Home + Mobile

Girl Scouts and OpenText empower future leaders of tomorrow with cyber resilience

The transition to a digital-first world enables us to connect, work and live in a realm where information is available at our fingertips. The children of today will be working in an environment of tomorrow that is shaped by hyperconnectivity. Operating in this...

World Backup Day reminds us all just how precious our data is

Think of all the important files sitting on your computer right now. If your computer crashed tomorrow, would you be able to retrieve your important files? Would your business suffer as a result? As more and more of our daily activities incorporate digital and online...

3 Reasons We Forget Small & Midsized Businesses are Major Targets for Ransomware

The ransomware attacks that make headlines and steer conversations among cybersecurity professionals usually involve major ransoms, huge corporations and notorious hacking groups. Kia Motors, Accenture, Acer, JBS…these companies were some of the largest to be...

How Ransomware Sneaks In

Ransomware has officially made the mainstream. Dramatic headlines announce the latest attacks and news outlets highlight the staggeringly high ransoms businesses pay to retrieve their stolen data. And it’s no wonder why – ransomware attacks are on the rise and the...

An MSP and SMB guide to disaster preparation, recovery and remediation

Introduction It’s important for a business to be prepared with an exercised business continuity and disaster recovery (BC/DR) plan plan before its hit with ransomware so that it can resume operations as quickly as possible. Key steps and solutions should be followed...

Podcast: Cyber resilience in a remote work world

The global pandemic that began to send us packing from our offices in March of last year upended our established way of working overnight. We’re still feeling the effects. Many office workers have yet to return to the office in the volumes they worked in pre-pandemic....

5 Tips to get Better Efficacy out of Your IT Security Stack

If you’re an admin, service provider, security executive, or are otherwise affiliated with the world of IT solutions, then you know that one of the biggest challenges to overcome is efficacy. Especially in terms of cybersecurity, efficacy is something of an amorphous...

How Cryptocurrency and Cybercrime Trends Influence One Another

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. In particular, trends in Bitcoin values tend to be the bellwether you can use to predict how other currencies’ values will shift, and there are usually...

3 Tips for Securing Your Home WiFi Networks

Once your home WiFi network is up and running and your family’s devices are connected, it’s normal to turn a blind eye to your router. After all, it’s mostly out of sight and out of mind. Unfortunately, that small, seemingly harmless box isn’t as secure as you may think.

Your router is your gateway to the internet. Once it’s compromised, cybercriminals may be able to view your browser history, gain access to your login information, redirect your searches to malicious pages, and potentially even take over your computer to make it part of a botnet.

Attacks like these are becoming all too common. Last year, we saw a prime example when hackers gained access to routers from various manufacturers and infected consumers’ devices with malicious advertising (also known as malvertising).

In a more recent attack, hackers entered WordPress sites through their owners’ unsecured home routers. After hacking the router, the attackers successfully guessed the password for the WordPress accounts and took complete control of the sites. As security experts noted, this particular hack was made even worse by the fact that most users have little to no understanding of how to secure their home router.

Beef up your home Wifi network security

Here are a few precautionary steps you can take to help deter cybercriminals from infiltrating your home WiFi network:

  • Change the default username and password on your route. (Remember to update your WiFi password frequently!)
  • Configure your router’s settings to use strong network encryption (WPA2 is preferred).
  • Disable your router’s SSID broadcast so it isn’t visible to others.

 

Do you live in one of the most-hacked states?

 

Additionally, Webroot Chief Information Security Officer (CISO) Gary Hayslip recommends enabling a personal firewall.

“Hackers search the internet by using certain tools to send out pings (calls) to random computers and wait for responses,” he said. “Your firewall, if configured correctly, would prevent your computer from answering these calls. Use your personal firewall. The main point to remember is that firewalls act as protective barriers between computers and the internet, it is recommended you install them on your computers, laptops, tablets, and smart devices if available.”

Learn more about how to keep your WiFi connection secure with our Tips for Improving Router Security.

