Guest post by Andrew Ford
I was excited to upgrade my Android Smartphone recently and was thoroughly enjoying the latest functionality and apps. It was much less clunky that the earlier model, and I had spent time setting-up my social media and other apps. I had also added a password to make sure my details would be safe if my phone were to be lost or stolen.
I was taking great care, as I had heard that users had dropped similar Smartphones and that damage to the screen had meant that they could no access the phone’s contents due to the touchscreen not working and therefore they couldn’t enter their password.
Disaster struck one day when I pulled my pullover from beneath my phone. The phone tumbled from the kitchen top and struck a wooden stool en-route to the floor! The result was a slight dent on the housing, however this had been enough to crack the screen. I tried everything to access my precious photos, by consulting websites and the provider shop and support centre, all to no avail. The lovely photos of my daughters were locked on the phone, never to be seen again!!
I now have a replacement Smartphone, based on an insurance excess payment, and have learnt a valuable lesson, and I continue to pay the provider insurance, should I have any further problems with my phone in the future. I have also bought a case to protect the phone as much as possible if I drop it again and I have put a protective film across the screen for added protection. I have installed Norton Mobile Security as part of my Norton One Membership. And most importantly I have configured an automatic online back-up of any photos I have taken, which connects every time I return to my home wifi.
Please don’t lose your precious memories. Protect the Stuff that Matters!
Holiday surfing advice from us at Norton, the internet protection expert
Long cold winter nights; it’s that time of year when most people just want to lock the doors and curl up in the warmth (often with their favourite tablet or mobile device). With so much time spent at home, online activity tends to increase considerably as more evenings are spent surfing the internet, indulging in some online retail therapy, playing games online or keeping up with friends via social media. In September this year Deloitte estimated that online sales now account for the equivalent of more than 60 million square feet of retail space, and this Christmas more shoppers than ever will browse and buy from the comfort of their own home or while on the move with their mobile device.
However, during these tranquil and lazy evenings, it is important to remain vigilant; just because you’re comfortable and secure at home, perhaps relaxing and getting into the festive spirit with a nutmeg spiced latte, doesn’t mean that opportunistic cybercriminals will also be taking a break!
The 2012 Norton Cybercrime Report found that cybercrime costs the UK economy £69 billion per year. During the holiday season especially, more financial transactions will take place than at any other time of the year. Cybercriminals have been known to set up fraudulent websites that seem to offer great deals, when in fact they are merely traps hoping to entice unwitting consumers to enter their personal payment details.
Online shopping over the festive season is an ever-increasing phenomenon – the percentage of gifts purchased online increased 85% year-over-year between 2010 and 2011 and signs are that 2012 will see another significant increase. Whilst it is great that consumers are benefitting from the convenience and choice that an online shopping experience brings, it is also important that they protect themselves from the growing array of online threats out there as they use their cards and personal details online. Norton by Symantec has issued the following tips for protected online shopping to make sure it is not a bumper holiday season for cyber criminals and scammers.
Norton’s Top 5 Tips for a Winter of Protected Web Surfing:
- Be wary of unsecured or unknown websites – When shopping online, always use reputable outlets and make sure that any transactions you make only take place across secure pages – this is usually denoted by a padlock sign in your browser address bar. Look for the Norton secured logo to be sure that the site is legitimate.
- Watch out for spam emails – “This year’s top toy 80% cheaper than the high street” or “Win all your holiday gifts and get them delivered direct to your door!” Seem too good to be true? Well, it most probably is. Cybercriminals are fully aware of the searches we make online during certain times of the year and they know the kind of emails we wish would land in our inbox. Always be cautious of any emails you receive from unknown recipients or that seem just that bit too generous.
- Be careful on social networking sites – Criminal gangs have been known to monitor people’s social profiles to find out when they’re going away (for example staying with relatives over the holiday period and their home will be left empty). Be mindful of this when telling the world that you’ll be spending the two weeks over the festive season away from your own home.
- Keep personal information secured – Make sure that whatever you happen to be doing this winter that you do not to give out any personal information online. Always be cautious when befriending someone online, particularly via social networking sites where personal information may be easily exposed. People aren’t always who they say they are.
