Home + Mobile

Happy Halloween! To commemorate this annual night of fright, our team wanted to accentuate the unpredictability of cyber threats. What they came up with was not only funny and entertaining, but also serves as a reminder to stay vigilant when online.

This Halloween and beyond, remember these sage words of advice. Files that used to be benign can turn malicious over time. An email from your closest friend could be phishing in the end. This Halloween, use common sense. Defend yourself with confidence. Before you go to trick or treat, get protection that can’t be beat.

As the world continues to become more connected, it’s more important than ever to be “cyberaware.” But what does cyberawareness look like? Being cyberaware means being able to interact safely within cyberspace without falling victim to cybercrimes like identity theft, transaction fraud, hacking, and others you’ve probably heard about in the news.

You might think cybercrime isn’t something that would happen to you. After all, it happens to celebrities and big corporations—headline worthy names that will get people’s attention—but not to ordinary home users or small businesses. But that’s the kind of thinking modern cybercriminals use to their advantage. That’s why we strongly encourage you to educate yourself about internet risks, and learn how you can stay ahead.

October is National Cyber Security Awareness Month, making it the perfect time to discover tools and resources to keep yourself, your family, and your devices safe. Sponsored by The National Cyber Security Alliance (NCSA) and Department of Homeland Security, National Cyber Security Awareness Month exists to encourage vigilance and protection by all computer and device users.

There’s nothing more worthy of protection than your identity and data, and the Webroot team is standing by to help you do just that. In addition to our Webroot Cyberaware Campaign, we’ve compiled a list of other resources for you to access. Be smart. Be safe. Be cyberaware.

Resources

1. Department of Homeland Security
2. StaySafeOnline.org
3. THINK. CONNECT.

Anti-virus software is a program or set of programs that are designed to prevent, search for, detect, and remove viruses, and other forms of malware such as worms, trojans, adware, and more.

As our world continues to become ever more connected, anti-virus remains critical for users seeking to keep their devices protected. However, it’s vital that the security one chooses is always up-to-date with automatic updates, as a device without proper security software may be infected within minutes of connecting to the internet.

Unfortunately, because today’s threats are so sophisticated and are constantly being updated, traditional cybersecurity companies are incapable of updating their detection tools fast enough to handle many of these threats, particularly the ones that are not yet ‘known’ by the anti-virus software.

Pretty much all of today’s anti-virus solutions offer a host of features and are able to perform the following task:

• Scan specific files or directories for any malware or known malicious patterns
• Allow you to schedule scans to automatically run for you
• Allow you to initiate a scan of a specific file or of your computer, or of a CD or flash drive at any time
• Remove any malicious code detected – sometimes you will be notified of an infection and asked if you want to clean the file, other programs will automatically do this behind the scenes
• Show you the ‘health’ of your computer

However, while these tactics were enough to keep a device safe two or three years ago, malware has evolved at too rapid a pace for these features to remain the only thing a user needs to stay protected.

Thanks to the influx of more sophisticated phishing attacks and polymorphic malware capable of replicating and altering itself enough to not be caught by ‘traditional’ security solutions, many threats slip by, undetected. Today, an effective security solution is one that can stay ahead of these threats by automatically updating, monitoring unknown files to ensure they’re not making changes to your devices, protecting against phishing attacks and other online threats, and having the ability to roll-back any changes a file makes on a user’s device. In other words, users need to use smarter cybersecurity.

How are they a security threat?

People, not computers, create computer threats. Computer predators victimize others for their own gain. Give them access to the internet — and to your PC — and the threat they pose to your security increases exponentially. Computer hackers are unauthorized users who break into computer systems in order to steal, change or destroy information, often by installing dangerous malware without your knowledge or consent. Their clever tactics and detailed technical knowledge help them access information you really don’t want them to have.

How do they find me?

Anyone who uses a computer connected to the internet is susceptible to the threats that these cybercriminals pose. These online villains typically use phishing scams, spam email or fake websites to deliver dangerous malware to your computer and compromise your computer security. Computer hackers can also try to access your computer and private information directly if you are not protected with a firewall. They may also monitor your chat room conversations or peruse your personal webpage. Usually disguised with a fake identity, online predators can lure you into revealing sensitive personal and financial information, or much worse.