How to Outsmart Mobile Threats

As the holiday season kicks into high gear, keep in mind that shoppers are at an even higher risk of cyberattacks during this time of year. Salesforce projects that mobile users will account for 60 percent of traffic to retail sites around the globe this year. With the increased popularity of shopping on the go, more and more cybercriminals will move to prey on unsuspecting shoppers. Here are a few tips to minimize your chances of falling victim to cybercriminals this holiday season (and all year long). 

Sophisticated attacks on smartphones

The fact is, mobile threats are on the rise. The Webroot 2017 Threat Report revealed a spike in malicious mobile apps, noting that almost half of new and updated mobile apps analyzed over the previous year were classified as malicious or suspicious. That’s nearly 10 million apps, up from a little more than two million such apps in 2015.  

Given the rising frequency of cyberattacks and data breaches year over year, it’s no surprise that we’ve continued to see more sophisticated smartphone attacks. Some of the most common mobile threats users face are mobile web browser-based hacking, adware, remote device hijacking and eavesdropping, and breaches of mobile payment services.  

Why you need a mobile security app 

To avoid becoming a hacker’s next victim, protect your device with a mobile security app. A trusted security app can block infected or malicious apps and file downloads. It can also help protect your identity and personal information if your mobile device is lost or stolen. 

It’s worth pointing out that all mobile security services are not created equal. In October, independent testing firm AV-TEST found that Google’s Play Protect service, which is designed to safeguard Android apps, was found to be “significantly less reliable” than third-party security apps, according to The Next Web. 

 

Don't Get Hacked

 

Outside of a solid mobile security app, Webroot Chief Information Security Officer Gary Hayslip recommends making sure mobile devices are up to date:  

“I recommend getting in the habit of periodically checking for updates and, if any are available, installing them. Updates that are waiting to be installed are accidents waiting to happen; they are doorways that can be exploited to access your devices or steal or encrypt your information. Don’t make it easier for your device to be compromised, keep it updated with the latest patches.” 

Safety measures 

In addition to a mobile security app and frequent updates, you should also be protective of your mobile device’s connections. Follow these two tips to double-down on your mobile safety:  

  1. Turn off your Bluetooth: Bluetooth is a resurgent way for cyber deviants to gain access to your devices and personal information, so be sure to keep your Bluetooth off while out and about doing holiday shopping. 
  2. Data over WiFi: Public WiFi networks are notorious hotbeds for digital attacks. If you have to do your holiday shopping online in public, use your cellular connection instead. If you’d rather not use data, a virtual private network (VPN) is a great way to protect yourself while connected to a public network on your mobile device.  

New Cryptojacking Tactic May Be Stealing Your CPU Power

What if cybercriminals could generate money from victims without ever delivering malware to their systems? That’s exactly what a new phenomenon called “cryptojacking” entails, and it’s been gaining momentum since CoinHive first debuted the mining JavaScript a few months ago.

The intended purpose: whenever a user visits a site that is running this script, the user’s CPU will mine the cryptocurrency Monero for the site owner. This isn’t money out of thin air, though. Users are still on the hook for CPU usage, the cost of which shows up in their electric bill. While it might not be a noticeable amount on your bill (consumer CPU mining is very inefficient), the cryptocurrency adds up fast for site owners who have a lot of visitors. CoinHive’s website claims this is an ad-free way for website owners to generate enough income to pay for the servers. All altruistic excuses aside, it’s clear threat actors are abusing the tactic at the victims’ expense.

An example of cryptojacking

 

In the image above, we can see that visiting this Portuguese clothing website causes my CPU to spike up to 100%, and the browser process will use as much CPU power as it can. If you’re on a brand new computer and not doing anything beyond browsing the web, a spike like this might not even be noticeable. But if you’re using a slower computer, just navigating the site will become very sluggish.

Cybercriminals using vulnerable websites to host malware isn’t new, but injecting sites with JavaScript to mine Monero is. In case you’re wondering why this script uses Monero instead of Bitcoin, it’s because Monero has the best hash rate on consumer CPUs and has a private blockchain ledger that prevents you from tracking transactions. It’s completely anonymous. Criminals will likely trade their Monero for Bitcoin regularly to make the most of this scam.

