Secure Your Android from Viruses and Malware with 5 Tips



Hopefully, you haven’t had the nightmarish inconvenience on your Android from viruses and malware, which have plagued many users.

Countless headlines detail the cyber dangers associated with Android-based devices. However, don’t for a second assume you’d be safer with an iPhone. Cyber criminals chew up Apple products, too.

It’s vital to avoid the applications that hurt your Android’s software with exposure to viruses and malware.

woman smartphoneHere are five tips:

1. Do your research before installing apps

Just because you see several promotional messages for an app doesn’t mean it’s a good idea. Advertising scams are skyrocketing.

Four example, advertising scams that prey on Internet consumers have prompted four Internet companies to band together to fight the abuse.

The scams use harmless-looking ads to trick consumers into using phony tech support that actually enable cybercriminals to invade the unsuspecting owners’ devices.

So avoid advertising scams that trick you into asking for tech support.

Meantime, if you’re uncertain of the source for any of the apps, remember the phrase: “When in doubt, don’t.”

2. Install only from Google Play

Avoid the myriad of online download locations. Avoid the temptation to install free apps. For the safest downloads, use Google Play.

3. Prevent installation with the lock system

Uncheck “install from unknown sources.” Your Android should have access to Google Play. It should also have a locking mechanism that prevent apps from downloading on your phone.

In your settings, enable “verify apps from unknown sources.”

4. Read the fine print

You must check out the permissions. Even if you download from Google Play, the app will proclaim permissions. That means permissions to your phones other options.

Such accessibility is important for certain apps, but be sure to read the reasons for the access.

5. Install an anti-virus software

Downloading apps from Google Play isn’t a 100 percent guarantee of safety, despite Google’s precautions. So to be sure, install a reputable anti-virus software.

From the Coach’s Corner, here are more mobile security tips:

Security Steps for Your Mobile Device in Online Banking, Purchases — Almost 90 percent of Americans use a cell phone and more than 50 percent have smartphones, according to published reports. They also indicate 28 percent of smartphone owners use their devices for online banking.

Tips to Prevent Hacking of Your Bluetooth — Bluetooth technology, of course, allows you freedom when talking on your cell phone. But you’ll lose other freedoms if you don’t prevent scammers from exploiting your system via a trend called “bluebugging.” Beware, cybercriminals using software, are able to intercept your Bluetooth signal to hack into your phone.

8 Tips to Avoid Being Victimized by Phishing Scams — Despite all the publicity about phishing scams, even employees at a major health provider and university system are guilty of risking personal data, including medical information and Social Security numbers, for thousands of people.

BYOD, Mobile-Banking Warnings about Security Prove Prophetic — Not to be gauche, but in 2009 you saw the Internet security warning here first – mobile banking is so risky an IT security guru said don’t do it. The warning was prophetic.

Do BYOD Headaches Outweigh Benefits? Yes — More than half — 53 percent — of surveyed global businesses admit they’re not ready to defend against attacks on their employees’ bring their own device (BYOD) devices. Nearly all say their devices might have been attacked, according to a 2014 study.

We’ve gotten to that perfect crossing point where all of the things which have prevented criminals from leaping into the wireless space have been eroded.

-Gareth Maclachlan 


__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.




Security — Cybercrime Hurts Apple Products, too



For years in terms of security, Windows has been considered inferior to Macs. But no longer as a result of malware security epidemics.

If you’ve got an iPhone, get busy. Apple continues to have bugs and security issues.

Apple issued security patches for all of its operating systems on Jan. 23, 2017. The vulnerabilities were in in iOS, macOS, watchOS, tvOS, the Safari browser, and iCloud for Windows.

Apple was forced to release an update just a few days after the rollout of its iOS 8 in late Sept. 2014.

But just after going live – within 90 minutes – Apple canceled the update that was suppose to fix the software glitches because it had numerous problems.

There were hundreds of tweets by Twitter users complaining they could get any cell signals right after the update.

