Tag Archive for Webroot

| November 16, 2019
Comments Off on Why Don’t Users Protect Themselves

Why Don’t Users Protect Themselves

Why Don't Users Protect ThemselvesA new report (PDF) from recently swallowed and swallowed again Webroot, says that American technology users overestimate their levels of cyber hygiene. Cyber hygiene is a cybersecurity risk mitigation technique introduced by Vinton Cerf in 2000 where you train yourself to think proactively about your cybersecurity. The goal is to resist cyber threats and online security issues to protect and maintain IT systems and devices and implement cybersecurity best practices, just as you do with your daily personal hygiene.

Webroot logoThe report says U.S. users do not know how to protect themselves from cyber threats. Americans are overconfident in the perceived protection they have. The endpoint security and threat intelligence provider found that 88% of interviewed Americans believe they are taking the appropriate steps to protect themselves from cyber-attacks.

Their confidence is misplaced. Instead, Americans have only a surface-level understanding of the most common types of cyber threats according to Webroot. We can recognize some of the names of the most common cyber-attacks such as malware (79%) or phishing (70%), but for most, that’s where their knowledge ends. Very few (less than 1 in 3) actually know what these common cyber-attacks are or what they do.

While Americans claim to have heard of some of the most common cyber-attack terms when prompted, very few actually understand what those cyber-attacks are. When asked about critical cyber-hygiene issues like malware, backups passwords, and identity theft surveyed Americans reported:

20% update their AV software regularlyMalware – 79% have heard of malware, but only 28% can confidently explain what it is. 82% are using some sort of AV software on their personal devices. 62% of those who use AV software use a free product. Only 20% update their AV software each time they are prompted.

Backups – are another weakness. 78% of respondents report backing up their data. However, 57% are still leaving themselves susceptible to risk by only backing up using one method, rather than backing up online (cloud) and offline.

  • 22% rarely or never backup their data.34% Automatically backup to the cloud
  • 27% Backup to an external hard drive
  • 24% Backup to a USB stick
  • 22$ backup locally on My Computer
  • 17% backup manually to the cloud
  • 22% rarely or never back up their data.

Among those who are backing up their information by uploading it to the cloud, only 43% are taking the extra step in ensuring that it’s stored in an encrypted format.

33% of Americans admit to sharing their passwordsPasswords – Followers of Bach Seat know that passwords suck and the Webroot report confirms it. 33% of Americans admit to sharing their passwords with others. To make matters worse, 63% are reusing passwords across multiple accounts. The research found that Americans have on average 9 passwords for 17 accounts.

Mobile – While on the go, 67% of Americans use public Wi-Fi, but only 35% take the extra step to protect themselves by using a VPN. Additionally, 34% use a work device as their primary personal device at home.

Identity theft 74% of Americans believe their identity stolen has never been stolen.

According to the Webroot whitepaper, the 5 most cyber risky U.S. states are:

  1. Mississippi most cyber risky stateMississippi
  2. Louisiana
  3. California
  4. Alaska
  5. Connecticut

The 5 least risky U.S. states are

  1. New Hampshire least cyber risky stateNew Hampshire
  2. North Dakota
  3. Ohio
  4. Idaho
  5. Kentucky

rb-

According to the research conducted by Wakefield for Webroot, Michigan ranked 31 among the 50 states. Overall, the average home user scored a 60% for cyber-hygiene. The researchers also found that those who they classified as “Superstars” tended to be:

  • A Boomer
  • Married or in a relationship
  • Suburbanite
  • Not a parent.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| November 4, 2014
Comments Off on What is Ransomware?

What is Ransomware?

What is Ransomware?Ransomware is a nasty form of malware. It is also known as data kidnapping. It locks up your computer by encrypting your data and then demanding you pay a fee to unlock them. The fee is usually in Bitcoins. The decryption key may or may not unlock your files. Ransomware can be terrifying. We rely so completely these days on our PCs that to stare helplessly at yours—often with a racy image on the screen—is frustrating and crippling to your productivity. Cybercriminals may use one of several tactics to extort money from their victims.

Tactics to extort money

1. After a victim discovers he cannot open a file, he receives an email ransom note demanding a relatively small amount of money in exchange for a private key. The attacker warns that if the ransom is not paid by a certain date, the private key will be destroyed and the data will be lost forever.

2. The victim is duped into believing he is the subject of a police inquiry. After being informed that unlicensed software or illegal web content has been found on his computer, the victim is given instructions for how to pay an electronic fine.

Avoid sketchy websites3. The attackers sneak malware onto a computer, usually by a drive-by download, which encrypts the victim’s data but does nothing else. In this approach, the data kidnapper anticipates that the victim will look on the Internet for how to fix the problem and makes money by selling anti-ransomware software on legitimate websites.

Cut your ransomware risks

Here are tips that cut your risk of becoming a victim.

1. Avoid sketchy websites, searches, and downloads. You know the old expression “You can’t cheat an honest man”? Well, many (though not all) ransomware infections begin when a user surfs to pornographic or gambling websites, while others start with a click on a suspicious link. Steer clear of sites known to house malware, and never click a link in an email unless you know it is legit.