What can they do to me?

While your computer is connected to the internet, the malware a hacker has installed on your PC quietly transmits your personal and financial information without your knowledge or consent. Or, an online crook may pounce on the private information you unwittingly revealed. In either case, they may:

• Hijack your usernames and passwords
• Steal your money and open credit card and bank accounts in your name
• Ruin your credit
• Request new account Personal Identification Numbers (PINs) or additional credit cards
• Make purchases
• Add themselves or an alias that they control as an authorized user so it’s easier to use your credit
• Obtain cash advances
• Use and abuse your Social Security number
• Sell your information to other parties who will use it for illicit or illegal purposes

In addition to the above dangers, an online stalker can pose a serious physical threat. Use extreme caution when agreeing to meet an online “friend” or acquaintance in person.

How will I know?

Check the accuracy of your personal accounts, credit cards and documents. Are there unexplained transactions? Questionable or unauthorized changes? If so, dangerous malware installed by these cyber criminals may already be lurking.

What can I do to protect myself?

When you arm yourself with information and resources, you’re wiser about computer security threats and less vulnerable to threat tactics. Both online predators and hackers pose equally serious and but very different threats.

To protect your computer against the former:

• Continually check the accuracy of personal accounts and deal with any discrepancies right away
• Use extreme caution when entering chat rooms or posting personal webpages
• Limit the personal information you post on personal webpages
• Carefully monitor requests by online “friends” or acquaintances for predatory behavior
• Keep personal and financial information out of online conversations
• Use extreme caution when agreeing to meet an online “friend” or acquaintance in person

An unprotected computer presents an open door for these cyber crooks. Make sure that you’re keeping all your devices protected with security that actually works, preventing attacks and keeping the threats they pose at bay.

Social engineering is the art of manipulating people so they give up confidential information. The types of information these criminals are seeking can vary, but when individuals are targeted, the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software which will give them access to said passwords and bank information as well as giving them control over your computer.

Cybercriminals use social engineering tactics because it is often easier to exploit your natural inclination to trust than it is to discover ways to hack your software.  For example, it is much easier to fool someone into giving away their password than it is to hack their password (unless the password is really weak).

Security is all about knowing who and what to trust – Knowing when and when not to take a person at their word, when to trust that the person you are communicating with is indeed the person you think you are communicating with, when to trust that a website is or isn’t legitimate or when to trust that the person on the phone is or isn’t legitimate, and knowing when providing your information is or isn’t a good idea.

Ask any security professional and they will tell you that the weakest link in the security chain is the human who accepts a person or scenario at face value. Hypothetically speaking, it doesn’t matter how many locks and deadbolts are on your doors and windows, or how many alarm systems, floodlights, fences with barbed wire, and armed security personnel you have; if you trust the person at the gate who says he is the pizza delivery guy and you let him in without first checking to see if he is legitimate, you are completely exposed to whatever risk he represents.

Common social engineering attacks

Email from a ‘friend’ – If a cybercriminal manages to hack or socially engineer a person’s email password, they have access to that person’s contact list, too. And because many people use one password everywhere, they probably have access to that person’s social networks, banking accounts, and other personal accounts.

Once the criminal has that email account under their control, they send emails to all the person’s contacts or leave messages on all their friend’s social pages, and possibly on the pages of the person’s friend’s friends as well.

These messages may use your trust and curiosity. For example, they may:

• Contain a link that you just have to check out–and because the link comes from a friend and you’re curious, you’ll trust the link and click–and as a result, be infected with malware so the criminal can take over your machine and collect your contacts’ info and deceive them like they just deceived you.
• Contain a download such as pictures, music, movies, documents, etc., that has malicious software embedded. If you download–which you are likely to do since you think it is from your friend–you become infected. Now, the criminal may have access to your machine, email account, social networks and contacts, and the attack spreads to everyone you know. And on, and on.

These messages may create a compelling story or pretext:

• Urgently ask for your help–your ‘friend’ is stuck in country X, has been robbed, beaten, and is in the hospital. They need you to send money so they can get home, but in reality, they give you instructions on how to send the money to the cybercriminal.
• Ask you to donate to their charitable fundraiser, or some other cause, which is of course a front. Really, they’re again providing you with instructions on how to send the money to the cybercriminal.