Apple was forced on Feb. 21, 2014 to fix a vulnerability with iOS 7.0.6.

Apple was under increasing pressure starting in 2012 to take preventative security measures by cyber experts in the wake of 600,000 malware-infected Macs.

“Myths die hard,” writes nationally known security guru Stan Stahl, Ph.D. “Users can no longer naively claim that they don’t need to be concerned with security because they use a Macintosh.”

Cybercriminals don’t discriminate

He believes cybercriminals see no difference between Mac OS X and Windows.

“It’s cold comfort that this particular vulnerability surfaced in Java-so well known as a source of attack exploits that we recommend users disable it,” he writes.

“The lesson we need to take away from the Mac OS X story is humility in the face of software complexity,” he adds.

As one of the nation’s leading authorities, Dr. Stahl is a principal at Citadel Information Group, www.citadel-information.com, in Los Angeles.

“In the 1980s I was a staff security engineer at TRW when my manager gave me a piece of wisdom that applies to the myth of Mac security,” he writes:

“There are three kinds of knowledge,” he said. “There’s what you know that you know you know. There’s what you don’t know that you know you don’t know. And there’s what you don’t know that you don’t know that you don’t know.”

Dr. Stahl warns about the dangers of the third category of what we don’t know.

“It’s this third category that is most dangerous — what we don’t know that we don’t know we don’t know,” he writes. “This-our hidden ignorance — is what gets us into trouble. Believing the myth of Mac security-jumping to the conclusion that Macs are secure because we don’t know about their insecurities-is dangerous because the myth keeps us from taking the actions necessary to protect sensitive information on our Macs.”

More about myths

“There is the myth that IT can effectively manage cyber security; that senior management doesn’t need to get involved,” believes Dr. Stahl. “There is the myth that antivirus and anti-malware solutions provide sufficient security.

“There is the myth that ‘we have nothing of interest to a cyber criminal.’ And the most dangerous myth of all-that we can be secure if we simply do A, B and C, whatever A, B and C happen to be,” he warns. “It is these and other myths that keep us from being open to what we don’t know that we don’t know we don’t know.”

His parting shot:

“When it comes to cyber security management, myths are particularly dangerous,” he writes. “Our greatest security weakness-our greatest vulnerability-lies in the security myths we believe. That’s why the stories of more than 600,000 Macs infected by the Flashback malware is so important, for it serves as a warning about the dangers of all cyber security myths.”

From the Coach’s Corner, here are more security insights:

— Our Mobile-Banking Warnings about Security Prove Prophetic

— 5 Safety Measures to Thwart Mounting Social-Network Attacks

 Who Profits from Android’s Security Issues? Not Users.

 Lesson about Passwords after Theft of 16,000+ UCLA Patient Records

— Cyber Security: Is Your Business Prepared with Precautions and Response Philosophy?

“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”

-Richard Clarke 


 __________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.





Image courtesy of Salvatore Vuono at www.freedigitalphotos.net

Identity Fraud Escalates in Smartphones, Social Media



Skyrocketing mobile malware threats amid widespread use of BYOD, bring your own devices, were on track for a $1.88 billion services market in 2013. That’s according to ABI Research.

Cybercriminals are successfully attacking vulnerabilities in individual devices and networks to an ABI report.

“Isolated and standalone security solutions will work for the individual consumer, but for organizational applications and carriers, mobile security services will take the lead,” says Michela Menting, ABI Research’s senior analyst in cyber security.

ID-100279342 tiramisustudioThe epidemic isn’t new.

There’s been another global cybercrime assault on smartphones, according to a government task force, which includes the FBI. The Internet Crime Complaint Center (IC3) waived a big red flag. In particular, it’s a threat to Android users. As a result, IC3 issued security tips for users.

Wait, there’s more.

Identity fraud jumped by 13 percent – claiming 11.6 million American adult victims in 2011, according to a study. The report indicates smartphone and social media users were heavily victimized.

The study shows seven percent of smartphone users were affected. Javelin Strategy & Research (www.javelinstrategy.com), a San Francisco bay area firm, conducted the study.

