Cyber-safety shouldn’t take a break when heading home for the holidays. Between free time, new toys, and family travel, year-end festivities pose plenty of opportunity for online compromise. So stay safe this holiday season by avoiding these 10 pitfalls.
Malicious season’s greetings
December often brings an influx of email greetings from distant family and friends, inviting recipients to “click here” to view an e-card, video, or animation. Alas, not all such messages are sincere. While some are harmless hoax-mails, cyber-criminals have been known to disguise viruses and spyware as phony season’s greetings. So don’t let holiday spirit trump common sense; open all file attachments and URLs with care.
Malicious season’s greetings
December often brings an influx of email greetings from distant family and friends, inviting recipients to “click here” to view an e-card, video, or animation. Alas, not all such messages are sincere. While some are harmless hoax-mails, cyber-criminals have been known to disguise viruses and spyware as phony season’s greetings. So don’t let holiday spirit trump common sense; open all file attachments and URLs with care.
Phishing for friends
From Facebook to Twitter, many users will use holiday down time to catch up on social networking. Unfortunately, social networking sites have become a fast-growing vector for phishing -- especially targeted phishing attacks. Was that friend invitation really sent by your old colleague Joe? Think twice before clicking – and never ever give out personal data to new “friends” that you don’t really know.
Wayward laptops
Somewhere between hotel, cab, and airport, thousands of travelers will lose laptops, PDAs, and phones this holiday season. New York’s LaGuardia airport lost-and-found alone has accumulated over 70,000 unclaimed mobile devices. So don’t leave a boarding gate, vehicle, or security checkpoint without taking a mental inventory of your electronics to ensure that all are still in your possession. Better yet, register all laptops and smartphones with services that can locate and recover or kill lost or stolen devices, such as Apple's MobileMe, Microsoft's MyPhone, or Spearstone's DiskAgent.
Hazardous hotspots
Whenever you tap Wi-Fi at a coffee shop, train station, or ski lodge, beware of fake Internet hotspots. Surveys show that viral SSIDs like “FreePublicWifi” are advertised by 5 to 10 percent of Wi-Fi clients used in highly-traveled public places. Most are fellow travelers that naively tried to connect to similarly-named fake hotspots in the past. But a few might be criminals looking to snarf logins and passwords. So avoid enticingly-named Wi-Fi peers or networks that are too good to be true, and always protect hotspot traffic using VPN tunnels or SSL/TLS sessions.
Infested public PCs
Holiday travelers that leave their own laptop at home often use someone else’s computer to check email or print a boarding pass. Whether that computer is a public PC in the hotel lobby or cousin Jane’s PC in her den, you’re swimming in potentially infested waters. Wherever possible, avoid typing in ordinary passwords that are easily captured by hidden keystroke loggers. If you can, protect public PC Internet access by using secure remote desktop or clientless VPN solutions that mitigate common public PC threats, such as such as LogMeIn, GoToMyPC, Juniper Secure Access, SonicWALL Aventail, or F5 FirePass.
Unattended logons
Whether you’re taking a quick break or hitting the road, remember to log out of all authenticated browser and VPN sessions, clear the browser’s cache of saved pages and passwords, and exit all programs. When leaving your own laptop unattended, password-lock the screen – or, better yet, shutdown and lock it away in a hotel room safe. Exercising a little forethought and caution can help you avoid wasting precious holiday time dealing with the consequences of unauthorized laptop use or theft.
Neglected USB drives
Oft-times, the smallest possessions are the easiest to forget or drop. Holiday travelers who remember to safeguard laptops and smartphones can still leave USB thumb drives plugged into public PCs, under guest room beds, wedged into airline seats, or skittering about rental car trunks. The files saved on those lost drives could come back to bite you – unless you’ve protected that removable drive’s content with data encryption. The same goes for data on devices that double as USB storage, such as MP3 players and iPods.
Internet skinny-dipping
Hundreds of thousands of families will unwrap a brand new computer this holiday season. While most new computers are now delivered with trial antivirus software, recipients anxious to use these gifts don’t always take the time to activate virus and spyware protection or download current signatures and OS patches. Using the Internet without desktop security is never a good idea; get that computer up to snuff before the kids start visiting Websites, downloading games, and instant messaging their friends.
Not-so-safe smartphones
Small children aren’t the only users who go online from new unsecured devices. From DROIDs to iPhones, many adults and teens will receive consumer smartphones they’ve been pining for this holiday season. And most will immediately start configuring them with usernames and passwords for Gmail, Yahoo!, iTunes, Twitter, Facebook, and perhaps a corporate Exchange server. Unfortunately, a far smaller number will protect those phones with strong authentication—much less data encryption—creating an easy avenue for personal and business identity theft. Always enable built-in smartphone security measures and fill any gaps by downloading third-party security apps.
