Possible threats to mobile users in 2012

Guest post from Andrew Ford.

This is quite an exciting week for my inaugural blog; Earlier this month, Norton by Symantec announced the availability of Norton Tablet Security and an update of Norton Mobile Security Followed by Get Safe Online Week which focused on threats to smart phones from rogue apps and malware .

This got me thinking about what the biggest threats to mobile users in 2012 will be.  I had a chat with Orla Cox, one of my colleagues in the Symantec Security Response Centre in Dublin and this is what she had to say;

Orla Cox;

“We’ll likely to continue to see an increase in attacks via mobile platforms. In the past year we’ve seen 40 new families of mobile threats.  This number will continue to increase over the next year.  At the same time, however, PC threats will continue to be most dominant, vector numbers wise.  We continue to add detection for 60,000 new threats every week”

I also asked Orla how she thought the  bad guys would be making their cash in 2012 and she pointed out that the increase in the use of mobile devices for financial transactions will continue to make them a more attractive target for criminals.  Using  smart phones or tablets to make payments means that users must store their credit card details on the phone, therefore we may see attackers creating malware that can steal that data. We may also see threats which follow the trend in Windows malware such as Rogue Antivirus software.

I know myself that the open and ubiquitous platforms are the most attractive for attackers and for that reason Android will likely continue to be the more attractive platform to attach.  If we see an increase in popularity for Windows Mobile-Nokia devices, then these too may become attractive to attacker. Apple iPhones and iPads will also not be immune from threats due to the millions now being used across the world. Indeed using any mobile device in an open wifi environment leaves a user open to other people capturing the data they transmit across the airwaves.

All this said, it remains more important than ever to be smart when using your smart phone and tablet.

As a minimum users should lock their phone with a pin code (you would be surprised just how many people don’t use this simple function on their phone).  This is a simple function that can save users a lot of hassle if their phone falls into the wrong hands.  At the other end of the scale, users can install mobile security on their mobile device. Caution should also be used when connecting to wifi hotspots.

Mobile devices are now mini computers and people keep their lives on them. How do you protect your device?

November 23, 2011 | Filed Under Family Online Safety, Identity theft, Mobile, Security, Technology | Leave a Comment 

The risks of cybercrime…

Guest post from Simon Ellson.

With the evolution of technology comes the development of a whole load of other things, including crime. Over the years crime in the virtual world – also known as cybercrime- has increased. Our own, Norton Cybercrime Report shows that cybercrime is a hundred times bigger than the annual expenditure of UNICEF.

What sets cybercrime apart from other crime is that it can happen to anyone, at any time, and often it involves your personal details – the information that you go at lengths to protect – being stolen.

Take Jacquelyn Moulds from Clapham, London. She had over £4000 go missing from her savings account. After contacting the bank she was told that she’d been the victim of a phishing scam; someone had obtained her bank log-in details, logged into her account and set up a new payment – there was no trace of who or where the money had been sent to.

The investigations carried out showed that Jacquelyn’s account details had been stolen whilst she was accessing her account online. When exactly they were stolen was unknown and because Jacquelyn accessed her account from multiple computers, it was difficult to pinpoint the exact time and computer her details were stolen from.

Luckily, Jacquelyn’s bank reimbursed her money, however, this is does not happen in all cases. It’s therefore important to be vigilant: use strong passwords, don’t click on suspicious emails or web links, only make payments on secure websites and of course get your computer or device protected.

Jacquelyn’s story is just one example of cybercrime. If you or anyone you know has been a victim of cybercrime, then get in touch and help us to increase the awareness of the risks of cybercrime.

November 14, 2011 | Filed Under Identity theft, Norton Cybercrime Report, Security, Spam | Leave a Comment 

Keeping the Internet’s bogeymen out!

Guest post from Simon Ellson.

The Internet is full of tricks and treats. It provides us with endless entertainment and opportunities to connect with one another, but it does also put us and our family in potential risk, 24 hours a day.