“Consumers must be vigilant and in control of their personal data as they adopt new mobile and social technologies in order to not make it easier for fraudsters to perpetrate crimes,” said James Van Dyke, president of Javelin.

Here’s an excerpt of Javelin’s four main takeaways:

Identity fraud incidents increased, amount stolen remained steadyThe number of identity fraud incidents increased by 13 percent over the past year, but the dollar amount stolen remained steady.

Social behaviors put consumers at riskSpecifically, 68 percent of people with public social media profiles shared their birthday information (with 45 percent sharing month, date and year); 63 percent shared their high school name; 18 percent shared their phone number; and 12 percent shared their pet’s name – all are prime examples of personal information a company would use to verify your identity.

Smartphone owners experience greater incidence of fraudThe survey found seven percent of smartphone owners were victims of identity fraud. This is a one-third higher incidence rate compared to the general public.

Part of this increase may be attributable to consumer behavior: 32 percent of smartphone owners do not update to a new operating system when it becomes available; 62 percent do not use a password on their home screen—enabling anyone to access their information if the phone is lost; and 32 percent save login information on their device.

Data breaches increasing and more damaging – One likely contributing factor to the fraud increase was the 67 percent increase in the number of Americans impacted by data breaches compared to 2010. Javelin Strategy & Research found victims of data breaches are 9.5 times more likely to be a victim of identity fraud than consumers who did not receive such a data breach letter.

So, hang onto your smartphone — and consider precautions with your smartphone security and social media sharing.

From the Coach’s Corner, here are related resources:

Our Mobile-Banking Warnings about Security Prove Prophetic

Using Starbucks’ WIFI? Security Pro Issues Warning and Security Checklist

5 Safety Measures to Thwart Mounting Social-Network Attacks

Who Profits from Android’s Security Issues? Not Users.

Internet Criminals to Pose Bigger Threat than Terrorists – FBI

New Cyber Attacks: Tips For Internet Security

New Cybercrime Serves as Warning to Take Defensive Precautions

Lesson about Passwords after Theft of 16,000+ UCLA Patient Records

Cyber Security: Is Your Business Prepared with Precautions and Response Philosophy? 

“There’s a lot of weirdos on the Internet.”

-Miss Texas Teen USA (1998 pageant)

__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.

Photo courtesy of tiramisustudio at www.freedigitalphotos.net

Who Profits from Android’s Security Issues? Not Users



A government task force, the Internet Crime Complaint Center (IC3) has issued a dire warning about malware. In particular, it’s a threat to Android users. As a result, IC3 issued security tips for users as early as 2011.

There’s also a version of the OpFake malware for Android – it’s incorporated in the Opera Mini mobile browser, according to ZDNet.

Users don’t know anything’s wrong until they use the legitimate software.

adamr readingAndroid user beware: other security applications are fakes, too – they’re Zeus malware. Known as “Android Security Suite Premium,” they confiscate new SMS messages to the Android user.

Messages can include passwords and other sensitive data, according to Kapersky Lab Security News Service.

Countless headlines detail the cyber dangers of Android-based devices, which is why it was announced that 22 applications were taken off the market by Google.

The operating system’s issues stemmed from malware infections.

So who can benefit? Certainly it isn’t Android users.

“We continue to advise readers to be very cautious in downloading Android applications,” wrote Stan Stahl, Ph.D., on his blog. “Applications should be downloaded only from ‘official’ stores and only after they have been ‘vetted’ as legit,” wrote the nationally known security expert.

Google removed the apps from its Android market after they fooled users into accepting hidden, fraudulent charges.

“Applications should be downloaded only from ‘official’ stores and only after they have been ‘vetted’ as legit.”

The biggest operating-system competitor to Google’s Android: Apple’s iOS.

Published reports indicate Microsoft is actively pursuing opportunities to capitalize on Android’s woes.

Blackberry, of course, has problems with profitability. New products have been slow to market. As Blackberry’s phones age and need to be replaced by business users, Apple’s products might become even more attractive in the corporate world.