Dangerous downloads
Finally, use common sense when downloading games, file sharing tools, streaming clients, and other third-party apps this holiday season. Downloads are a fun way to get more from electronic gifts – especially free apps from marketplaces and app stores. Some sites (e.g., Apple, BlackBerry) scrutinize accepted apps. Some don’t, but deliver explicit warning about functions used by each app (e.g., Android). Understand what apps do before installing them and be wary of unsigned apps from unknown developers. If possible, use antivirus/spyware to detect any downloaded malware.
source: www.esecurityplanet.com
From Facebook to Twitter, many users will use holiday down time to catch up on social networking. Unfortunately, social networking sites have become a fast-growing vector for phishing -- especially targeted phishing attacks. Was that friend invitation really sent by your old colleague Joe? Think twice before clicking – and never ever give out personal data to new “friends” that you don’t really know.
Wayward laptops
Somewhere between hotel, cab, and airport, thousands of travelers will lose laptops, PDAs, and phones this holiday season. New York’s LaGuardia airport lost-and-found alone has accumulated over 70,000 unclaimed mobile devices. So don’t leave a boarding gate, vehicle, or security checkpoint without taking a mental inventory of your electronics to ensure that all are still in your possession. Better yet, register all laptops and smartphones with services that can locate and recover or kill lost or stolen devices, such as Apple's MobileMe, Microsoft's MyPhone, or Spearstone's DiskAgent.
Hazardous hotspots
Whenever you tap Wi-Fi at a coffee shop, train station, or ski lodge, beware of fake Internet hotspots. Surveys show that viral SSIDs like “FreePublicWifi” are advertised by 5 to 10 percent of Wi-Fi clients used in highly-traveled public places. Most are fellow travelers that naively tried to connect to similarly-named fake hotspots in the past. But a few might be criminals looking to snarf logins and passwords. So avoid enticingly-named Wi-Fi peers or networks that are too good to be true, and always protect hotspot traffic using VPN tunnels or SSL/TLS sessions.
Infested public PCs
Holiday travelers that leave their own laptop at home often use someone else’s computer to check email or print a boarding pass. Whether that computer is a public PC in the hotel lobby or cousin Jane’s PC in her den, you’re swimming in potentially infested waters. Wherever possible, avoid typing in ordinary passwords that are easily captured by hidden keystroke loggers. If you can, protect public PC Internet access by using secure remote desktop or clientless VPN solutions that mitigate common public PC threats, such as such as LogMeIn, GoToMyPC, Juniper Secure Access, SonicWALL Aventail, or F5 FirePass.
Unattended logons
Whether you’re taking a quick break or hitting the road, remember to log out of all authenticated browser and VPN sessions, clear the browser’s cache of saved pages and passwords, and exit all programs. When leaving your own laptop unattended, password-lock the screen – or, better yet, shutdown and lock it away in a hotel room safe. Exercising a little forethought and caution can help you avoid wasting precious holiday time dealing with the consequences of unauthorized laptop use or theft.
Neglected USB drives
Oft-times, the smallest possessions are the easiest to forget or drop. Holiday travelers who remember to safeguard laptops and smartphones can still leave USB thumb drives plugged into public PCs, under guest room beds, wedged into airline seats, or skittering about rental car trunks. The files saved on those lost drives could come back to bite you – unless you’ve protected that removable drive’s content with data encryption. The same goes for data on devices that double as USB storage, such as MP3 players and iPods.
Internet skinny-dipping
Hundreds of thousands of families will unwrap a brand new computer this holiday season. While most new computers are now delivered with trial antivirus software, recipients anxious to use these gifts don’t always take the time to activate virus and spyware protection or download current signatures and OS patches. Using the Internet without desktop security is never a good idea; get that computer up to snuff before the kids start visiting Websites, downloading games, and instant messaging their friends.
Not-so-safe smartphones
Small children aren’t the only users who go online from new unsecured devices. From DROIDs to iPhones, many adults and teens will receive consumer smartphones they’ve been pining for this holiday season. And most will immediately start configuring them with usernames and passwords for Gmail, Yahoo!, iTunes, Twitter, Facebook, and perhaps a corporate Exchange server. Unfortunately, a far smaller number will protect those phones with strong authentication—much less data encryption—creating an easy avenue for personal and business identity theft. Always enable built-in smartphone security measures and fill any gaps by downloading third-party security apps.
Dangerous downloads
Finally, use common sense when downloading games, file sharing tools, streaming clients, and other third-party apps this holiday season. Downloads are a fun way to get more from electronic gifts – especially free apps from marketplaces and app stores. Some sites (e.g., Apple, BlackBerry) scrutinize accepted apps. Some don’t, but deliver explicit warning about functions used by each app (e.g., Android). Understand what apps do before installing them and be wary of unsigned apps from unknown developers. If possible, use antivirus/spyware to detect any downloaded malware.
source: www.esecurityplanet.com
2 comments:
Great tips. I always wonder about how secure the internet connections are when I'm traveling. If you need to do work during your travels, or just access your home computer, RHUB's 4-in-1 appliance www.rhubcom.com is worth looking into. Its appliance gives you secure remote access and web conferencing abilities.
I use www.diskagent.com and I love it! Their support rocks and their software is cool - I have been amazed at the new features they bring to market...
Post a Comment