CoinHive’s JavaScript can be seen in this website’s HTML:

 

CoinHive maintains that there is no need block their scripts because of “mandatory” opt-ins:

“This miner will only ever run after an explicit opt-in from the user. The miner never starts without this opt-in. We implemented a secure token to enforce this opt-in on our servers. It is not circumventable by any means and we pledge that it will stay this way. The opt-in token is only valid for the current browser session (at max 24 hours) and the current domain. The user will need to opt-in again in the next session or on a different domain. The opt-in notice is hosted on our servers and cannot be changed by website owners. There is no sneaky way to force users into accepting this opt-in.”

For reference, here’s what an opt-in looks like (assuming you ever do see one):

CoinHive Opt-In

Why Webroot blocks cryptojacking sites

Unfortunately, criminals seem to have found methods to suppress or circumvent the opt-in—the compromised sites we’ve evaluated have never prompted us to accept these terms. Since CoinHive receives a 30% cut of all mining profits, they may not be too concerned with how their scripts are being used (or abused). This is very similar to the pay-per-install wrappers we saw a few years ago that were allegedly intended for legitimate use with user consent, but were easily abused by cybercriminals. Meanwhile, the authors who originated the wrapper code made money according to the number of installs, so the nature of usage—benign or malicious—wasn’t too important to them.

To protect our users from being exploited without their consent, we at Webroot have chosen to block websites that run these scripts. Webroot will also block pages that use scripts from any CoinHive copycats, such as the nearly identical Crypto-Loot service.

There are a few other ways to block these sites. You can use browser extensions like Adblock Plus and add your own filters (see the complete walkthrough here.) If you’re looking for more advanced control, extensions like uMatrix will allow you to pick and choose which scripts, iframes, and ads you want to block.

 

Update 12/13/17:

CoinHive scripts running rampant

If there was ever any doubt around the severity of this emerging threat and the overall nefarious use of CoinHive’s scripts, it can be put to rest. CoinHive engineers have now essentially admitted that they’ve “invented a whole new breed of malware,” according to a report in the German newspaper Süddeutsche Zeitung.

With the continued price surges in Monero, and the cryptocurrecy market as a whole, it seems cryptojacking becomes a more lucrative opportunity for cybercriminals with each passing day. And recent revelations have shown even more surreptitious methods being used by cryptojacking sites to evade user detection. One website was seen hiding a popup window underneath the Window’s task bar in order to continue mining after users believe they have closed their web browser, according to Bleeping Computer.

CoinHive’s cryptojacking script was even spotted on public WiFi at a Starbucks in Buenos Aires, according to BBC News.

Why You Should Use a VPN on Public WiFi

Working remotely? It only takes a moment on a free WiFi connection for a hacker to access your personal accounts. While complimentary WiFi is convenient, protecting your connection with a VPN is the best way to stay safe on public networks, keeping your data and browsing history secure. 

Are you prepared for today’s attacks? Discover the year’s biggest cyber threats with the annual Webroot Threat Report.

What is a VPN?

VPN stands for “virtual private network” and is a technology that can be used to add privacy and security while online. It’s specifically recommended when using public WiFi which is often less secure and is often not password protected.  

VPN’s act as a bulletproof vest for your internet connection. In addition to encrypting the data exchanged through that connection, they help safeguard your data and can enable private and anonymous web browsing. However, even if you’re using a VPN, you must still be careful about clicking on suspicious links and downloading files that may infect your computer with a virus. Protecting yourself with antivirus software is still necessary.

When and why should you use a VPN?

When checking into your hotel, connecting to the WiFi is often one of the first things you do once settling in. While it may sound like a tempting offer, logging in to an unsecured connection without a VPN is a very bad idea. In July, ZDNet reported the return of hacker group DarkHotel which aims to target hotel guest’s computers after they have logged on to the building’s WiFi. Once compromising a guest’s WiFi, the hacker group can then leverage a series of phishing and social engineering techniques to infect targeted computers. 

Traveling and lodging is just one example of when you can use a VPN to help stay secure and avoid potential attacks, however anyone can benefit from using a VPN.  

From checking Facebook on an airport hotspot, accessing your company files while working remotely or using an open network at your local coffee shop, regardless of the scenario, using a public WiFi can potentially put the data you’re sending over the internet at risk. For business looking to secure their guest WiFi, click to learn more about our DNS protection solution.