And if the vulnerabilities aren’t resolved, both Apple and Microsoft should be in a position to profit.

From the Coach’s Corner, security resource links:

BYOD, Mobile-Banking Warnings about Security Prove Prophetic — Not to be gauche, but in 2009 you saw the Internet security warning here first – mobile banking is so risky an IT security guru said don’t do it. The warning was prophetic.

New Cybercrime Serves as Warning to Take Defensive PrecautionsCybercrime is only getting worse. From both sides of the Atlantic Ocean, here are three examples of countless crimes: Authorities including the Secret Service are investigating the hacking of retailer Target in 2013 – hackers stole credit and debit card data from 40 million customers.

Identity Fraud Escalates in Smartphones, Social Media — Skyrocketing mobile malware threats amid widespread use of BYOD, bring your own devices, will lead to a $1.88 billion services market in 2013. That’s according to ABI Research. Cybercriminals are successfully attacking vulnerabilities in individual devices and networks to an ABI report.

Tips to Prevent Hacking of Your Bluetooth — Bluetooth technology, of course, allows you freedom when talking on your cell phone. But you’ll lose other freedoms if you don’t prevent scammers from exploiting your system via a trend called “bluebugging.” Beware, cybercriminals using software, are able to intercept your Bluetooth signal to hack into your phone.

Why Many Healthcare Workers Are Alarmingly Responsible for Medical ID Theft — Medical identity theft is skyrocketing. It’s the fast-growing trend in ID thievery. Health-care providers apparently can’t trust their employees to use best practices in observing The Health Insurance Portability and Accountability Act (HIPAA), which has been in effect since 1996. You hear the acronym a lot in healthcare.

“Distrust and caution are the parents of security.”

-Benjamin Franklin


__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.




Photo Courtesy AdamR at www.freedigitalphotos.net


How Epsilon’s Security Flaw Threatened Millions of Businesses, Consumers



Epsilon, a major email marketing company, annually forwards billions of messages. The firm purports to be the leading op-in marketing company with more than 2,000 global customers.

Epsilon reportedly emails customers for some pretty big players, including Capitol One, Citibank, Disney, Home Shopping Network, JP Morgan Chase, Kroger, and TiVo.

As expected, Epsilon has an attractive Web site, www.epsilon.com. It touts all kinds of cutting-edge services. The site creates a favorable first impression.

ID-10074458 chanpipatBut in my April 4, 2011 visit to Epsilon’s home page and again two years later, an important element was also missing – an unfortunate omen, if you will. You see, appearances in business are important, especially first-impressions about IT security.

However, Epsilon has failed to adequately reassure its site’s visitors that it provides cutting-edge security.

In today’s IT environment, that’s more than just a gaffe. It suggests a catastrophe of monumental proportions waiting to happen. (In 2011, its branding slogan was “Marketing as Usual. Not a Chance.” Most recently, it’s been changed to “Where Intelligence Ignites Connections.”)

Unfortunately, such a security breakdown has already occurred. Indeed, on April 1, 2011, an ominous press release appeared on the company’s Web site. Unfortunately, it was not an April Fool’s joke.

Epsilon published this terse announcement:

Epsilon Notifies Clients of Unauthorized Entry into Email System

IRVING, TEXAS – April 1, 2011 – On March 30th, an incident was detected where a subset of Epsilon clients’ customer data were exposed by an unauthorized entry into Epsilon’s email system. The information that was obtained was limited to email addresses and/or customer names only. A rigorous assessment determined that no other personal identifiable information associated with those names was at risk. A full investigation is currently underway.

Security debacle

Epsilon’s notice didn’t please me. You see, the cybercriminals were already at work. Several days prior to the press-release posting on March 30, I became aware that something was amiss – phishing scams trying to entice businesses and consumers to take advantage of so-called offers.

