Facebook scams are unfortunately alive and well, with trending topics utilizing “Reward Offers” for the likes of free airline tickets and cheap Super Bowl tickets. Unwitting Facebook users run the risk of sharing their personal data and passwords with scammers or getting their accounts taken over, exposing sensitive information such as credit card information that may be stored on Facebook apps.
The BBB. warns of the risks of falling for Like Farming - where users are encouraged to Like and Share posts that belong to a page, usually designed to tug on your heartstrings. In the typical bait-and-switch method, at a certain point, scammers will strip the page of its content, replacing it with promoted for-sale content that the page owner makes a commission on. These pages may also be used to point followers to click on sites that host malware or convince them to share personal details. Users are encouraged to report such pages to Facebook, which usually quickly take these sites down.
Social media is a prime phishing ground - don’t be too keen to share your personal details.
Beware offers that are “too good to be true” because they usually are.
Here’s an example of a Facebook scam page that’s already been removed.
Cyber security is like art, everyone loves to talk about it but no one agrees on how to define it, and there isn’t one piece of it that can represent the full spectrum. So when it comes to building your internet security strategy, you’ll need to protect yourself and your devices from as many threats as possible. The only way to do this is with a multi-layered defense, offering you protection from human-recognized scams and machine-recognized malicious code.
Whether you’re putting together a plan for protecting your personal computer or work environment, the first thing to do is assess your vulnerabilities. Once you fully understand where you are most vulnerable you can develop a strategy that will mitigate risks and implement your plan.
What are the different types of online threats?
- Malware - malicious software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.
- Phishing - fake emails, websites and text messages that are designed to fool you into giving away personal information.
- Scams - these can be any type of fraud designed to steal money, personal information, or anything else of value.
- Botnets - bots are vulnerable computers that have been infected with specialized malware, botnets are a network of these infected devices.
- DDoS Attack - a malicious user commands botnets to contact a specific website over and over again, causing it to slow and sometimes shut down completely.
- Spam - mass distribution of unwanted messages, usually in email form, designed to slow servers, phish for private information, and/or install malware.
- Spyware - collects your personal information without your knowledge.
- Viruses - can turn your computer into a bot, steal your information, allow hackers to take over your computer, and can spread to other computers.
What can you do to protect yourself from these online threats? Combine several online security tools to minimize risk and disrupt efforts to access your device. Here are a few of the essentials:
- Firewall - restricts incoming access to your device, screens hackers, viruses and other malware before they reach your computer.
- Filter - prevents you (or anyone else using your computer) from visiting sites that may host malware and phishing attempts.
- Antivirus software - designed to detect and destroy computer viruses, they must be kept up to date.
- Website reputation tool - uses 3rd party lists and human experiences to aggregate site trustworthiness ratings, warning users of scams and phishing attempts before it’s too late.
Smart practices & tips:
- Use caution when visiting unfamiliar sites and clicking links.
- Avoid opening email attachments from unfamiliar addresses.
- Keep your software and browsers up to date.
- Regularly backup your data on an external storage device.
Putting it all together
Combined, these preventative measures and smart practices can go a long way toward keeping your device safe. Remember that while there is no one perfect solution to protect your computer, the best thing to do is adapt to the threats, remain vigilant and stay up to date on threats and attacks from reliable sources. Take action now and start building your muti-layered online security solution before it’s too late.
While governments, security companies and software developers invest a great amount of effort in predicting and preparing for future threats, it is extremely difficult to build the “perfect” solution, which is why one doesn’t exist yet. In order to build an adaptable and customizable solution for their security concerns, organizations and individuals deploy multi-layered protection for their devices and sensitive information. WOT’s millions of annual trustworthiness ratings can help us identify trends and important data points to monitor in 2016. Although history is not destiny, 2015’s numbers give us insights from which we can make educated decisions on where to put our efforts as we move forward into the new year. Here are some of the most interesting stats from WOT in 2015.
The proportion of red WOT ratings attributed to both Malware/Viruses and Phishing. With just over 20% each, both of these account for 40.6% of the reported reasons behind red ratings. In an article we recently shared, phishing compromised an undisclosed number of LastPass accounts. Due to the nature of phishing attacks, users will need to rely on crowdsourced methods of detecting and alerting other users to them before it’s too late.
*Bonus stat: Phishing reports nearly DOUBLED from Q1 to Q3.
The proportion of total negative ratings attributed to Scams. As the internet becomes more ubiquitous and shoppers shift their habits online (44.3% global market penetration in 2015), hackers and scammers exploit the weakest link in online security: people. Relying on tricks that lead people to click dangerous links and enter passwords in places they shouldn’t, scams are common and so hard to spot. The solution for this in 2016 is crowdsourced security, benefiting from the insights, experiences and research of the masses.