Ready to take back control of your privacy? Webroot WiFi Security is compatible with devices running iOS®, Android, macOS® and Windows® operating systems, and is now available to download on the Apple App Store, Google Play store, and Webroot.com.

Two-Factor Authentication: Why & How You Should Use it

Conventional wisdom about passwords is shifting, as they are increasingly seen as a less-than-ideal security measure for securing digital accounts. Even the recommended rules for creating strong passwords were recently thrown out the window. Average users are just too unreliable to regularly create secure passwords that are different across all accounts, so using technology to augment this traditional security is imperative.

From online banking to email to cloud-based file storage, much of our high-value information is in danger if a hacker gains access to our most frequently visited sites and accounts. That’s where two-factor authentication comes in.

Two-factor authentication (2FA) adds an extra layer of security to your basic login procedure. When logging into an account, the password is a single factor of authentication, and requiring a second factor to prove you are who you say you are is an added layer of security. Each layer of security that you add, exponentially increases protection from unauthorized access.

Three categories of two-factor authentication:

  1. Something you know, such as a password.
  2. Something you have, such as an ID card, or a mobile phone.
  3. Something you are, a biometric factor such as a fingerprint.

The two factors required should come from two different categories. Often, the second factor after entering a password is a requirement to enter an auto-generated PIN code that has been texted to your mobile phone. This combines two different types of knowledge: something you know (your password) and something you have (your mobile phone to receive a code in SMS text or code from a 2FA app).

Protect accounts with an extra layer of security

Popular social media sites, including Twitter, Facebook, Instagram and Pinterest, have added 2FA to help protect users. In addition, you may have noticed that services from companies such as Apple, Google and Amazon will notify you via email each time you log in from a different device or location.

While 2FA from an SMS text message is popular and much more secure than a password alone, it is one of the weaker types of 2FA. This is because it’s relatively easy for an attacker to gain access to your SMS texts. When you log in to your account and it prompts for a SMS code, the website then sends the code to a service provider and then that goes to your phone.

This is not as secure as everyone thinks, because the phone number is the weakest link in the process. If a criminal wanted to steal your phone number and transfer it to a different SIM card, they would only need to provide an address, the last four digits of your social security number, and maybe a credit card number.

This is exactly the type of data that is leaked in large database breaches, a tactic to which most Americans have fallen victim at some point or another. Once the attacker has changed your phone number to their SIM card, they essentially have your number and receive all your texts, thus compromising the SMS 2FA.

Ready to protect your home setup? Explore and compare Webroot’s home cybersecurity solutions here.

Many people are guilty of using weak passwords or the same login information across several accounts, and if this sounds like you, we recommend that you use authenticator apps such as Google Authenticator and Authy. These apps are widely supported and easy to setup.

Simply go to the “account settings” section on the site you want to enable. There should be an option for 2FA if it is supported. Use the app on your phone to scan the QR code and, just like that, it’s configured to give you easy six-digit encrypted passwords that expire every 30 seconds.

What happens when you’re not using sites that have 2FA enabled? Quite simply, security is not as tight and there’s a higher risk of a hacker gaining access to your accounts. Depending on what is stored, your credit card information, home address, or other sensitive data could be stolen and used to commit fraud or sold on the DarkWeb.

Learn how to enable 2FA on your Webroot SecureAnywhere in our Community Knowledge Base.

Public Safety in a Connected World

The U.S. electrical grid is in “imminent danger” from cyberattacks according to a report from the U.S. Energy Department released earlier this year. Such an attack would put much of the infrastructure that we rely on for public safety and basic services in jeopardy—electricity, water, healthcare, and communications systems, among others.

Just last week, an email was sent to energy and industrial firms by the DHS and FBI warning of hacking groups targeting critical infrastructure in the “energy, nuclear, water, aviation, and critical manufacturing sectors.”

Great power, great responsibilty

While the networked technology behind this infrastructure empowers our society, it also exposes us to new risks. Most people are aware of the cyber threats facing our personal mobile devices, home computers, and smart appliances. But the risks to public safety on a larger scale are less well known. Commitment to securing this brave new world is critical if we are to avoid serious public safety problems.

