There’s an App for That: Keeping Your Phone Secure

By | August 18th, 2016|Online Safety|

CSIDThis summer, with the explosion of Pokemon Go, we’ve seen how a mobile app can take the world by storm. The mobile world continues to grow, and as it does, we must remember to take the necessary steps to ensure our devices remain secure. As we approach the end of summer, here’s a little back-to-school refresher on accessing the apps on your phone safely.

Check Privacy Settings
Think about the accounts you use most frequently – do you know what your privacy settings are for each of them? Whether it’s a banking app, an online retailer, or an email account, if you’re interacting with it often, you should monitor your privacy settings. Certain apps will have default settings that may share information you’re not comfortable giving out. Taking a thorough look at your settings is well worth it to maximize your privacy.

Not sure where to look for privacy settings? The National Cyber Security Alliance has created a guide with links to the security settings of several commonly used apps like Spotify and Amazon. Once your settings are up to date, your next purchase or song session will be that much more secure.

Updates Are Your Friend
Privacy settings aren’t the only thing you should update – the apps themselves need to be refreshed, too. Once an app is released into the world, developers don’t stop working on it. They’re constantly monitoring for bugs and ways to improve their product’s security, and updates pass those improvements along to users. Updates may change an app’s interface, but they also frequently provide benefits under the surface, such as eliminating glitches and offering better overall security.

If your phone isn’t already set to automatically update, turn that function on for the peace of mind that you have the most secure version of the app available.

Delete Apps You Don’t Use
Most people have at least one app on their phone that they never touch. Not only is that forgotten app taking up space on your phone, it may also be a security threat. As we mentioned earlier, there will likely be security updates for your abandoned apps that you may not be aware of, making your phone an easier target.

Depending on your device, you can either disable or permanently delete an app. If you’re an iOS user, you’ll also want to delete the apps from your iTunes account, or they will reinstall anytime you sync your phone.

Keep Your Family Secure, Too
There are several apps whose sole purpose is to hide other apps on someone’s phone. Your child may be using these types of apps to divert attention away from other apps you might not want them using. New messaging apps are constantly being developed which allow users to chat anonymously. By posing as fellow teenagers, hackers have the opportunity to mine your child’s personally identifiable information and put their identity at risk.

It’s worth taking the time to review what your kids have downloaded onto their phone, and talk to them about the potential risks of certain apps. Encourage them to mirror your privacy settings, as well.

What other tips do you have for keeping your phone secure? Join the conversation and stay up to date on the latest tips and cybersecurity news by following CSID on FacebookTwitter or LinkedIn.

Say “I Do” to Safe Digital Wedding Etiquette

By | July 15th, 2016|Online Safety|

CSIDThere’s no doubt about it, wedding season is fully upon us. Between brides researching vendors on their mobile phones and excited guests eager to share the official hashtag, wedding planning and participation is becoming increasingly digital.

While technology may bring more convenience to the planning process, nothing ruins a honeymoon quite like a case of identity theft or fraud. In the spirit of staying safe during wedding season, our friends at the National Cybersecurity Alliance and STOP.THINK.CONNECT recently shared some helpful tips that brides, and everyone for that matter, should vow to follow. Here’s a recap of a few we feel especially strongly about:

  • Make passwords long and strong: If you’re planning your special day, chances are you’re dealing with a number of online vendors. Remember to make passwords complex, using at least 12 characters with a combination of upper and lowercase letters and symbols. Be sure to use unique passwords for each account. If two-factor authentication is available, take advantage of this extra layer of security.
  • Resist the urge to share your honeymoon pictures on social: This is something we’ve discussed before on the blog, but sharing photos while you’re on vacation can alert criminals that you are away from home. Avoid the stress of hearing about a break-in while you’re on the beach, and wait to share pictures until you return. Also consider turning off location services on your mobile devices when not in use.
  • Avoid using public Wi-Fi hotspots: Whether you’re at the airport, hotel, or hopping around cafés, avoid connecting to public Wi-Fi, especially while making purchases or accessing sensitive websites like your bank account. Using public Wi-Fi can significantly increase the risk of signal sniffing and identity theft. The convenience is not worth the security trade-off. Consider a VPN if you’re looking to connect securely on the go.

Are you taking the plunge and committing to safe digital practices? We’d love to hear from you. Join the conversation on FacebookTwitter and LinkedIn and be sure to check out the full list of tips for digital bliss from our friends at the National Cybersecurity Alliance and STOP.THINK.CONNECT.

News Recap: WireLurker Malware

By | November 6th, 2014|Uncategorized|

WireLurkerResearchers at Palo Alto Networks announced this week that they have unearthed a new malware strain that targets Apple products. The malware has been dubbed “WireLurker.”

