, and transfer over your back-up files. For some types of ransomware, there are techniques to unlock the content on your computer.

The latest malware outbreak "Petya" can be stopped by creating the read-only filetype "C:\Windows\perfc.dat," which prevents it from scrambling your files. An initial report on the antidote published on the site bleepingcomputer.com has since been confirm by several IT security companies.

6. Never pay: A blackmailer's demands should never be met, says the State Office of Criminal Investigation (LKA) of Lower Saxony. There are several reasons for this, the LKA reports. First, even if you pay the ransom, there is no guarantee that you will regain access to your files.

Second, by paying the attacker, you are supporting the growth of a criminal industry. Every payment finances new attacks. In the case of the recent Petya outbreak, the payment system is useless, because only one email address was provided, which has since been shut down by the provider. — dpa

Related Links

Six simple steps to protect your data from ransomware

Six simple methods to save your information from ransomware http://www.techagentmedia.com/six-simple-methods-save-information-ransomware/ via @techagentmedia


Related posts:

WannaCry ransomeware attacks, how to prevent it? 


Malware, ransomware attacks are a growing threat to computer and mobile phone!  

Malware, ransomware attacks are a growing threat to computer and mobile phone!

Six simple steps to defend your data from ransomware


Recent ransomware attacks have rattled internet users around the world. This malicious software blackmails users by encrypting the files on their computer or mobile device and demanding payment, generally in the virtual currency bitcoin, to unlock them. But these six simple security measures can significantly reduce the risk of a computer being hit by an attack.

1. Regular updates: Software updates for browsers and operating systems don't just add new functions – they also install security patches to protect computers against the latest malicious software.

The German Federal Office for Information Security (BSI) recommends enabling automatic updates on a device and advises against the use of older operating systems such as Windows XP, for which Microsoft has stopped providing regular security updates.

Microsoft will also discontinue updates for the operating system's successor, Windows Vista, this summer – all the more reason to replace it with a newer version.

2. Be vigilant: Don't trust anyone, says nomoreransom.org, a website run by IT security companies and European law enforcement. Never open email attachments from suspicious accounts, don't click on questionable links and don't download unverified software.

Even emails from friends and co-workers should not necessarily be trusted. Before opening an attachment or clicking on a link, always take time to consider whether the sender's online account could have been hacked or their computer software infiltrated by malicious software.

3. Antivirus software: Enable all the security applications in your operating system, advises the BSI. Reliable antivirus software can provide further protection, but must be kept up-to-date.

4. Back up data: Creating digital duplicates of your files can protect your personal information from disappearing forever. In the event of an attack, you can just transfer over your back-up files.

Windows (Backup and Restore) and MacOS (Time Machine) have in-built applications for backing up your data, but they might not be accessible in the event of an attack. A more secure option would be to save your files in an external device, such as a hard disk drive, solid-state drive, DVD, or in the cloud.

To reduce the risk of spreading viruses, only connect the external drive to a device during file transfers. As an extra precaution, save your data in two separate external hard drives.

5. Fight back: If you happen to accidentally install malicious software or receive suspicious messages, immediately disconnect your device from the internet, instructs  nomoreransom.org. to be decrypted. This will prevent the infection from spreading.

You can then run a clean installation of your computer software, and transfer over your back-up files. For some types of ransomware, there are techniques to unlock the content on your computer.

The latest malware outbreak "Petya" can be stopped by creating the read-only filetype "C:\Windows\perfc.dat," which prevents it from scrambling your files. An initial report on the antidote published on the site bleepingcomputer.com has since been confirm by several IT security companies.

6. Never pay: A blackmailer's demands should never be met, says the State Office of Criminal Investigation (LKA) of Lower Saxony. There are several reasons for this, the LKA reports. First, even if you pay the ransom, there is no guarantee that you will regain access to your files.

Second, by paying the attacker, you are supporting the growth of a criminal industry. Every payment finances new attacks. In the case of the recent Petya outbreak, the payment system is useless, because only one email address was provided, which has since been shut down by the provider. — dpa

Related Links

Six simple steps to protect your data from ransomware

Six simple methods to save your information from ransomware http://www.techagentmedia.com/six-simple-methods-save-information-ransomware/ via @techagentmedia


Related posts:

WannaCry ransomeware attacks, how to prevent it? 


Malware, ransomware attacks are a growing threat to computer and mobile phone!  

Malware, ransomware attacks are a growing threat to computer and mobile phone!