News

Nations participating in the event include the US, Canada, EU countries, India, Japan, Singapore, Ghana and Oman

How to make the most of the new features in Sophos Firewall v21.

CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported.

Welcome to the security nightmare that is the Internet of Things.

All day long, it’s almost always within arm’s reach. Your smartphone. And we rely on it plenty. That makes securing your phone so important. Good thing that some of the best tips for making your phone safer are also some of the easiest.

Here’s a quick rundown:

Ten quick tips for mobile security

1. Lock your phone.

Locking your phone is one of the most basic smartphone security measures you can take. Trouble is, few of us do it. Our recent global research showed that only 56% of adults said that they protect their smartphone with a password, passcode, or other form of lock.[i] In effect, an unlocked phone is an open book to anyone who finds or steals a phone.

Setting up a lock screen is easy. It’s a simple feature found on iOS and Android devices. iPhones and Androids have an auto-lock feature that locks your phone after a certain period of inactivity. Keep this time on the low end, one minute or less, to help prevent unauthorized access.

We suggest using a six-digit PIN or passcode rather than using a gesture to unlock your phone. They’re more complex and secure. Researchers proved as much with a little “shoulder surfing” test. They looked at how well one group of subjects could unlock a phone after observing the way another group of subjects unlocked it.[ii]

2. Turn on “Find My Phone.”

Another powerful tool you have at your disposal is the Find My Phone feature made possible thanks to GPS technology. The “find my” feature can help you pinpoint your phone if your lost or stolen phone has an active data or Wi-Fi connection and has its GPS location services enabled. Even if the phone gets powered down or loses connection, it can guide you to its last known location.

Setting up this feature is easy. Apple offers a comprehensive web page on how to enable and use their “Find My” feature for phones (and other devices too). Android users can get a step-by-step walkthrough on Google’s Android support page as well.

3. Learn how to remotely track, lock or erase your phone.

In the event of your phone getting lost or stolen, a combination of device tracking, device locking, and remote erasing can help protect your phone and the data on it.

Different device manufacturers have different ways of going about it. But the result is the same — you can prevent others from using your phone, and even erase it if you’re truly worried that it’s in the wrong hands or gone for good. Apple provides iOS users with a step-by-step guide, and Google offers up a guide for Android users as well.

4. Back up your stuff in the cloud.

Thanks to cloud storage, you might be able to recover your photos, files, apps, notes, contact info, and more if your phone is lost or stolen. Android owners can learn how to set up cloud backup with Google Drive here, and iPhone users can learn the same for iCloud here.

5. Update your phone’s operating system and apps.

Keep your phone’s operating system up to date. Updates can fix vulnerabilities that hackers rely on to pull off their malware-based attacks — it’s another tried-and-true method of keeping yourself safer and your phone running great too.

The same goes for the apps on your phone. Ideally, set them up to update automatically so that you don’t have to take extra time to do it yourself. Also, look for opportunities to delete old apps and any data linked with them. Fewer apps on your phone means fewer vulnerabilities. And less data in fewer places can reduce your exposure to data breaches.

6. Stick with official app stores.

Legitimate app stores like Google Play and Apple’s App Store have measures in place that help ensure that apps are safe and secure. And for the malicious apps that sneak past these processes, Google and Apple are quick to remove them once discovered, making their stores that much safer. Meanwhile, third-party app stores might not have these measures in place. Further, they might be a front for hackers looking to spread mobile malware through malicious apps.

7. Go with a strong app recommendation.

Yet better than combing through user reviews yourself is getting a recommendation from a trusted source, like a well-known publication or from app store editors themselves. In this case, much of the vetting work has been done for you by an established reviewer. A quick online search like “best fitness apps” or “best apps for travelers” should turn up articles from legitimate sites that can suggest good options and describe them in detail before you download.

That’s not to say that you should overlook user reviews. Certainly, legitimate reviews can be a big help. Look closely at the listing, though. Check out the developer’s track record. Have they published several other apps with many downloads and good reviews? A legit app typically has quite a few reviews, whereas malicious apps may have only a handful of (phony) five-star reviews. Lastly, look for typos and poor grammar in both the app description and screenshots. They could be a sign that a hacker slapped the app together and quickly deployed it.

8. Keep an eye on app permissions.

Another way hackers weasel their way into your device is by getting permissions to access things like your location, contacts, and photos — and they’ll use sketchy apps to do it. So check and see what permissions the app is requesting. If it’s asking for way more than you bargained for, like a simple game wanting access to your camera or microphone, it might be a scam.

Delete the app and find a legitimate one that doesn’t ask for invasive permissions. If you’re curious about permissions for apps that are already on your phone, iPhone users can learn how to allow or revoke app permission here, and Android can do the same here.

9. Spot scam texts and their bad links.

Scam texts seem like an unfortunate fact of life. Scammers can blast thousands of phones with texts that contain links to phishing sites and to others that host malware. Our Text Scam Detector puts a stop to scams before you click — detecting any suspicious links and sending you an alert. And if you accidentally tap that bad link, it can still block the site for you.

10. Protect your smartphone with security software.

With all that we do on our phones, it’s important to get security software installed on them, just like we install it on our computers and laptops. Whether you go with comprehensive online protection software that secures all your devices or pick up an app in Google Play or Apple’s App Store, you’ll have malware, web, and device security that’ll help you stay safe on your phone.

[i] https://www.mcafee.com/content/dam/consumer/en-us/docs/reports/rp-connected-family-study-2022-global.pdf

[ii] https://arxiv.org/abs/1709.04959

 

The post 10 Quick Tips for Mobile Security appeared first on McAfee Blog.