Brett Molina, of USA Today, reported, “security researchers have discovered new malware targeting Apple’s iOS mobile operating system and OS X for Macs that can be transmitted through USB connections.” Molina noted, “Thus far it’s limited to users in China who have downloaded infected apps from a third-party app store there. But security experts worry that with this ‘proof of concept’ example, it could spread.” Molina explained the significance of the discovery saying, “Historically Apple devices have been considered relatively safe from the viruses and malware that have long infected PCs and, increasingly, Android products.”

Help Net Security stated that WireLurker is “the first malware family to infect installed iOS applications in a way typical for a traditional virus. It is also the first malware that automates the generation of malicious iOS applications through binary file replacement.” Help Net Security summed up the purpose of the malware stating, “The OS X malware’s mission is to collect information about the iOS device connected to it and to infect it. The iOS malware’s [purpose] is to collect user data and send it to a server controlled by the attackers.”

WireLurker is yet another example of how malware attacks are so prevalent – even on mobile operating systems. What can users do protect their devices as well as their information from an attack like WireLurker? Let us know your thoughts on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

Location Based Marketing: Ethics and Privacy Concerns

By | August 21st, 2014|Uncategorized|

WiFi SnoopingThey can see where you go, how often, how long you stay there and what time you typically leave. No, we’re not talking about cyber criminals. We’re talking about retailers.

In 2014, location based marketing has become an increasingly popular marketing tool for businesses to evaluate consumers’ habits and preferences. Trackers collect pings from your cell phone and are able to tell businesses a wealth of information about you including the times you shop, where you shop, how long you stay in a store and how often you frequent a store. Businesses then take this information and decide how to best sell their product to you.

“It’s one of the technologies that almost every retailer is using, testing, or looking to use in 2014,” said Jules Polonetsky, executive director of the Future of Privacy Forum, in the Financial Post.

This new method of tracking has many concerned about personal privacy. In a recent survey by Punchtab, more than 50 percent of participants did not want to be tracked by retailers at all. About 27 percent were open to it, under certain circumstances. Of the 50 percent of consumers who preferred not to be tracked, most cited “privacy” as the number one reason why. Those who were open to tracking by retailers were willing to exchange some of their data for coupons or special offers, among other reasons.

What’s most concerning about location based marketing from a privacy perspective is that many consumers are unaware they are being tracked. This method of marketing is legal and businesses often slip the disclosure that they are tracking you into lengthy terms of service contracts that are unlikely to be read.

According to Marketing Week, there are a number of apps you can use to block mobile tracking, including Xprivacy, Ghostery and AVG PrivacyFix. Not only do these applications protect your mobile device via blocking, they also control permissions for data use.

To hear more about this topic, you can vote to see CSID’s CIO Adam Tyler at SXSW 2015, where he will take a deep dive into mobile tracking and what consumers should do to protect themselves and what businesses need to do to protect their shoppers. Check out his panel, Wi-Fi Privacy: When Sniffing Becomes Snooping, and vote!

Let us know what you think about location based marketing by connecting with us on Twitter, Facebook and Tumblr.

News Recap: Mobile Security at Black Hat Conference

By | August 1st, 2014|Uncategorized|

Mobile Security_080114Mobile security will be a major focus during next week’s Black Hat Security Conference in Las Vegas. During the conference, Mathew Sonik, a 20-year-old security consultant at Accuvant, Inc., along with several others, will be presenting their mobile hacking techniques.

According to Danny Yadron of The Wall Street Journal shared, Solnik and his associates “can take over a smartphone from 30 feet away without alerting the user or the phone company. Then, he can turn the phone into a live microphone, browse its contacts or read its text messages.” Why would a hacker want to do this?

“Smartphones are constantly connected to the Internet, infrequently updated and are challenging to secure,” Solnik explains. “They’re rich targets, recording pictures, names of associates and conversations.”

While all mobile devices have security threats, Android devices tend to be at higher risk for attacks from cyber criminals. In fact, this week, Tereza Pultarova of Engineering and Technology Times reported a particular cyber threat facing Google’s Android mobile devices pulling from a survey of behavior of smartphone users. According to Pultarova, “Sensitive financial and personal information of Android smartphone users could have been accessed by hackers since 2010 due to a previously unknown vulnerability.” Pultarova further reports that the “vulnerability allowed attackers to use malicious software to mimic other, legal apps, thus gaining access to data stored in smartphones without having to request the user’s consent.”

Google quickly offered a patch for the vulnerability, but “a survey of behavior of smartphone users, compiled by mobile phone comparison site, revealed that not only do users not install security software, most of them don’t even have measures in place to protect unauthorized access to the information stored in their gadgets in the case of theft.”

What sort of security measures do phone manufacturers and network providers need to take to protect against these threats? How can consumers protect their information on their mobile devices? Tell us know what you think on Twitter and Facebook, and be sure to check out our Tumblr for the latest industry news stories.

For more information on mobile security check out our whitepaper, When Good Technology Goes Bad: Evolution of Mobile Technology.

Load More Posts