Cyberattacks targeting our critical infrastructure reveal our shared responsibility in securing the networks we depend on each and every day in our connected world. 

Ransomware attacks—when cybercriminals hack a computer, encrypt the files and hold them hostage—pose a particularly dangerous threat for public infrastructure.  It is estimated that ransomware has resulted in billions of dollars of losses in the last year alone, according to our June 2017 Quarterly Threat Trend Report.

Already this year, we’ve seen several major ransomware attacks on government entities, including counties, cities and multiple police departments leading to major disruptions in services like emergency response times, video surveillance and emergency radio transmissions.

 

Do you live in one of the most-hacked states?

 

In June, an infamous cyberattack dubbed NotPetya hit Europe, affecting workplaces and public domains. This attack mirrored its predecessor named Petya (a type of ransomware), except this new incarnation used “EternalBlue to target Windows systems—the same exploit behind the infamous WannaCry attack.” It also differed from other popular ransomware attacks by denying user access and attacking low-level structures on the disk. This Petya-based attack targeted employees at one of the world’s largest advertising agencies, as well as oil companies, shipping companies and banks. A new ransomware attack that emerged this week named Bad Rabbit also appears to be linked to the NotPetya attack.

As advanced threats such as ransomware continue to evolve in sophistication, they present a more imminent threat to the systems and services we rely on for public safety. Cyberattacks targeting our critical infrastructure reveal our shared responsibility in securing the networks we depend on each and every day in our connected world. 

Get tips on becoming a more proactive and prepared citizen with our “One Wrong Click” infographic.

Raising Cyber Savvy Kids

Over the last year, a handful of cyberattacks have made news headlines and affected families. High-tech toy maker Spiral Toys was the victim of a particularly cunning hacking scheme. The maker of CloudPets stuffed animals reportedly exposed more than two million private voice recordings and the login credentials of 800,000 accounts. While these “smart toys” are part of a wave of internet-connected devices providing fun and memorable experiences, they are also exposing millions of users to cyber threats. These toys may appear harmless on the surface, but their vulnerability to attack should be kept top-of-mind by any parent.

Educate your family

One of the best ways to ensure your children maintain a safe online presence is to start the conversation around the potential risks they face in our increasingly connected world early on.

When it comes to online safety, the U.S. Department of Homeland Security recommends looking for “teachable moments” that arise naturally during day-to-day computer use. For example, if you get a phishing message, show it to your kids so they can identify similar messages in the future and recognize they are not always what they seem.

BBC reported that “children aged five to 16 spend an average of six and a half hours a day in front of a screen compared with around three hours in 1995, according to market research firm Childwise.” With the amount of time kids and teens spend in front of a computer screen daily, and with hacking and cybercriminals becoming more advanced and sophisticated, it’s more important than ever to teach kids how to be cyber savvy.

One of the best ways to ensure your children maintain a safe online presence is to start the conversation around the potential risks they face in our increasingly connected world early on.

Tips for your cyber savvy kids

In addition to using tools like Webroot’s Parental Controls, CISO Gary Hayslip summarizes a few safety tips:

  • Don’t give out financial account numbers, Social Security numbers, or other personal identity information unless you know exactly who’s receiving it.
  • Remember to also protect other people’s information as you would your own.
  • Never send personal or confidential information via email or instant messages as these can be easily intercepted.

Find more tips to keep your family safe online, wherever they connect.

Why You Should Protect Your Mac from Viruses

“I use a Mac, so I don’t need to worry about malware, phishing, or viruses.” Many Mac users turn a blind eye to cybersecurity threats, often noting that most scams and attacks occur on PCs.

However, within the last few years, there has been a noted uptick in spyware (a type of software that gathers information about a person or organization without their knowledge), adware (software that automatically displays or downloads advertising material), and potentially unwanted applications (PUAs) on Macs and iOS devices.

While Macs are known to have strong security features, they are by no means bullet proof. In a recent interview with CSO Magazine, Webroot Vice President of Engineering David Dufour noted, “Many of these incidents are occurring through exploits in third-party solutions from Adobe, Oracle’s Java and others, providing a mechanism for delivering malicious software and malware.” Even the most internet-savvy users should be sure to install antivirus software on their Mac products.