Phishing attempts. Typically, a phisher sends an e-mail, instant message, comment, or text message that appears to come from a legitimate (and typically popular) company, bank, school, or institution.

These messages usually have a scenario or tell a story:

• The message may explain there is a problem that requires you to “verify” your information by clicking on the displayed link and provide information in their form. The link location may look very legitimate with all the right logos and content (in fact, the criminals may have copied the exact format and content of the legitimate site). Because everything looks legitimate, you trust the email and the phony site and provide whatever information the crook is asking for. These types of phishing scams often include a warning of what will happen if you fail to act soon, because criminals know that if they can get you to act before you think, you’re more likely to fall for their phishing attempt.
• The message may notify you that you’re a ‘winner’. Perhaps the email claims to be from a lottery, or a dead relative, or a site claiming that you’re the millionth person to click, etc. In order to claim your ‘winnings’, you have to provide information, such as your bank routing number, so they know how to send it to you, or give your address and phone number so they can send the prize, and you may also be asked to prove who you are often being asked to provide your Social Security Number. These are the ‘greed phishes’ where even if the story pretext is thin, people want what is offered and fall for it by giving away their information, then having their bank account emptied and identity stolen.
• The message may ask for help.  Preying on kindness and generosity, these phishing attacks ask for aid or support for whatever disaster, political campaign, or charity is trending at the moment.

Baiting scenarios. These socially engineering schemes know that if you dangle something people want, many people will take the bait. These schemes are often found on Peer-to-Peer sites offering a download of something like a hot new movie or music album. But these schemes can also be found on social networking sites, malicious websites you find through search results, and so on.

Alternatively, the scheme may show up as an amazingly great deal on classified sites, auction sites, etc.. To allay your suspicion, you can see the seller has a good rating (all planned and crafted ahead of time).

People who take the bait may be infected with malicious software that can generate any number of new exploits against them and their contacts, may lose their money without receiving their purchased item, and, if they were foolish enough to pay with a check, may find their bank account empty.

Response to a question you never had. Criminals may pretend to be responding to your ‘request for help’ from a company while also offering additional help. They pick companies that millions of people use like a large software company or bank.  If you don’t use the product or service, you will ignore the email, phone call, or message, but if you do happen to use the service, there is a good chance you will respond because you may actually need help with a problem.

For example, even though you know you didn’t originally ask a question, you may have a problem with your computer’s operating system (such as slow-downs) and you seize on this opportunity to get it fixed, for ‘free’ no less. The moment you respond, however, you have bought the crook’s story, given them your trust and opened yourself up for exploitation.

The representative, who is actually a cybercriminal, will need to ‘authenticate you’, have you log into ‘their system’ or, have you log into your computer and either give them remote access to your computer so they can ‘fix’ it for you, or tell you the commands so you can ‘fix’ it yourself with their ‘help’. In actuality, some of the commands they tell you to enter will open a way for the criminal to get back into your computer later.

Creating distrust. Some social engineering is all about creating distrust, or starting conflicts; these are often carried out by people you know and who are angry with you, but it is also done by nasty people just trying to wreak havoc, people who want to first create distrust in your mind about others so they can then step in as a ‘hero’ and gain your trust, or by extortionists who want to manipulate information and then threaten you with disclosure.

This form of social engineering often begins by gaining access to an email account or other communication account on an IM client, social network, chat, forum, etc. They accomplish this either by hacking, social engineering, or simply guessing really weak passwords.

• The malicious person may then alter sensitive or private communications (including images and audio) by using basic editing techniques and forward these to other people to create drama, distrust, embarrassment, etc.  They may make it look like it was accidentally sent, or appear like they are letting you know what is ‘really’ going on.
• Alternatively, they may use the altered material to extort money either from the person they hacked, or from the supposed recipient.

There are literally thousands of variations to social engineering attacks. The only limit to the number of ways a cybercriminal can socially engineer users through this kind of exploit is the their imagination.  And you may experience multiple forms of exploits in a single attack.  Afterwards, the criminal is likely to sell your information to others so they too can run their exploits against you, your friends, your friends’ friends, and so on, as cybercrooks like to leverage people’s misplaced trust.