An FBI and CISA alert highlighted false claims of breaches of voter registration databases, designed to undermine confidence in US elections

Over 600 patients and employees of Lehigh Valley Health Network in Pennsylvania had their medical record photos hacked and posted on the internet

Microsoft will introduce new security capabilities for solution providers outside of kernel mode, preventing events like the CrowdStrike global outage

This is an odd story of serving squid during legislative negotiations in the Philippines.

Over the summer, I gave a talk about AI and democracy at TedXBillings. The recording is

With less than 60 days left until Election Day, the digital landscape has become a battleground not just for votes but for your personal security. With political ads, fake voter registration sites, and disinformation campaigns cropping up everywhere, it’s essential to stay vigilant against common election scams and election manipulation schemes. Here’s how you can navigate this crucial time safely.

Understanding Misinformation vs. Disinformation

Before diving into specific scams, it’s important to differentiate between misinformation and disinformation. Misinformation refers to false or misleading information shared without malicious intent, often due to ignorance or misunderstanding. Disinformation, on the other hand, is deliberately false or misleading information spread with the intent to deceive, manipulate, or sway public opinion.

Knowing the difference is crucial because it influences how you approach and verify the information you encounter. Disinformation campaigns are often more sophisticated and can be more challenging to detect, making it essential to keep a healthy dose of skepticism while navigating this election season.

Spotting Fake Voter Registration Sites

One prevalent scam during election season is fake voter registration websites. These sites may look official but are designed to steal your personal information. They often appear as pop-ups or ads on social media and search engines.

To protect yourself:

1. Verify URLs: Always check the web address. Official voter registration sites will have a .gov domain or be clearly linked from official government websites.
2. Register Directly: Instead of clicking on links, navigate directly to your state’s official election website to begin the registration process. A nonpartisan site like Vote.org can help you easily figure out how to register to vote in your state.

Avoiding Donation Scams

When you’re excited about a political candidate, it’s natural to want to support their campaign by sending them a donation. Scammers prey on that excitement by creating fake donation websites to try to take money from unsuspecting individuals. TikTok banned requests for political donations on their platform because of the prevalence of these types of scams.

To avoid sending money to scammers:

1. Use Official Platforms: Donations to Democratic candidates typically go through the online fundraising platform ActBlue and Republication donations go through WinRed. That’s because there are specific donor verification requirements that candidates must follow in order to comply with campaign finance laws. Beware of any political donation website that is not using these platforms.
2. Avoid Informal Channels: Avoid sending donations or personal information through informal communication channels like WhatsApp.

Identifying Misleading Political Ads

Political ads are ubiquitous during election season, with political ad spending projected to be $10.2 billion in 2024. But not all political ads are created equal. Misleading or false ads can be crafted to manipulate voters by presenting distorted facts or outright lies.

To discern the truth:

1. Check Sources: Look for the source of the information presented in the ad. Reputable ads usually cite credible sources.
2. Cross-Check Information: Verify the claims made in ads with multiple trusted news outlets. If the information is true, it should be corroborated across various sources.
3. Beware of Emotional Appeals: Ads that heavily appeal to emotion rather than fact are often designed to bypass rational analysis and provoke an immediate reaction.

Navigating Social Media and Disinformation Campaigns

Social media is a double-edged sword during elections. While it offers a platform for legitimate discourse, it’s also a breeding ground for disinformation. Social media amplifies both credible information and disinformation due to its algorithms prioritizing engagement over accuracy, making sensational or misleading content more likely to be seen and shared. The anonymity and ease of content creation on these platforms enable the rapid spread of false narratives, which can be difficult to counteract amidst the sheer volume of information circulating.

You might encounter false content designed to manipulate voter perceptions. To navigate this:

1. Validate Sources: If you come across shocking or dubious claims, validate them through reliable fact-checking sites such as FactCheck.org.
2. Engage with Caution: Avoid sharing or engaging with content that hasn’t been verified. Engaging with such content, even by commenting to try to fact-check it, can inadvertently spread misinformation.

Beware of Deepfakes

Advances in artificial intelligence (AI) have led to easily created realistic deepfakes—manipulated videos or images that can spread false narratives. Earlier this year, a fake robocall using AI voice-cloning technologies tried to influence voters in the New Hampshire primary.

Our mission is to help you navigate these challenges effectively. For decades, McAfee has stood as a reliable source of information and guidance. This election season, we are helping to discern what is real versus what is fake through our new Deepfake Detector, the world’s first automatic and AI-powered deepfake detector. Trained on close to 200,000 samples and counting, Deepfake Detector can identify and alert consumers within seconds of AI-altered audio being detected in videos.

To detect deepfakes on your own:

1. Scrutinize the Details: AI-generated videos often have small inconsistencies when trying to portray humans. Is there unnatural blinking, odd eye movements, or unusual-looking hands or teeth? Does the audio not quite match the speaker’s lips or have a distorted quality?
2. Use Your Judgment: If someone is saying or promoting something unexpected via video or audio, pause and question whether it’s One deepfake earlier this year had an AI version of Taylor Swift promising to send Swifties a free Dutch oven. Fans of Taylor Swift could avoid this scam by realizing that such a promotion would be highly out of character for their favorite singer, who is not known for promoting products in this way, and by checking her official channels to see if she had said anything about the promotion there.

By understanding the types of scams and misinformation that proliferate during election season and implementing these practical tips, you can confidently and securely engage in the democratic process. Protecting your personal information and making informed decisions is not just about securing your vote—it’s about safeguarding the integrity of your digital presence and ensuring that your voice is heard clearly and accurately.

The post How to Avoid Common Election Scams appeared first on McAfee Blog.