Security tips for safe browsing on a Mac

Traditionally, because the Windows operating system is more widely used around the world, it is also more highly targeted by cybercriminals. However, Apple devices running macOS are still vulnerable to security threats, and protecting them should be a priority for anyone who owns them. Check out the following security recommendations to help ensure safety wherever you connect with your Mac, in addition to having an up-to-date antivirus installed:

  1. Try using a VPN
    VPN stands for “virtual private network” and is a technology that adds an extra level of privacy and security while online, particularly when using public WiFi networks, which are often less secure. This recent Refinery29 article illustrates the benefits of VPNs for your work and personal life.
  2. Secure your browser
    You may be tempted to ignore messages about updating your browsers, but the minute an update is available, you should download and install it. This is good advice for all software being run on any devices—desktop, laptop, or mobile.
  3. Secure backup
    Be sure to regularly backup your computer and iOS devices so you can easily retrieve your data in case you get locked out of your device.
  4. Use a strong login password
    Use a unique combination of numbers and letters to password-protect your Mac. This is good advice in general for all of the passwords you create. For an added security step, check out the Webroot Password Manager tool to make it easier to manage and organize your passwords.

Phishing: don’t take the bait

Another day, another phishing attack. From businesses to consumers, phishing attacks are becoming a more widespread and dangerous online threat every year. One wrong click could quickly turn into a nightmare if you aren’t aware of the current techniques cyber scammers are using to get access to your valuable personal information.

A phishing attack is a tactic cybercriminals use to bait victims with fake emails that appear to come from reputable sources. The attackers’ goal is to lure the user into opening an attachment, clicking on a malicious link, or responding with private information. These phony emails have become alarmingly realistic and sophisticated. A scam may come in the form of a banking inquiry, an email from a seemingly official government agency, or even a well-known brand with whom you’ve done business—maybe you even pay them a monthly subscription fee.

If you do take the bait, you’ll likely be directed to a malicious website, where you’ll be prompted to enter your account login details, a credit card number, or worse yet, your social security number. The end goal of these phishing attacks is solely to steal your private information.

According to the Webroot Quarterly Threat Trends Report, the first half of 2017 saw an average of more  46,000 new phishing sites being launched every single day, making it the number-one cause of cybersecurity breaches. As hackers devise new phishing tactics, traditional methods of detecting them quickly become outdated.

One of the most popular tricks criminals use to avoid detection is the short-lived attack. The Quarterly Threat Trends Report also revealed that these attacks, where a phishing site is live on the internet for as short as 4 to 8 hours, are seeing a continued rise. Short-lived attacks are so hard to catch because traditional anti-phishing techniques like black-lists are often 3-5 days behind, meaning the sites have already been taken down by the time they appear on the list.

Five ways free antivirus could cost you

You’re probably already aware of the primary phishing-avoidance tip: do not click on suspicious links or unknown emails. But, as the state of phishing becomes even more advanced, how can you best spot and avoid an attack?

Lesser-known phishing giveaways

Webroot recommends keeping an eye out for the following:

  1. Requests for confidential information via email or instant message
  2. Emails using scare tactics or urgent requests to respond.
  3. Lack of a personal message or greeting. Legitimate emails from banks and credit card companies will often include a personalized greeting or even a partial account number or user name.
  4. Misspelled words or grammatical mistakes. Call the company if you have suspicions about an email you’ve received.
  5. Directions to visit websites with misspelled URLs, or use of , which precede the normal domain (something like phishingsite.webroot.com).

Stay ahead of cybercriminals

If an email in your inbox does seem suspicious, here are a few things you can do:

  1. Contact the service or brand directly via another communication channel (i.e., look up their customer support phone number or email address), and ask them to verify whether the content of the email is legitimate.
  2. Avoid providing any personally identifiable information (PII) electronically, unless you are extremely confident the email is from the stated source.
  3. If you do click a link from an email, verify the site’s security before submitting any information. Make sure the site’s URL begins with “https” and that there’s a closed lock icon near the address bar. Also, be sure to check for the site’s security certificate.