The recent Norton Cybercrime Report showed that online scams is amongst the top three types of cybercrime – even web-savvy adults fall for them! With little education, however, we can all learn methods to avoid such problems and stay safe.

But what about the children? How do we ensure that our kids stay safe online, without us peering over the shoulders? The same answer – education!

Whilst teaching kids to limit the information that they share with others and how to appropriately use security and privacy settings helps them to stay safe online, kids need to taught how to keep the door closed for the Internet’s bogeymen.

And how do we do this? Similar to how we teach our children the rules of trick-or-treating e.g. staying on the pavement, crossing the street carefully, avoiding unwrapped or homemade treats and coming home before it’s too late. We can teach children the internet’s equivalents:

1. Be careful about what they  click on – stick to well-known Internet sites and use search ratings tools like Norton Safe Web to avoid going to dangerous website

2. Teach your child never to respond to spam and to delete unwanted messages – Marian Merritt, Norton’s internet safety advocate, mentioned in a recent blog post that some of the most common scams that trick children are pop-up ads that:

  • Promise you can easily win great prizes like a tablet or gaming system
  • Claim to detect viruses on your computer and offer to clean them
  • Offer to speed up your computer

3.  Use security software on all computers as well as mobile phones and tablets.

4. Set up unique and complex passwords and ensure that your children share them with you but no one else.

5. Talk to your child about Internet scams, misleading advertising, spam Instant Message or social network friend requests, and other online tricks you know to avoid but they may not.

October 28, 2011 | Filed Under Family Online Safety, Identity theft, Norton Cybercrime Report, Security, Spam | Leave a Comment 

5 steps to protect yourself from ID fraud

Guest post from Simon Ellson.

This week is National ID Fraud Prevention Week, which got me thinking about an experience that I had on a recent holiday in Greece.

Whilst I was there I booked a sight-seeing boat trip with the Holiday Rep.  We were staying on a remote Greek island and so I wasn’t surprised that the Rep didn’t have a chip and PIN reader when she took  my payment. However, it did surprise me that she didn’t have one of those old-fashioned card swiping machines, the ones with the multi-sheeted carbon paper.  Instead she placed my credit card under the carbon paper sheets and rubbed over the credit card with the edge of a pen, brass-rubbing style – how very hi-tech!

It made me smile and in my relaxed holiday frame-of-mind I didn’t really consider how insecure this was or how easy it would be for my card details and signature to be captured.  Luckily, the Rep was totally trustworthy and my ID hasn’t been misused.

However, this isn’t the case for everyone. Research issued by Action Fraud has found that although 95% of the UK population is aware of the threat and risks of identity fraud, the number of victims is still rising. People continue to be careless with their identities and the average cost of these incidents to each victim is £1,190.  National ID Fraud Prevention Week is another reminder for us all to protect our offline and online identities.

Simple actions can help to keep you and your family secure:

  • Don’t share your personal details with others
  • Use a private computer when  shopping online
  • Ensure that the website you’re using is secure (this is indicated by the padlock  and the “https://” before the URL)
  • Use smart passwords (to find out what makes a smart password, take a look at this blog  by Symantec)
  • And of course, always use an up-to-date internet security package.

The Stop ID Fraud website, prepared especially for this week, has a resource centre where you can download useful tips and advice on how to protect your  identity.  You can also use the Norton downloads, to keep your online stuff safe and protect your family and your possessions.

October 19, 2011 | Filed Under Identity theft, Security | Leave a Comment 

Norton One

Today we can announce plans to deliver a personalised service that will protect consumers across multiple devices, Norton One™.

Norton One will give consumers the option to select a combination of solutions that work for them and take away the hassle and worry of securing and maintaining today’s connected household.

Norton One will be the industry’s first membership-based offering spanning PC, Mac and mobile security solutions.

Norton One will provide a different experience by providing a single membership that will protect each connected device an a household through one user interface.

You will be able to choose the technologies and devices that you have and need to protect properly. New devices can also be seamlessly added to the membership and quickly protected against online threats. Licenses can then be moved between devices or removed if you’re no longer using a device.