Don’t become a victim

• Slow down. Spammers want you to act first and think later. If the message conveys a sense of urgency, or uses high-pressure sales tactics, be skeptical and never let their urgency influence your careful review.
• Research the facts. Be suspicious of any unsolicited messages. If the email looks like it is from a company you use, do your own research. Use a search engine to go to the real company’s site. You can also find their  real support phone number listed on the site.
• Delete any request for financial information or passwords. If you get asked to reply to a message with personal information, it’s a scam.
• Reject requests for help or offers of help. Legitimate companies and organizations do not contact you to provide help. Furthermore, if you did not specifically request assistance from the sender, consider any offer to ‘help’ restore credit scores, refinance a home, answer your question, etc., a scam. Similarly, if you receive a request for help from a charity or organization that you do not have a relationship with, delete it. To give, seek out reputable charitable organizations on your own to avoid falling for a scam.
• Don’t let an email link control dictate where you land. Stay in control by finding the website yourself by using a search engine to be sure you land where you intended to. Hovering over links in an email will show the actual URL at the bottom, but a good fake can still steer you wrong.

Curiosity leads to careless clicking–if you don’t know what the email is about, clicking links is a poor choice. Similarly, never use phone numbers from the email as it is easy for a scammer to pretend you’re talking to a bank teller, a support agent, etc.

• Secure your computing devices. Install an effective anti-virus solution that can keep up with ever-evolving threats. Make sure to keep your OS and browsers updated, and if your smartphone doesn’t automatically update, make sure to manually update it whenever you receive a notice to do so.
• Email hijacking is rampant. Hackers, spammers, and social engineers gaining access to people’s emails (and other personal accounts) has become commonplace. Once they control someone’s email account, they prey on the trust of all that person’s contacts. Even when the sender appears to be someone you know, if you aren’t expecting an email with a link or attachment, be sure to check with your friend before opening links or downloading. Even then, the legitimacy of the links isn’t guaranteed, which is why it’s critical to be using anti-virus software.
• Beware of any download. If you don’t know the sender personally AND expect a file from them, downloading anything is a mistake.
• Foreign offers are fake. If you receive email from a foreign lottery or sweepstakes, money from an unknown relative, or requests to transfer funds from a foreign country for a share of the money, it is guaranteed to be a scam.
• Set your spam filters to high. Every email program has spam filters. To find yours, look under your settings options, and set these to the highest setting; just remember to check your spam folder periodically to see if legitimate email has been accidentally trapped there. You can also search for a step-by-step guide to setting your spam filters by searching on the name of your email provider plus the phrase ‘spam filters’.

With the sheer amount of available pornographic images of child abuse – often called child porn – available online, it may seem that there is little you can do to protect your children, or yourself, from this type of content. This isn’t true.

Here are eight key tools and tactics to eliminate – or significantly reduce – the risks of you or your child coming across pornographic material.

Eight tools to help block internet pornography

1. Set your search engine to “safe search” mode: Google users can visit the ‘Google Safety Center‘ to adjust the settings, while Bing users can change preferences in the Bing Account Settings. If you use another search engine, it’s usually straight-forward to access the equivalent settings for that specific search engine.  Also, if you child uses YouTube, be sure you have set the “safe” mode on that platform as well.
2. Use the family safety tools provided by your computer’s/other device’s operating system: Windows and Mac operating systems provide family safety settings. Many mobile device manufacturers also provide a wide variety of safety settings within their mobile devices.
3. Use family safety tool services: Sometimes called parental controls, these tools allow you to set specific filters to block types of content you find inappropriate. This isn’t just something to apply to youth; plenty of adults prefer to filter out pornographic and other types of content like ‘hate’ and ‘violence’.  The appropriateness of some types of content will change as children mature; other types of content may always be unacceptable. To find the tools that best fit your family’s needs, search for parental-control or family-safety-tool reviews. Keep in mind that these tools need to be installed on every device your child uses to go online: game consoles, smartphones, tablets, personal laptops and computers. Some services have coverage for all types of devices, others are limited to just computers or phones. You may find that using a single solution on all devices makes your monitoring much easier.
4. Periodically look at your children’s browser history. There are a number of phrases youth use to get around pornography filters – like “breast feeding” and “childbirth” – and some fast-changing slang terms that filters may not have caught up with like “walking the dog,” which is a slang term for sex. If you see odd search terms, give the sites a quick look.
5. Have your children restrict access to their social networking sites to only known friends, and keep their sites private. A great deal of pornography is shared among private albums on social networking sites.
6. Scan the photos on your child’s smartphone/mobile device time-to-time. While the youngest kids aren’t ‘sexting’, by the time they’ve hit their ‘tweens’, there’s a chance that they have begun participating in this type of behavior. Let your children know that you plan to sit down with them and go through the pictures they have stored on their phone.
7. Review the applications your child has downloaded to their phone or tablet. Mobile content filters may not catch all the potentially inappropriate apps.
8. You are your strongest tool. No technical blocking solution alone is enough to protect a determined child or teen from finding pornography online. Have the “talk” on an ongoing basis with your children about the content your family finds appropriate and inappropriate; this exchange should never be a one-time conversation.