Ransomware Spares No One: How to Avoid the Next Big Attack

With global ransomware attacks, such as WannaCry and not-Petya, making big headlines this year, it seems the unwelcomed scourge of ransomware isn’t going away any time soon. While large-scale attacks like these are most known for their ability to devastate companies and even whole countries, the often under-reported victim is the average home user.

We sat down with Tyler Moffit, senior threat research analyst at Webroot, to talk ransomware in plain terms to help you better understand how to stop modern cybercriminals from hijacking your most valuable data.

Webroot: For starters, how do you describe ransomware? What exactly is being ransomed?

Tyler Moffit: To put it simply, your files are stolen. Basically, any files that you would need on the computer, whether those are pictures, office documents, movies, even save files for video games, will be encrypted with a password that you need to get them back. If you pay the ransom, you get the password (at least, in theory. There’s no guarantee.)

How does the average home user get infected with ransomware?

Malspam” campaigns are definitely the most popular. You get an email that looks like it’s from the local post office, saying you missed a package and need to open the attachment for tracking. This attachment contains malware that delivers the ransomware, infecting your computer. It is also possible to become infected with ransomware without clicking anything when you visit malicious websites. Advertisements on legitimate websites are the biggest target. Remote desktop protocol (RDP) is another huge attack vector that is gaining traction as well. While controlling desktops remotely is very convenient, it’s important to make sure your passwords are secure.

How is the data ? Is the ransomed data actually taken or transmitted?

When you mistakenly download and execute the ransomware, it encrypts your files with a password, then sends that password securely back to the attacker’s server. You will then receive a ransom demand telling you how to pay to get the password to unlock your files. This is a really efficient way to prevent you from accessing your files without having to send gigabytes of information back to their servers. In very simple terms, the files are scrambled using a complex algorithm so that they are unreadable by any human or computer unless the encryption key is provided.

What types of files do ransomware attacks usually target?

Most ransomware is specifically engineered to go after any type of file that is valuable or useful to people. Around 200 file extensions have been known to be targeted. Essentially, any file that you’ve saved or open regularly would be at risk.

How does the attacker release the encrypted files?

The attacker provides a decryption utility via the webpage where you make the payment. Once you receive the decryption key, all you have to do is input that key into the tool and it will decrypt and release the files allowing you to access them again. Keep in mind, however, that the criminal who encrypted your files is under no obligation to give them back to you. Even if you pay up, you may not get your files back.

Tips for protecting your devices:

  • Use reliable antivirus software.
  • Keep all your computers up-to-date. Having antivirus on your computer is a great step towards staying safe online; however, it doesn’t stop there. Keeping your Windows PCs and/or Mac operating systems up-to-date is equally important.
  • Backup your data. Being proactive with your backup can help save your favorite vacation photos, videos of your kid’s first piano recital, not to mention sensitive information that could cost you thousands by itself.

Remember, being an informed and aware internet user is one of the best defenses against cyberattacks. Stay tuned in to the Webroot blog and follow us on your favorite social media sites to stay in-the-know on all things cybersecurity.

Fending Off Privacy Invasion

Internet users in the U.S. have seen internet privacy protections diminish significantly in the post-9/11 era. In just March of this year, Congress swiftly (and quietly) did away with federal privacy regulations that prevented internet service providers from selling their customers’ browsing histories without consent.

In recent years, products intended to deliver conveniences directly to our doorsteps have begun to present tacit privacy intrusions into the modern home. Always-on smart speakers from online retailers make it easier than ever to order products, but they also enable those companies to listen to our every word. Those same companies are monitoring our behaviors across the web.

“Google knows quite a lot about all of us,” said cybersecurity expert Bruce Schneier in a recent interview with the Harvard Gazette. “No one ever lies to a search engine. I used to say that Google knows more about me than my wife does, but that doesn’t go far enough. Google knows me even better, because Google has perfect memory in a way that people don’t.”

Giant corporations aren’t the only ones intruding into our daily lives to collect our personal data for financial gain—cybercriminals are intent on doing the same. Crimes such as identity theft and extortion can be carried out with stealthy malware, such as remote access tools (RATs) used to spy on users via laptop webcams.