A diversified range of technologies and support will be offered, including security and performance with personalised services and premium support.

Today’s Internet-enabled household relies on multiple devices to communicate, work, shop and play. All these devices need protection against online threats, but protection today needs to provide more than just basic security and must cover the distinct needs of all the household’s connected devices.

Norton market research has found that consumers in the U.S. have an average of 4.5 devices in their household between desktop computers, laptops, tablets, mobile phones and more.

The future of consumer security involves protection across all devices and platforms. We continue to expand our business with our Norton Everywhere initiative, delivering multi-device security solutions that are focused on the individual and their information, wherever you go and regardless of the device you’re using.

Norton One is expected to be available in the first half of 2012.

September 13, 2011 | Filed Under Announcements, Customer service, Family Online Safety, Security | Leave a Comment 

Norton Cybercrime Report 2011

This morning we’re launching this year’s Norton Cybercrime Report, our annual look at online crime in the UK.

Our research has found out that Cybercrime is costing the UK on average £474 million a year. Based on the value victims surveyed placed on time lost due to their cybercrime experiences, an additional £619 million was lost.

Headline facts:

  • 19 people fall victim to cybercrime every minute in the UK
  • 51% of those in the UK have experienced cybercrime in their lifetime
  • Only 16% of victims report cybercrime to the police
  • On average British people spend around 4 days resolving cybercrime related issues
  • Global cybercrime in 24 countries cost £71 billion last year

The financial cost of cybercrime is hitting Brits in the pocket, but this year’s Norton Cybercrime Report has also found questionable online ethics among the general population.

The core danger for people in the UK still lies in organised cybercrime and the sort of security attacks we’ve become accustomed to seeing in the news.

But, our research raises some serious questions around privacy and the boundaries people are willing to cross in their own online dealings.

Do your experiences of cybercrime match with our report results?

Let us know by leaving a comment, or follow us on Twitter @norton_uk

September 7, 2011 | Filed Under Announcements, Security | Leave a Comment 

How private is ‘private’?

Guest post from Simon Ellson.

Imagine a world in which a hacker is not a stranger, but rather your neighbour. Now imagine that that neighbour has spent 18 hours a day on social media sites that you are present on, to work out your passwords and answers to secret question. And now imagine that the hacker has stolen over £35,000 from you.

That is the reality of today’s world. The Telegraph this week reported a hacking story that is different from what we are accustomed to. It showed how hackers no longer need to use code to gain access to a program or account, but instead they can monitor your online activities and view your conversations to gather enough data that will help them gain entry into your account.

For me, this story, once again, raises the question of how private the setting ‘private’ really is? You see, the story mentioned shows how an individual used the content of what his neighbours are sharing online, to work out passwords to online and offline banking accounts. It indicates how an innocent status update or comment can provide others with enough data to cause you harm and once again raises the issue of how it is important to consider what you are writing before you hit enter – it’s important to remember that there are a number of different people that will be reading what you write, and not to sound cynical, but not all of them will have your best interests at heart.

And so, my top three tips for keeping yourself, your data and your possessions secure are:

  1. Ensure that the privacy settings on your accounts are up-to-date and only people that you want your data to be visible to can see what you have written.
  2. Use strong passwords, ones that others will not be able to guess. One of our security response guys has posted an interesting blog on passwords.
  3. Before hitting enter, invest a minute to review what you’ve written. Think about the information that you are sharing and what people can take from it. Also think about the connection between current and previous updates and how they can be manipulated if they are seen by the wrong pair of eyes!

August 22, 2011 | Filed Under Family Online Safety, Identity theft, Security | Leave a Comment 

It’s Not a Con – Over the Pond

Well, it’s been a blast. I’ve been working for Norton for over four years now, developing our products from PC anti-virus to full-service internet security suites with add-on features like family safety and safe search, and now we’re moving on again, into mobile computing protection. And as Norton moves on, so do I, to head up the mobile product development team in California.