Afterward, Threatpost reported that some of Epsilon’s customers in-turn warned their customers — here’s the warning from Disney Destinations to its customers:

“We have been informed by one of our email service providers, Epsilon, that your email address was exposed by an unauthorized entry into that provider’s computer system.  We regret that this incident has occurred and any inconvenience this incident may cause you.  We take your privacy very seriously, and we will continue to work diligently to protect your personal information,” the statement says.

“We want to assure you that your email address was the only personal information we have regarding you that was compromised in this incident. As a result of this incident, it is possible that you may receive spam email messages, emails that contain links containing computer viruses or other types of computer malware, or emails that seek to deceive you into providing personal or credit card information.”

Two morals

The two salient lessons from this security debacle:

  1. Epsilon and other companies that provide IT services need to make security more of a priority.
  2. Businesspeople and consumers need to stay alert to the dangers lurking on the Internet, and IT in general.

In conclusion, what are the solutions for this situation and to prevent more occurrences? My longtime go-to security expert is Dr. Stan Stahl of Citadel Information Group in Los Angeles. Here’s what he had to say in What You Really Need to Know to Stay Web Safe.

Further, noteworthy management lessons have evolved from the alleged data-management program at Epsilon. Obviously, Epsilon’s data management is an oxymoron. It is not managed properly. Here are Management Lessons from Epsilon’s Email-Breach Scandal.

From the Coach’s Corner, Dr. Stahl’s insights were also quoted in this business portal’s all-time most-read column: Using Starbucks’ WIFI? Security Pro Issues Warning and Security Checklist.

Dr. Stahl’s Web site: www.citadel-information.com. You can also find his informative blog.

“The single biggest existential threat that’s out there, I think, is cyber.”

-Michael Mullen


__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.





Photot courtesy of chanpipat at www.freedigitalphotos.net


What Your Company Can Do to Combat the Malware Epidemic



Arguably, the nation’s leading Internet security expert agrees with published reports that an epidemic of malware has been unleashed on the Web – and he provides solutions.

“There has been a sea change in cybercrime,” wrote Stan Stahl, Ph.D. “Threats are more sophisticated than ever, weaknesses and vulnerabilities abound. Defenses have not kept pace.”

Dr. Stahl is a principal in Citadel Information Group, and is president of the Los Angeles Chapter of the Information Systems Security Association.

                    Stan Stahl

He says every organization must look critically look at its defenses – everything from policies and employee-awareness training to modern intrusion prevention systems.

“It needs to make sure it’s employing a cost-effective defense-in-depth strategy covering all three critical security management domains,” he explained.

“It’s also a time to talk to your attorney and your insurance broker,” he adds. “Your attorney can make sure you’re aware of your legal responsibilities and can provide counsel on sharing sensitive information with 3rd parties. Your insurance broker can help you mitigate some of your security risk through cyber-insurance policies.”

He said the security-management of domains include:

1. Corporate security management

2. Security management of the IT infrastructure

3. Point-in time security of the IT infrastructure

“It’s also a time to talk to your attorney and your insurance broker,” he adds. “Your attorney can make sure you’re aware of your legal responsibilities and can provide counsel on sharing sensitive information with 3rd parties. Your insurance broker can help you mitigate some of your security risk through cyber-insurance policies.”

The malware epidemic has regularly prompted Microsoft to issue emergency patches, an event the company calls “Patch Tuesday.”

Dr. Stahl’s Web site: www.citadel-information.com, which has a link to his informative blog.

From the Coach’s Corner, here’s sampling of more critical information from Dr. Stahl:

Lesson about Passwords after Theft of 16,000+ UCLA Patient Records –  Unfortunately, we’ve learned another lesson about passwords at the expense of 16,288 patients who’ve been treated at UCLA’s network of hospitals and clinics.  The patients’ sensitive information are in the wrong hands following a burglary of a doctor.

Why Many Healthcare Workers Are Alarmingly Responsible for Medical ID Theft — Medical identity theft is skyrocketing. It’s the fast-growing trend in ID thievery, and the data shows it adversely impacted 1.42 million Americans in 2010. That’s according to a 2011 study by PricewaterhouseCoopers (PwC). PwC reports medical ID theft aggregately cost more than $28 billion.