- Keep your mobile phone protected – Thieves are always on the lookout for opportunities; when out in large crowds doing your holiday shopping, always ensure that you know the whereabouts of your mobile phone and other personal belongings. Make sure that your mobile is pin-protected and that you have downloaded a security app which allows you to wipe any personal data, should your mobile be stolen.
When were you last bullied? Maybe you were lucky and have never been bullied. Chances are that for today’s kids bullying can be a constant threat and when a kid leaves the school gates bullying doesn’t just stop there. Bullying comes in many forms and is no longer just a verbal or physical act. Bullying has, with the rest of the world, made the switch to online, in the form of cyber-bullying, a word which has even found its way into the Oxford English Dictionary.
The advancement of smartphone and tablet technology gives children more ways to connect, socialise, and create than ever before. Unfortunately, some children abuse this using email, instant messaging, pictures, and text messages to embarrass or bully other kids.
This week is Anti-Bullying Week (19th – 23rd November) and it also marks BeatBullying’s 10th Birthday! BeatBullying is the UK’s leading bullying prevention charity, which strives to empower people to stand up and say ‘NO’ to bullies. Their mission is simple: to create a world where bullying, violence and harassment is unacceptable. The charity offers families, schools and communities the tools to understand, tackle and beat the problem, which sadly affects one in three young people.
Since BeatBullying began in 2002, the charity has helped over 1.6million young people and has assisted in reducing ‘incidents of concern’ by 73% in partner schools. A part of this has been helped by the charity’s CyberMentors scheme, which is all about kids helping and supporting other kids online. The scheme has been a huge success with 95.8% of teachers rating the CyberMentors programme as an effective intervention.
To celebrate BeatBullying’s 10th Birthday, parties are being held at schools all over the country to help raise money for the charity. BeatBullying aims to raise the £279,000 necessary to support a further 100,000 children, giving them the chance to also be a part of the online peer-to-peer mentoring scheme.
Marian Merritt – Norton’s Internet Safety Advocate reveals that “your child may not know “cyber-bullying” by name but he or she knows what it looks and feels like.” Cyber-bullying is unacceptable and is something we must work hard to get rid of.
Here are some of Marian’s top tips on what to do if you, your child, or someone you know is being cyber-bullied:
- Make your child of friend aware that cyber-bullying is incredibly common and if they haven’t seen any yet, it’s just a matter of time until they do. Make sure they know how to react when it does occur (they should not respond to any email or message that contains the cyber-bullying; they should try to save or print it so they can show someone; they should block it if they know how; and most important ALWAYS report it to Mum, Dad or another trusted adult.)
- Make sure your children know they must guard even the most casual text message and watch their own written words. They should never be cyber-bullies, and they should always tell you if and when they are being cyber-bullied.
- Experiencing something bad is almost inevitable when active on the Internet. Make sure your child or friend knows they can come to you for help and you won’t overreact.
- If you or your child is being cyber-bullied: don’t respond. A response gives the bully or bullies the reaction they seek. Silence will confuse them. If your child gets asked “did you see that post or message?” teach them to say they didn’t, or even say, “My mum was working on my computer last night. Maybe she saw it.”
- Wherever we have an online bully and a target, we have silent observers who witness the harassment and give it more power by providing an audience. Make sure to never engage in cyber-bullying even if all you are asked to do is visit a site, open an email, pass along a cruel message, or add their comments to a nasty social networking page. Give your child the training to respond to a target/victim with kindness, support, and friendship.
Guest Post by Marian Merritt: Norton Internet Safety Advocate
I know you’re probably thinking; ‘boring old passwords’.
It’s true, password tips aren’t a fancy bit of technology to keep you safe online, however, weak passwords are one of the easiest routes for someone to access the things you would never want them to. Passwords are always a hot topic for that very reason.
Passwords should be your first point of call when protecting your stuff and it’s important to make them as secure as you can.
From an early age we discover passwords are not always as safe as we think they are. Kids at school share passwords as part of friendship and misplaced trust. And they sometimes guess their friend’s passwords or reset them by knowing the responses to security questions. Kids can hack another friend’s account and go in and change settings such as the person’s desktop background to something embarrassing and have a good laugh when they log on the next time.
