Security & Safety Resource Center

The broadcast range of a wireless access point can make internet connections available outside your home, even as far away as your street. Savvy computer users know this, and some have made a hobby out of driving through cities and neighborhoods with a wireless-equipped computer—sometimes with a powerful antenna— searching for unsecured wireless networks. This practice is known as “wardriving.”

Think twice before you respond to any request for your email address, on the web, verbally, or on paper. Spammers can harvest any email address posted on a website. If you give your email address to a company, that information is often entered into a database so that customer information and preferences can be tracked. If these email databases are sold to or shared with other companies, you can receive email that you didn’t request.

Facebook and Messenger are two of the most common mobile apps, but they both ask for extensive permissions and consume a lot of battery. One alternative is to use the Facebook mobile website, which is less resource-intensive and minimalist. You can also find third-party messaging clients like Friendly that handle all of Messenger’s functionality in a more streamlined package.

Don’t stop at antivirus software. Make sure you have your bases covered against threats such as ransomware and phishing as well, with fully featured solutions such as Total Defense Ultimate Internet Security, which provides comprehensive protection across multiple devices.

If you have an older PC you’re still using, consider installing a Linux distribution such as Ubuntu alongside the existing Microsoft Windows installation. While not inherently more secure, Linux-based operating systems are less frequently targeted by malware. Plus their hardware requirements are very minimal, meaning they’ll run well even on aging machines.

Some malware and viruses can harvest the login information and personal details necessary to conduct fraudulent transactions in your name. For that reason, you should always scan your financial statements for any mysterious charges so you can alert the institution and take corrective steps like changing your passwords.

In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. However, by asking questions, he or she may be able to piece together enough information to infiltrate an organization’s network. If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organization and rely on the information from the first source to add to his or her credibility.

You might have heard that deleting something from a device or hard disk drive doesn’t really erase it, and that’s true. Accordingly, be careful if you ever throw away a hard drive or resell an old PC since your old activities and files are theoretically still recoverable. It might make sense to use a deep deletion utility first, or to remove the drive and put it into storage.

Antivirus solutions are among the oldest cybersecurity platforms out there, and they’re still vital pieces of the protective puzzle. Suites like Ultimate Internet Security from Total Defense provide advanced virus detection and mitigation so that you can browse, buy and chat with confidence.

What’s the most sensitive transaction you conduct online? Chances are, it’s either managing an online bank account, buying something or performing some task that requires your Social Security number. In all instances, restrict these activities to devices you own, connected to trusted networks like your home Wi-Fi, cellular connection or a virtual private network.

Third-party applications may provide entertainment or functionality, but use caution when deciding which applications to enable. Avoid applications that seem suspicious, and modify your settings to limit the amount of information the applications can access.

To prevent attackers from stealing your personal information, online submissions should be encrypted so that the appropriate recipient can only read it. Many sites use Secure Sockets Layer (SSL) or Hypertext Transport Protocol Secure (https). A lock icon in the bottom right corner of the window indicates that your information will be encrypted. Some sites also indicate whether the data is encrypted when it is stored. If data is encrypted in transit but stored insecurely, an attacker who is able to break into the vendor’s system could access your personal information.

Creating passwords is both an art and a science. It should be complex enough to thwart common guessing methodologies, but easy enough to remember. One way to strike a balance is to use an abbreviated phrase interspersed with a number and a special character, if applicable. That combination will give you a long yet memorable password for each account.

The relative anonymity of the internet is appealing for bullies because it enhances the intimidation and makes tracing the activity more difficult. Some bullies also find it easier to be more vicious because there is no personal contact. Unfortunately, the internet and email can also increase the visibility of the activity. Information or pictures posted online or forwarded in mass emails can reach a larger audience faster than more traditional methods, causing more damage to the victims. And because of the amount of personal information available online, bullies may be able to arbitrarily choose their victims.
What you can do to stop cyberbullying.

Many public access points are not secured and the traffic they carry is not encrypted. This can put your sensitive communications or transactions at risk. Because your connection is being transmitted “in the clear,” malicious actors could use sniffing tools to obtain sensitive information such as passwords or credit card numbers. Ensure that all the access points you connect to use at least WPA2 encryption.