Security Precautions to Take Following Citibank’s Second Reported Online Breach – Citibank’s admission that private information of 360,083 North American Citigroup credit card accounts was stolen by hackers in 2011, which affected 210,000 customers, serves as a warning for all businesses and consumers to take precautionary steps.

Has Security Bloom Fallen off the Rose for Macs? – For years in terms of security, Windows has been considered inferior to Macs. But no longer thanks to malware security epidemics.

Tips For Internet Security to Prepare you for New Cyber Attacks – Do you need more evidence to be diligent in using best practices for security on the Internet? According to a Web security study in 2013, Internet attacks have been impacting businesses, with the majority of them reporting significant effects in the form of increased help desk time, reduced employee productivity and disruption of business activities.

“Precaution is better than cure.”
-Johann Wolfgang von Goethe 


__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.






Internet Security Is Still an Issue, but 2010 Was a Year of Historic Malware Levels



You might be getting spam and malware these days, but fortunately it isn’t nearly as bad as it was from 2009 to 2010. On “Patch Tuesday” in August of 2010, Microsoft issued an alarmingly massive security update.

Meanwhile McAfee was publicizing its second-quarter date. It showed malware permeating the Internet on a mega scale in 2010, according to Website Magazine.

The magazine reported McAfee isolated six million malware cases in Q2 – that’s 10 million for the first half of 2010, alone.

ID-10074457 chanpipatMicrosoft’s security update included 14 security bulletins. Eight were designated as “critical” and six were deemed “important.”

In all, there were 34 vulnerabilities in Microsoft Office, Microsoft Windows, Internet Explorer, Silverlight, Microsoft XML Core Services and Server Message Block.

“The most frequently used malware included threats on portable storage devices, fake anti-virus software, software specifically targeted at social media users, AutoRun malware and password-stealing Trojans,” wrote Linc Wonham, Website Magazine’s associate editor.

“McAfee reported that approximately 55,000 new pieces of malware appeared every day around the world,” he explained.

He reported spam was down after peaking at almost 175 billion messages per day in Q3 2009.

“The most popular forms of spam in the U.S. were delivery status notifications or non-delivery receipt spam, which was also the case in Great Britain, China, Australia, Italy, Spain, Germany and Brazil.

Argentina had the world’s highest number of different spam topics with 16, according to McAfee’s report,” he explained.

The moral:

Whenever Microsoft hasn’t updated your computers, get busy. Manually download the security update.

By the way, Microsoft and Windows aren’t the only targets now. Cyber criminals chew up Apple products, too.

Identity theft has escalated in smartphones and social media. That includes Google’s security issues with its Android products. 

From the Coach’s Corner, for more tech-security information, see:

The New Face of $1 Trillion in Cybercrime on Business – Account Takeovers, Credit Card Fraud Business Web sites are facing an increasingly intense full-court press from cybercriminals – the aggregate cost of cybercrime annually, which includes prevention strategies, has exceeded $1 trillion.

Most Small Businesses Make You Vulnerable to Credit Card Fraud, ID Theft — A whopping 79 percent of companies in the U.S. and U.K. experienced Web-borne attacks in 2012, according to data released in 2013. These incidents continue to represent a significant threat to corporate brands.

What Your Company Can Do to Combat the Malware Epidemic — The nation’s leading Internet security expert, Stan Stahl, Ph.D. agrees with McAfee that an epidemic of malware has been unleashed on the Web, and he provides solutions.

“Everything yields to diligence.”
-Antiphanes

__________

Author Terry Corbell has written innumerable online business-enhancement articles, and is a business-performance consultant and profit professional. Click here to see his management services. For a complimentary chat about your business situation or to schedule him as a speaker, consultant or author, please contact Terry.

Photo courtesy of chanpipat at www.freedigitalphotos.net

Seattle business consultant Terry Corbell provides high-performance management services and strategies.