Although this joke was meant to be fun, there are lessons that can be taken away. It sets kids up to have their accounts mismanaged, their private information shared and their social networks used to cause trouble. I know it’s convenient to stay signed into your accounts but logging out is a simple but great technique to ensure no one has access to your accounts.
Make sure that you prioritise passwords for email and social networks as the most important to make complex and unique, as these are often connected to social media accounts and can serve as a way to log in. Once someone has access to your email, they can change all your other passwords by clicking on the “forgot my password” link on the other websites. And if they gain control of your social network, they can scam or send dangerous links to all of your contacts.
Avoid using easy-to-guess passwords such as dictionary words, names, or dates that an Internet hacker might break.
How to create a good password:
Pick a single master password that you’ll be able to remember, and then customize that password for different websites. The first step is to choose a good master password that uses more than six characters and some combination of letters and numbers (rather than real words).
In this case, let’s use the phrase “I want to go to London”. Reduce that phrase to each of the first letters, use the number “2” for the word “to” and you’ll end up with “Iw2g2L”. Then add the first and last letter of the website to it (Norton.com’s website would be: “NIw2g2Ln”). This little trick helps me remember all those various passwords and yet keep things complex enough that it’s hard for a computer hacker to crack. This sequence makes sense to me but not to anyone else. It also helps that I get different passwords for different accounts. If one password to one account is compromised, the rest are still secure.
If you store important documents on your home computer with bank account information, tax information, social security numbers, make sure to add a password to them too. If your computer ever gets stolen or hacked, the passwords will add another layer of security to your information. Find out how to add one here.
Are your passwords up to scratch, let us know if this has made you change yours?
Guest Post by: Richard Clooke – Manager, Marketing Programs, Consumer Business Unit, Symantec Corporation
We’ve all experienced poor PC performance at some point in our lives – from slow-ups and clutter to constant system freezes. A sluggish computer can be a major source of frustration for many and according to new research, we are reaching the end of our tethers – with a survey of 1,000 Brits revealing that 16% would prefer to visit the dentist’s chair than fix a slow PC!
I don’t know about you, but I don’t recall any good memories from my visits to the dentist. The research, which focused on PC frustrations among consumers, also found that slow computers have caused one in ten of us to argue with our partners. It’s a pretty bad state of affairs if a sluggish PC is causing strife in relationships.
The research also revealed Bristol to have one of the highest levels of PC frustration in the UK. How fitting it is then for a ‘Frustration Zone’ to be set up in Cabot Circus Shopping Centre this Thursday, giving Bristol residents the chance to relieve their PC frustrations with plate smashing, punch bags and a boxing machine! Even gadget expert Suzi Perry will be on hand to get involved with the release of these pet PC peeves, and offer helpful advice around becoming friends with your PC again.
Many people view a slow PC as a sign that they need a new one, but before we throw in the towel, there are a lot of things than can be done to improve its performance. Try getting rid of apps you’ve not used in the last year, or transferring large files to an external storage drive or DVD to free up system resources. Visit http://www.befriendswithyourpc.com for more helpful tips and tricks on how to solve common PC frustrations.
Ransomware is a type of malicious software that disables the functionality of a computer in some way and demands a ransom in order to restore the computer to its original state. Recent variants use law enforcement imagery to add legitimacy to the warning messages. The malware uses geo-location services to determine the location of the computer it is running on and then, after locking the computer, displays a message appropriate to that country. The message usually claims that the user has broken the law by browsing some illegal material. Figure 1 is an example of a ransomware variant that displays a message claiming to be from the FBI.
Figure 1. An example of a ransomware message
The message states that in order to unlock the computer, “a fine” must be paid using one of several prepaid electronic money schemes. The fines can range from €50 to 100 in Europe, to up to $200 in the US.
Ransomware has been in existence since 2009 and initially targeted users in Russia and Eastern Europe. It has since become a global problem, spreading first throughout Europe and, in more recent months, has begun targeting users in North America. At least 16 different versions of ransomware have been identified over the past year and a half. Each version is not an ‘upgrade’ from a previous version, but rather a unique variant, associated with a separate gang. These gangs have independently developed, or bought, their own different version of ransomware. The gangs are not new to cybercrime; they have been associated with other threats and scams in the past such as banking Trojans and rogue antivirus. Ransomware has now become a more lucrative enterprise for them.