Teens in particular may balk at the conversations, but they do listen far more than you might imagine. To learn more about your influence on your teens’ lives, see Psst! Parents! If you talk to your teen, they will listen to you, as well as this article about how to talk to teens.

It was only a matter of time before phone hacking rose to the top of the media-driven hysteria list

Thanks to the rapid growth of mobile device adoption and the subsequent rapid growth in mobile threats, phone hacking prevention is a hot topic. A headache reserved for celebrities in the past, smartphone-infiltration concerns have crossed the VIP vs. everyone else blood-brain barrier and now potentially impacts anyone who owns a smartphone.

But is this really a serious problem for us regular folks? Are our voicemail messages so interesting that someone would invade our privacy to listen in? Before we go barking up the narcissism tree, it’s best to examine what phone hacking is and whether you really need to worry about it.

With everything I’ve got going on, do I need to worry about my phone’s security?

This security threat can be broken down into two types: hacking into a live conversation or into someone’s voicemail, and hacking into data stored on one’s smartphone. Just as the majority of abductions are carried out by a member of the abductee’s family—unless you go by code name POTUS or are Hugh Grant—the person most likely to hack into your live conversation or voicemail will be someone that you know who has an ax to grind.

And in today’s mobile world, mobile security is a growing issue. As people increasingly store sensitive data on their mobile devices, the opportunity to exploit privacy weaknesses becomes more tempting to unscrupulous ‘frenemies’, exes or the occasional stranger.

It doesn’t help that there is a cottage industry of software ostensibly developed for legal uses but is easily abused (password crackers aptly named ‘John the Ripper’ and ‘Cain and Abel’ are two examples). Opportunistic hackers can wreak havoc with data deletion or install malicious software that gathers bank account logins and confidential business emails.

So what’s a smartphone owner to do?

If you want to be proactive, there are several measures you can take to protect yourself against this threat, most of which involve common sense. For example:

• Don’t leave your phone unattended in a public place.
• Be sure to change the default password that comes with a new phone to something more complex (resist the usual “1234,” “0000” and 2580)
• Avoid using unprotected Bluetooth networks and turn off your Bluetooth when you aren’t using it.
• Use a protected app to store pin numbers and credit cards, or better yet, don’t store them on the phone at all.

Throwing the baby out with the bathwater

If you’re still worried about your smartphone’s security, there are further steps you can take to protect yourself. However, taking things too far will defeat the purpose of having a smartphone at all.

• Avoid accessing important locations such as bank accounts via public Wi-Fi that may not be secure.
• Turn off your auto complete feature so critical personal data isn’t stored on the phone and must be re-entered every time you need it.
• Regularly delete your browsing history, cookies and cache so your virtual footprint is not available for prying eyes.
• If you have an iPhone, you can enable ‘Find My iPhone’ in your settings, and it will locate your phone if you misplace it before the hackers can lay their hands on it.
• Use a security app that increases protection. For Android owners, Webroot offers the all-in-one SecureAnywhere Mobile app that provides antivirus protection and allows you to remotely locate, lock and wipe your phone in the event you lose track of it.