Popups can be annoying, very annoying. In 2015, WOT users made a statement as the number of questionable ratings due to Ads / Pop-ups increased by 150%. Website owners need to let this figure sink in, as these monetization methods can have a strong negative impact in both user experience and site reputation.
With a sample size of over 1 million questionable (yellow) ratings, Spam accounted for 30% of the reasons. Most of us get emails from businesses and contests that we don’t remember signing up for, (and some that just don’t make any sense.) However, this number will be very important to monitor as malware authors, phishers and spammers begin to form partnerships, realizing that they can work together to achieve their ends in a more productive manner. While spam has long resembled its namesake, generally disliked and unwanted, it’s now entering the realm of a hazard that should be closely watched.
These figures offer a broad spectrum of insight, which can help you decide what layers of protection you might want to add to your web security strategy as well as best practices for website owners to improve user experience. In 2016, we’ll continue monitoring these rating trends for valuable insights.
Today is a day we all saw coming for a while. Internet Explorer has released “End of Life” notifications on versions 8, 9, and 10 of IE. What does this mean? Effective today, support for these older versions of IE will no longer be available, meaning that there will be no security patches, and no upgrades, leaving these older versions of IE vulnerable to exploitation and attack.
Dangers of Out-of-Date Browsers
The threat stems from the fact that there are no security updates and patches on out-of-date versions of browsers. Old versions of browsers often have security vulnerabilities that are known to hackers. Google regularly rewards Chrome users who find and report security vulnerabilities. Over time, browser developers compile reported and discovered bugs (which include security flaws), write patches for them and release new versions with all known vulnerabilities fixed. Users upgrade their browser with the fixes, discover new bugs and report them. Thus the cycle repeats.
How Browser Vulnerabilities Can Hurt You
It doesn’t take long for hackers to exploit these vulnerabilities and access your information while shopping, banking or browsing online. Users who continue operating outdated browsers with no security updates, such as Internet Explorer 8, 9, and 10 run the risk of exposing personal information to those who exploit these security vulnerabilities.
What You Can Do
Don’t panic. First, upgrade your browser to the newest version and regularly check for upgrades. We’ve provided a list of links to upgrade the most popular browsers below. If you’re one of the 340 million Internet Explorer users, you may want to switch to Chrome, FF, Safari or Opera. If you’re not ready to take the plunge into a new browser, you can either upgrade to IE 11 or to Microsoft Edge, which requires Windows 10.
* Extra tip: only download browsers and extensions from official stores.
From smartphones to wearables, the internet is finding more ways to play a central role in our lives, and it can host both friend and foe. What goes without question is that one can’t be too safe online. Because the average individual is not able to spot most online threats and scams, users are grouping together for large-scale protection, in what is known as called crowdsourced security. Threats are becoming more diverse, specifically designed to trick technology into letting malicious software onto your computer, and crowdsourced security is the number one way to protect yourself and your device.
Who’s After Your Information & Why
Across the industry, there is consensus that online attacks will continue to get more sophisticated in 2016. Without trying to scare you, the answer to “Who would want my information?” is, pretty much everyone. According to the FBI, predators, hackers, business competitors and foreign state actors all could have an interest in getting your personal information, for a variety of purposes. It could be used to impersonate you in order to make purchases, gain personal information from your acquaintances, or infect more devices to engineer a more sophisticated attack.
3 Places Users Are Most Vulnerable
Like water, attacks will flow to the area of least resistance. Keep the following in mind as you browse, post and shop the following:
1. Social media: Any information posted to a social media site is no longer private - the more you post, the more vulnerable you are. With at least 28% of our online time spent on social media, you should keep this in mind before posting.
2. Wearables/Internet of Things: With new technologies connected to the internet, from light bulbs, thermostats, and refrigerators to wearable technologies, there is just too much out there for antivirus software to monitor and keep safe - and hackers know this. We expect to see large-scale exploitations of weaknesses in these systems in 2016.
3. Mobile Devices: The number of mobile devices surpassed the world human population back in 2014. Some of their top vulnerabilities include insecure Wi-Fi connections, spoof networks and spyware - risky for devices with a high degree of personal information stored on them. Historically, hackers have largely focused on desktops, but that is changing in 2016.
What You Can Do
There is no one-size-fits-all product that can protect you and your devices in the long term; that would be too easy to work around. The best defense you can have is a multi-layered approach. Rather than relying solely on technology for protection, the truly multi-layered solution must include crowdsourced security. When you see an online threat on a site, you can mark it untrustworthy for yourself and others who come after you. To make the web a safer place for all, it is highly recommended that you join a crowdsourced security community to both share your experience and benefit from the expertise of others.