The operations are highly profitable, with as many as 2.9 percent of compromised users paying out. An investigation into one of the smaller players in this scam identified 68,000 compromised computers in just one month, which could have resulted in a fraudster obtaining up to $400,000. A larger gang, using malware called Reveton (Trojan.Ransomlock.G), was detected attempting to infect 500,000 computers over a period of 18 days. Given the number of different gangs operating ransomware scams, a conservative estimate is that over five million dollars a year is being extorted from victims. The real number is, however, likely to be much higher.
For details on our investigation into these multiple ransomware variants, please see our whitepaper .
Guest Post by: Samir Patil, with thanks to Anand Muralidharan for contributing to this post.
One of the most devastating Superstorms in decades, Hurricane Sandy, hit the US East coast in October, causing the loss of lives and damage to businesses, leaving countless people without electricity and in need of support. Now, unfortunately Sandy has now added spam to its list of misery.
We are observing spam messages related to the hurricane flowing into Symantec Probe Networks. The top word combinations in message headlines are “hurricane – sandy”, “coast – sandy”, “sandy – storm”, and “sandy – superstorm.”
Typical spam attacks like “Gift card offer” and “Money making & Financial” spam are currently targeting the disaster. Below are the screenshots of some spam samples to keep a watch out for.
The following are examples of subject lines seen in the spam messages:
• Help Sandy Victims and get $1000 for Best Buy!
• Sandy Strikes… [WARNING]
• Deposit Processing Open Today (Frankenstorm doesn’t stop us)
Spammers taking advantage of disasters is nothing new. Previously, for example, we witnessed phishing and spam campaigns using the Haiti earthquake as a means of spreading harmful activities, and we anticipate that fake news, photos, donation requests, 419 scams, phishing campaigns, and malicious video link attacks will continue to be seen in the near future.
We advise users to follow best practices while online, such as typing website addresses directly into their Internet browser for any online video rather than clicking on links contained in emails.
Finally, never donate money or buy products through wire transfer services or similarly untraceable methods of payment. Instead, reach out to the storm victims through legitimate and secure channels.
As always, we will be continuously updating our anti-spam filters to block these emails from reaching users.
Working on the move is becoming increasingly common, and organisations are responding to the need to provide a remote working solution for employees. Remote email and desktop access are solutions to this but all come with their own problems. However, with a small amount of careful thinking it’s easy to reduce the likelihood of unauthorised access and breaches of privacy and make sure everything is safe that needs to be.
Your company should have already thought about the security of the way it provides mobile working , and it should therefore have already secured the network with a firewall, for example, but what steps can be taken to make sure that files stay as secure as possible?
Strong passwords are the most important starting block and creating a strong password can help to limit security issues. This should include a combination of upper and lower case letters, and numbers.
There are more hi-tech options available too, biometrics, for example, are up and coming, using finger print scanners to access a computer, though it might be a while before only those with documented fingerprints can access certain documents.
If you are working on a public Wi-Fi connection, in a café for example, can you be 100% sure that it has been properly secured? This year’s Norton Cybercrime Report found that 2/3 of adults use free or unsecured public Wi-Fi, where details are easily prone to being intercepted. Are you part of that majority?
A phone conversation about work or editing a document on the train could give confidential data away. Have you ever thought about who might be looking over your shoulder whilst you’re working in a public place? Chances are it’s nothing highly confidential, but we should all take a minute to think about what we can change about our mobile working habits to ensure information is kept secure.
- Check the security of your Wi-Fi connection. If you’re unsure, don’t use it, or use a product such as Norton Hotspot Privacy to create a personal VPN
- Think about the confidentiality of the documents you’re working on. Should the person next to you be allowed to scan its contents?
- When working in a browser, check that the web address begins with ‘https://’ and that there is a padlock symbol showing
- Always log out when working remotely
- Don’t store sensitive info on remote devices that could be easily misplaced
- Never click ‘remember me on this computer’ when using public Wi-Fi or a computer that isn’t yours