Remember—if the thought of your smartphone getting breached has you tossing and turning at night, you can just turn the phone off, remove the battery and hide it under your pillow for some sweet lithium-ion induced dreams.

If you’re one of the people who is still stubbornly holding onto Windows XP (which stopped receiving support and security updates as of April 8, 2014), it’s time to let go. Likewise, if you’re using an outdated version of your preferred internet browser, it’s time to update. Right now. Why? In both scenarios, you’re putting your personal online security at risk any time you browse the internet. Without current web browser support and critical security updates from Microsoft, your PC may become vulnerable to any number of harmful viruses, spyware, and other malicious software which can steal or damage your identity, personal finances, and information.

Microsoft Pulls the Plug on Windows XP; Users Should Upgrade

(Source: howtogeek)

Nearly two years ago, Microsoft finally made the decision to stop supporting the widely popular OS (operating system) after a 12 year run. Windows XP faithful (and there were many) were encouraged to say their farewells to the beloved OS and move on to newer Microsoft technologies, or continue to use XP at their own risk as the OS was no longer receiving security updates. Unfortunately, many users chose the latter option, leaving their computers susceptible to a myriad of threats. Worse yet, people stubbornly continue to use Microsoft XP, despite the security risks. If you fall into this category, I strongly advise you to upgrade to a version of Windows that Microsoft still supports.

For more information on the end of XP support as well as how to upgrade, you can check out this Microsoft FAQ.

Using an Up-to-Date Internet Browser on a Supported OS is Important As Well

Making sure your operating system is supported is critical, but it’s not the only step users need to take to stay secure. If you’re using a supported OS, but fail to keep your internet browsers updated, you leave yourself vulnerable every time you browse the web. Likewise, if you’re using an updated browser on an OS that’s no longer supported,  same thing. Thus, browser support is also crucial for a safe internet-using experience. Here’s the current support status of each major web browser:

Internet Explorer:

(Source: Microsoft)

Beginning January 12, 2016, only the most current version of Internet Explorer available for a supported operating system will receive technical support and security updates. Internet Explorer 11 is the last version of Internet Explorer, and will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10. In other words, if you’re using any prior version of I.E., you’re at risk and it’s time to update.

Fortunately, Internet Explorer 11 offers improved security, increased performance, better backward compatibility, and support for the web standards that power today’s websites and services, so the transition should prove a comfortable one. Microsoft encourages customers to upgrade and stay up-to-date on the latest browser for a faster, more secure browsing experience. You can download the latest version of Internet Explorer here.

Google Chrome:

(Source: Google Images)

Chrome, Google’s wildly-popular take on the internet browser, came onto the browser scene (and subsequently onto users computers) in 2008. Now, it’s estimated that Chrome is the most widely-used browser on desktops, at 58% worldwide usage share.

Unlike Internet Explorer, Chrome automatically updates each time it detects that there’s a newer version available, so users don’t have to worry about being on a potentially-outdated version of the browser. However, last November, Google announced it will end support for Chrome on some older operating systems by April 2016, which means that less than a month from today, Chrome will stop getting updates if your computer is running any of the following operating systems:

Windows Vista, Windows XP, OS X 10.6 Snow Leopard, OS X 10.7 Lion and OS X 10.8 Mountain Lion

The April 2016 deadline is actually an extension to the life cycle of Google Chrome on Windows XP. Google originally announced back in October 2013 that support for Chrome on XP would end by April 2015, before pushing that deadline back to December 2015. For more information on system requirements as well as download links for different operating systems, check out this Google support page.

Mozilla Firefox:

(Source: Mozilla)

Mozilla’s Firefox, created back in 2002, still remains a popular browser choice for users. Largely thanks to the decline in Internet Explorer usage, Firefox reportedly took over the number two slot for desktop browsers in February 2016.

Like Chrome, Firefox is set by default to automatically update to the latest version. You can find a list of all Firefox releases here.

As far as operating systems go, here are the ones currently supported by Mozilla: Windows XP SP2, Windows Server 2003 SP1, Windows Vista, Windows 7-10, Mac OS X 10.6-10.11. You can learn more about getting the latest version of Firefox on an older version of Windows here (although you should really not be using Windows XP at this point, as outlined earlier).