If you’re flying somewhere, you might feel compelled to post a photo or video of your boarding passes to a social network like Instagram. It’s a risky move, though, as strangers can use the information contained in its various codes to change your contact information with the airline or even alter your reservation. Handle your boarding pass as if it were a credit card to stay safe.

Ideally, you would set your security for the highest level possible. However, restricting certain features may limit some web pages from loading or functioning properly. The best approach is to adopt the highest level of security and only enable features when you require their functionality. If you determine that a site is trustworthy, you can choose to enable the functionality temporarily and then disable it once you are finished visiting the site.

If you ever want or need to change your phone number, be sure to check on your two-factor authentication (2FA) setups first. Many 2FA services use your phone number, meaning you might no longer get the needed texts or calls to access your accounts after changing. Use alternatives like authenticator apps or trusted devices instead of phone numbers for 2FA.

Some smart TVs can be controlled with simple voice commands. Voice makes it easier to change channels or open apps, while creating some new privacy risks. The TV itself might be constantly listening to your conversations to collect audio data and then sending this information to a server over an unencrypted connection. Turn off this voice-related features if you don’t absolutely need them.  

Managing the online presence of your children can be challenging. Many kids quickly become fascinated with devices like tablets and use them to play games or watch videos. These activities can be beneficial for helping them learn new concepts and keeping them occupied throughout the day, but there’s some degree of risk, too.

Automated service agents, AKA chatbots, have become increasingly important parts of customer engagement. They can be helpful, but sometimes awkward and even risky to interact with. If you get an unsolicited call asking “can you hear me?,” a voicemail saying your “warranty” (or something else you don’t even have) has expired or a chat asking you to enter sensitive information, do not engage and simply move on.

Multi-factor authentication (MFA) is a method of confirming a user’s claimed identity in which a computer user is granted access only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism: knowledge (something the user and only the user knows), possession (something the user and only the user has), and inherence (something the user and only the user is).

Just as it’s impossible to unring a bell, it’s difficult to control sensitive information divulged in emails, as it might be intercepted or surfaced in searches even long after the fact. Don’t share personally identifiable information over email if at all possible. In particular, do not hand it over in response to unsolicited requests from strangers.

Ransomware is a scourge. It denies you access to important files while demanding you pay for the right to have them back. Maintaining regular backups is a great hedge against ransomware. Instead of paying the ransom (which doesn’t guarantee safe return of your assets anyway), restore from a backup.

Backing up your data is essential. However, it’s easy to neglect since it can seem complicated. The good news is that you can make backups very straightforward with a solution such as Total Defense Ultimate Internet Security, which can automatically back up important files and allows for one-click restorations.

You can more easily manage notifications and offers from online retailers by creating an email address solely for engaging with them. This setup has the added benefit of making it easier for your to spot scam emails, which are often disguised as promotions, that wind up in your primary personal inbox.

Ultimate Internet Security from Total Defense has your back against ransomware. It updates automatically and defends against a wide range of threats without any degradation in system performance. Learn more today and be sure to chat with our team online if you have any questions about features or pricing.

End-to-end encryption means a message is protected throughout its entire journey from sender to receiver. Many common forms of communication, from email to many chat apps, don’t enforce it, though. Look for apps that provide a detailed explanation of their encryption measures, and explore encrypted email if you are worried about the contents of your inbox being exposed.

There’s nothing wrong with holding on to a phone, tablet or PC for years, with two important qualifiers. If its support has reached end-of-life and connected to the internet, you should consider moving on. Devices that meet these criteria are at heightened risk of malware infections since they contain unpatched vulnerabilities.

Decluttering is associated with wardrobes or collections of physical item such as books, but it’s just as applicable to digital assets, too – like your apps. If you’re updating apps and notice one that you haven’t used in months or even ever, delete it. You’ll be saving yourself not only a potential privacy and security risk, but also some valuable storage space.

April 2, 2003: Graybird is a Trojan horse that hides its presence on the compromised computer and downloads files from remote Web sites. There are many variations of this virus such as Backdoor.Graybird.P (the most recently discovered variation). It affected Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows XP, and Windows Vista.

Chances are that when you need technical support, you’ll reach out to the company – not the other way around. The latter situation is common with many scams, though. Someone will call or email you and ask you to take a few (likely compromising) steps, such as revealing your Social Security number or account login credentials. Never engage with a technical support member unless you’ve initiated contact via a trusted channel first.