As such, my world is suddenly very busy, as we develop new applications for people to keep their smartphones and tablet computers safe from cybercriminal attack, but also work to help them manage these mini-computers, get the best performance out of them, and protect their privacy.

Therefore, I’ll be writing less and less for ItsNotaCon, as my UK colleagues take up the reins of the blog, writing about cybercrime and how it affects people in the UK, family safety and general PC protection topics. Simon Ellson, Marian Merritt and others will be keeping you abreast of security topics in the coming months.

In the meantime, a little plug from me. Why not try Norton Mobile Utilities, if you have an Android phone? This is a free application available from the Android marketplace here https://market.android.com/details?id=com.symantec.monitor&hl=en which is designed to help you get the most out of your phone. It helps you to understand what apps you have, helps you manage and back them up, as well as helping you understand exactly what impact each app is having on your phone’s performance and also your own data – many apps request a great deal of access to other functions on your phone which can be an indication of a malicious app. It also contains useful tools to help manage data and call limits, memory use and battery performance.

Have fun – I’ll be back from time to time to tell you about mobile developments, but in the meantime it’s over the pond and out!

August 8, 2011 | Filed Under Mobile, Security | Leave a Comment 

Wimbledon Can Make You Rich!

Wimbledon Can make You Rich‘ originally appeared on Symantec Connect.

Yes, of course. This is what the email is all about!

The 2011 Wimbledon Championship has begun in full gusto and like any other major sporting event, we started observing spam flowing in the wild targeting Wimbledon 2011 where spammers are sending online betting, casino and even online pharmacy spam through emails.

The Italian spam sample given below mimics a legitimate betting website(the name of the betting site ia deliberately ommitted). The email headers are spoofed in an effort to highlight the legitimacy of the email. The Sender domain is recently registered and shows hit and run spam characteristics. Spammer says, ‘bet risk free! Even if you lose the bet, 20 Euros will be reimbursed’.

The spam sample given below explains steps that users need to take to acquire the bonus:

1. Sign up and make a deposit into your account
2. Place your first bet
3. If your first bet is not successful you will be reimbursed up to 20 euros.

Spoofed headers are as shown below:

From: xxxx
Subject: Torna il grande tennis, con [removed] hai venti euro offerti per scommettere su chi vuoi

Translation:
Subject: The return of the great tennis tournament, come and bet on [removed] – 20 euto bets on the bets you want

Another spam sample promotes online pharmacy. The subject line for this attack is ‘British women win at Wimbledon’. Perhaps this is an effort to draw user’s attention to news related to Wimbledon.

Users have to be very careful when they do online financial transactions. Email legitimacy need to be checked before clicking on any link. One thing is for sure and that is No bet can make you rich especially if it has come through unsolicited sources.

Note: Thanks to Anand Muralidharan for contributed contents

June 30, 2011 | Filed Under Security | Leave a Comment 

Simon Ellson: Poisoned Search

Internet search is part of everyone’s lives – if we want to do some research, make a purchase, donate to charity, even apply for a job, the Internet is where we turn.

Cybercriminals are wise to this and use something we call search engine poisoning  to direct people to compromised or illegitimate websites that, in turn, will attempt to scam you or install malware.

Hackers and cybercriminals either create malicious websites which they optimise to appear high in search results, or compromise legitimate sites by inserting malware. Examples of this include the recent earthquake in Japan which saw criminals creating fake donation websites, and the recent sale of Olympics tickets. Cybercriminals are quick to jump on trending topics and breaking news – they are always looking for opportunities where they can gain financially.

This is something that the search engine operators, and we in the security community, are developing and deploying solutions for.

At Norton, we have created free software called Norton SafeWeb which marks up search engine results with a tick or cross, to help people avoid compromised or bad URLs. The best thing is that you don’t have to be a Norton customer to use it and it’s completely free. It warns you of unsafe search results, prompts you if a website has a potentially dangerous download on it and also alerts you of suspicious e-commerce activity.

June 23, 2011 | Filed Under Security | Leave a Comment 

« Previous PageNext Page »