Safari

(Source: Apple)

Sure, some Mac users prefer to use Chrome or Firefox. However, Safari (the default internet browser on Mac OS X that was originally released in 2003) is also used by many Mac users worldwide.

While the browser doesn’t update automatically, users can easily check for updates by opening the App Store and clicking on ‘Updates’ in the toolbar. If there’s a new version of Safari available, users just need to click the ‘Update’ button (and enter their Apple ID), and the latest version will be installed.

To keep Safari up-to-date, Apple encourages users to upgrade to the latest version of OS X. Safari 9, which is currently in version 9.0.3, comes bundled with the latest version of OS X, El Capitan. However, users who are still using OS X Mavericks can also update to the latest version of Safari. You can find out more information on this Apple support page.

With so many options, updates and upgrades available today, it’s easy to find yourself using an outdated operating system or a internet browser that is no longer supported, and putting yourself at a security risk as a result. Hopefully this blog post and the included hyperlinks will help you take the necessary steps in ensuring your operating system and browsers are up-to-date, which in turn, will help safeguard your identity and personal information. As always, it is also important to have an up-to-date antivirus program installed to protect your computer, in addition to an up-to-date browser and OS.

Myth: There is no link between your real-life location and your digital one.

The truth is that the two are very much connected. Perhaps more importantly, then, is what this means when it comes to your personal security. If the state or city in which you live is a hotbed for cybercriminal activity, your chances of being infected online increase significantly. Couple this with the fact that hackers are constantly refining their attack methods and finding new ways to make a profit, and you have yourself a potential recipe for personal information loss disaster.

Fortunately, you can prevent that from happening and stop those cybercrooks right in their tracks. How? By making sure your devices are protected. With cybersecurity that actually works. It also helps knowing which states and cities hackers choose as their favorite targets. The infographic below breaks it down.

In a 2016 survey of 500 PC gamers, Webroot discovered statistically significant differences in the ways that male and female gamers approach internet security, 3^rd party modifications, and the way they choose to portray their gender online. In fact, we found surprisingly large discrepancies between those who identified as male and those who identified as female in terms of online gaming and security.

The following infographic reveals the findings of our survey:

Here at Webroot, we take security seriously. With that being said, there is always more that you can do to improve your security and privacy while browsing online. Below is a list of browser plugins that we recommend you check out.

Webroot Filtering Extension

This one is pretty much a given as we are Webroot. Our filtering extension provides you with the reputation of websites within your browser and helps to protect you from harmful websites. This extension is available to all Webroot users.

Webroot Password Manager

Password managers are almost a necessity in today’s landscape. You should have multiple passwords that differ across your accounts. The Webroot Password Manager assists with managing and maintaining all of these with the click of the mouse. We also ensure that all of the stored passwords are encrypted and you should always ensure this is the case with any password manager you choose to use. This utility is available to Webroot Internet Security Plus and Webroot Internet Security Complete customers. If you are using a security program (you should be) may as well throw in a password manager.

HTTPS Everywhere

More websites are shifting to HTTPS and should be, but redundancy is never a bad thing when it comes to security. This extension encrypts your communications with major websites to make your browsing even more secure.

Privacy Badger

This one comes as more of a personal preference and an honorable mention to Disconnect here. Privacy Badger blocks ads and trackers that use your browsing information to show you tailored results. Privacy Badger learns from your browsing habits so the more you browse, the better it is going to work for you. While not as strong out of the gate as some of the alternatives, in the long run I feel as if this is more useful.

Adblock Plus

You’ve likely heard of this one before, and for good reason. Adblock Plus helps to block popups, video ads, and malware domains on many different websites. The caveat here is that some websites (we are looking at you, Forbes) will ask that you disable this extension to view the website. This happens because many websites receive revenue from the ads located on their website. Some websites solely rely on this revenue to function and provide content to you.

I hope that these recommendations assist you in securing your browsing experience. With the same layered approach that we recommend for enterprise networks, you can keep enhance the security of your browser, keeping you and any other users safe and secure. Share any additional browser plug-in ideas you have on our Webroot Community.