We asked people in downtown Denver, CO what they are doing to protect their privacy. Their answers were rather bleak:

 

While public awareness of this ominous trend has mounted somewhat since 2013, when revelations of America’s government surveillance surfaced via the Snowden leaks, virtually nothing has been done to reverse it. Faced with this constant barrage of privacy invasion, pulling the plugs and disconnecting entirely may seem like the only way out—but rejecting “the way things are” is a pill most people are unlikely to swallow.

Until there’s a major shift in our society’s attitudes (and public policies) toward internet privacy, the duty falls on individual users to safeguard their own private data, identities, and other sensitive information. Follow and share the tips below to take back control over your privacy.

Tips for protecting your online privacy

  • Configure your web browser to delete cookies after closing. You can also take control of other advanced privacy features in your web browser to have greater control of what you’re sharing with websites you visit.
  • Cover your webcam with tape, a sticker, or something else that can block the camera lens and also be easily removed when you need to use it. (Webroot SecureAnywhere® solutions protect against webcam spying and other potentially unwanted applications.)
  • Don’t share sensitive information on social media. Check your privacy settings on sites like Facebook and Twitter and make sure only your trusted followers can see your complete profile. For instance, do your Facebook friends really need to know your real birthday? Deliberately sharing a fake birthday on social media can be a crafty way to enhance your privacy.
  • Lock your screens. All of them. Losing a device like your laptop or smartphone could spell disaster if they were to end up in the wrong hands. Strong, uncommon PINs and passwords can lock down your devices from would-be thieves.
  • Use fake answers for password security questions. Honest answers to security questions can often be found with just a little online digging. Why can’t your mother’s maiden name be “7O7F1@!3kgBj”? This brings us to our next tip…
  • Use a password manager app to generate and store strong, unique passwords for all of your accounts. (A password manager can also safely store those fake security answers mentioned above.)
  • Use security software to monitor and protect your digital devices from threats like malware, spyware, and phishing attacks, which can steal your private data.

For more videos related to cybersecurity and staying safe online, subscribe to our YouTube channel.

Why You Should be Using a Password Manager

From streaming entertainment to social media to our online bank accounts and software, we are inundated every day with the need to create and remember new passwords. In fact, one study revealed that Americans have an average of 130 online accounts registered to a single email address. And what are the chances that those 130 passwords are each unique and difficult to crack? Slim to none.

You’ve probably heard about the infamous Yahoo breach that came to light last year, in which hackers stole the credentials and other sensitive information of more than 1 billion users. For people who used their Yahoo password for other sites, those accounts were also compromised.

Unfortunately, many people admit their passwords are less secure than they should be. See for yourself:

 

So how, exactly, can we all be expected to create and remember an average of 130 unique passwords?

The best solution available today, offering both convenience and security, is a password manager.

What exactly is a password manager?

It is a type of application that can address all the above issues. Password managers come in the form of lightweight plugins for web browsers such as Google Chrome or Mozilla Firefox and can automatically fill in your credentials after saving them in an encrypted database.

The major benefit of using a password manager is that you only need to remember a single master password. This allows you to easily use unique, strong passwords chosen for each of your online accounts. Just remember one strong password and the manager will take care of the rest.

Avoid these common password security risks:

  • Typing passwords to login each time can be dangerous in itself. Malicious keyloggers designed to secretly monitor keystrokes can record your passwords as you type them. (You can eliminate these with good antivirus software.)
  • Remembering multiple passwords, especially if you have carefully picked a password that is complicated. Most people tend to use the same or similar passwords for different accounts, which means that if one password is exposed, criminals can log into all those accounts.
  • Storing passwords in a document or writing them down, which creates a very high risk of being affected by a breach or simply losing the information.

For more videos related to cybersecurity and staying safe online, subscribe to our YouTube channel.

UPDATE: The Webroot Password Manager upgrade is here—now powered by LastPass, the most trusted password manager! Get access to quality-of-life features including the password vault, access on ALL devices, auto-fill and save, emergency access, and more.

Current users, learn how to switch to LastPass here: https://wbrt.io/577b2 

New users, learn how to set up your LastPass account here: https://wbrt.io/snbmz