2. Back up your data. Experts stress that the single biggest thing that will defeat ransomware is having a regularly updated backup. That way, if you are beset by ransomware, you can restore your system while losing relatively little work.

3. Update your software regularly. Ransomware, like most malware threats, may sneak onto your PC through a known flaw in your operating system or other software programs. And hackers often rely on people running outdated software with those known vulnerabilities. You can definitely decrease the potential for ransomware if you make a practice of updating your software often.

4. Use a reputable security suite. It is always a good idea to have both anti-malware software and a firewall to help you identify threats or suspicious behavior. Malware authors often send out new variants, to try to avoid detection, which is why it’s important to have both layers of protection.

Anti-malware vendor Webroot provided this infographic that shows the prevalence of ransomware and the methods IT professionals use to deal with it.

Webroot Ransomwear infographic

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| March 20, 2012
One comment

Spyware Prevention 101

Spyware Prevention 101Spyware goes by many names, including adware, malware, crimeware, scumware, and snoopware. No matter what you call it, spyware’s purpose is still the same: to steal your personal information (PII).

steal your identity, use your credit cards, siphon funds from your bank accountsHelp Net Security says that once hackers have your personal information they can steal your identity, use your credit cards, siphon funds from your bank accounts, and more. Simply put: it’s bad news and you want nothing to do with it.

The good news, according to the article, is that spyware prevention is possible and there are many ways to keep these dangerous programs at bay. In addition to installing the right software, users can practice these computer security tips from Broomfield, CO-based Internet security firm Webroot:

  • Download software directly from the source. The article says a common way to get a spyware infection is to install free or pirated programs from file-sharing sites which have been booby-trapped with malware.
  • Set your browser security settings to “high” and protect yourself from “drive-by” downloads and automatic installations of unwanted programs.
  • Use a firewallAvoid questionable websites, such as those featuring adult material. They’re notorious for spreading spyware threats and causing users problems.
  • Use a firewall.
  • Be suspicious of email and IM.
  • Don’t open attachments unless you know the sender and are expecting a file from them.
  • Delete messages you suspect are spam (don’t even open them).
  • Avoid clicking on links within messages.
  • do not click on a link embedded in the email messageDo not give personal information to unsolicited requests even if they seem legitimate.
  • If you receive a request for personal information from your bank or credit card company, contact that financial institution directly, but do not click on a link embedded in the email message.

rb-

Amichai Shulman – CTO, Imperva posted that the credentials to a Hotmail account are worth $1.50 and a Gmail account is worth over $80 to cyber-criminals. Gmail is more valuable to the attacker because of the wide variety of other Gmail cloud services that can be accessed through Gmail credentials.

It is also likely that credentials used by a person for one application will most work on other applications as well. It is not uncommon for people to have the same username and password used for their Facebook account, their Twitter account, their Airline Frequent Flyer account, or any application that uses their Gmail account as the application account name.

That’s why spyware is bad.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| February 9, 2012
One comment

Social Network Safety Tips

Social Network Safety TipsIn case you have lived under a rock, social networking sites are very popular. LinkedIn (LNKD) has over 100 million users; 1 billion tweets are posted on Twitter each week and Facebook is approaching 1 billion users. Despite these numbers, they also open users up to more computer viruses and online threats according to a report from Webroot. A Help Net Security article details a few of the threats social network users face. They include:

Social networking malwareBogus e-mails from “friends”: The blog warns that hackers lure users into taking actions they shouldn’t. They do this by making it seem as if a friend within their social network has sent them an in-network e-mail. Only the e-mail is from a hacker who’s hijacked the friend’s account.

Malicious links or bait: This type of scam involves personal messages to users. The messages encourage victims to click on a link. Doing so can do a number of things including sending users to a fake website. There they are prompted to download and install an executable file that turns out to be a virus that infects the user’s PC explains the author.

Identity theftIdentity theft: Social network users who share personal information with their entire network of friends leave themselves vulnerable to hackers. Oversharing details like birth dates, addresses, pets’ names, and other details make it easier for attackers to guess your password and access Yout profile based on the personal information shared reports Help Net Security.

To help increase your PC protection, Webroot advises users to install updatable Internet security software and keep a few simple rules in mind, such as:

Be skeptical – E-mails, friend requests, Web site links, and other items from sources you do not know could be malware.

Social networking privacyUse privacy settingsSocial Networking sites, such as Facebook and Twitter, offer privacy settings that let you control who sees your posts and personal information. Use them to control who access to your page, contact information, etc.

Protect your password – Choose your passwords wisely, incorporate numbers, letters, and special characters, and never use the same password at more than one site.

For those who may need new internet security software, you should select a program that has a multi-level security program to:

  • Block viruses, spyware, spam, Trojans, worms, rootkits, and keyloggers;
  • Make your PC invisible to hackers;
  • Encrypt passwords and remember them for you;
  • Offer multi-layer identity protection;
  • Provide firewall security.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,