Threat Lab

No matter how old you are, it is important to learn how to stay safe online! According to a study conducted by Learning Innovation, more than 93% of students have access to smartphones and laptops. Cyber threats show no sign of slowing down, which is why it is important to stay up to date on security best practices.

That’s one of the many reasons why we are so passionate about partnering with the Girl Scouts of Greater Chicago and Northwest Indiana to help girls be more cyber aware. Girl Scouts is a volunteer led organization that stretches from coast to coast to help girls bring their dreams to life and build a better world.

Together, we aim to educate Girl Scouts through lessons that focus on simulations of existing and emerging cyber threats, how to safely preserve important files and memories and what to look out for when browsing online.

Becoming a cyber hero

Our Cyber Resilience patch program provides Girl Scouts with the opportunity to engage in fun and educational hands-on activities that ignite awareness and create better online behaviors.

Last month, we joined the Girl Scouts at their annual Cookie Rally that had over 2,000 girls and their families in attendance. We shared cybersecurity and safe online practices with the girls before they kicked-off their cookie season. While selling cookies is done primarily via in-person buying, selling cookies online has grown in popularity.

This past October we kicked off our first patch program for the Brownies (grades 2-3) and Juniors (grades 4-5) and through a series of fun activities, the girls can learn how to navigate online dangers and stay safe online.

This is just the beginning! We are in the process of rolling out more programs to teach more girls (and age groups) about the importance of cybersecurity and being safe online.

Interested in learning more about our security products? Visit us at webroot.com.

Online dating scams are on the RiseAccording to the FBI, Americans lost $1 billion in 2021 due to online dating scams; 2022 numbers are expected to be higher.  

Romance scammers are masters of disguise. They lead people on with talk of love and then attempt to trick them into giving money or personal data. As demonstrated by The Tinder Swindler, anyone at any age can be manipulated into a romance scam. 

Dating sites and apps are a convenient and easy way to find a match. They also present an ideal opportunity to fool unsuspecting hearts with common scams like:   

• pretending to be in a financial crisis  
• living out of state (and needing money to travel to meet you) 
• always having an excuse as to why they can’t meet in person 

Of course, not all tactics are as obvious as the above. Be suspicious of someone who asks you to move your communication off the dating site/app to a different platform; this could be a sign that the person is trying to avoid detection, being flagged or that they want to share a malicious link for you to click on. 

To protect your heart, data and identity while online dating: 

• Never give money or private data like birth dates and bank account numbers.   

• Trust your instincts; if it feels too fast or good to be true, it probably is. Scammers often claim to have fallen in love very quickly or without having met their “match” in person.  

• Don’t send intimate pictures or videos. Scammers may use them to extort money from you. 

• Don’t share your address, daily routine or places you visit frequently  

• Use a dating site/app that offers security features, such as the ability to verify the identity of others. 

• Do your research, consider using a background check service to verify a person’s identity. And don’t forget about your own identity. Enroll in an identity and data protection service to further protect yourself.  

Webroot Antivirus with Allstate Identity Protection provides the much-needed extra layers to protect your data and identity from scammers looking for more than your heart.  To learn more visit webroot.com

The welcoming of a new year also welcomes the return of one of the most overused sayings in our shared lexicon: “New Year, New Me!” While there are countless overused resolutions like starting a workout regimen, the new year does provide an opportunity for additional self-improvement that most people never consider – bolstering cybersecurity protections.

If the beginning of the new year follows the trends of the last, there’s a good chance phishing will spike in the first four months of 2023. Rather than take a vacation to spend their holiday earnings, cybercriminals are using the new year as a prime opportunity to access bank accounts, install malicious software, and steal identities to commit fraud. These threats are especially prevalent as millions of people set up new devices, facilitate online shopping returns, and shop online with money and gift cards received throughout the holiday season.

Fortunately, through its new partnership with Allstate Identity Protection (AIP), Webroot will help you easily protect your devices, identity, and privacy. The partnership combines Webroot’s digital device protection with AIP, which shields the personal information and data you share online. Together, the two services offer multi-layer protection against cyber threats to protect your digital life.

Webroot Premium with AIP includes anti-virus protection for up to five devices, identity protection for one individual with up to $500,000 in fraud expense reimbursement*, up to $50,000 in stolen funds reimbursement*, and a password manager and secure browser for privacy. But the protection doesn’t stop there; additional benefits include:

Device protection:

• Real-time anti-phishing, malware, and ransomware protection against emerging threats
• Lightning-fast threat scans without interruption
• Proactive alerts with firewall and network connection monitoring
• Cleans devices and improves performance

Identity protection:

• Dark web monitoring
• Credit monitoring (one bureau)
• Financial monitoring including account takeover alerts
• Identity monitoring with identity health status updates
• 24/7 U.S.-based identity restoration

Privacy protection:

• Secure browser with alerts for malicious sites and apps
• Deletes traces of online activity

As we kick off this new year, don’t sweat the gym or stress about a resolutions list. Start 2023 off right with comprehensive device and identity protection. To learn more, visit Webroot Premium with Allstate Identity Protection.

*Allstate Identity Protection Legal Disclaimer

Identity theft insurance covering expense and stolen funds reimbursement is underwritten by American Bankers Insurance Company of Florida, an Assurant company. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Product may be updated or modified. Certain features require additional activation.

The end of year holidays mark the busiest time of the year for online shoppers. We’re all rushing around trying to find the right gift that doesn’t break the budget. Throw in family time and stress can get out of hand.

Sadly, this time also marks one of the busiest times of year for online hackers. With the flurry of activity online, they know they’ve got ample targets.

Of course, not all targets are equal. Hackers would rather make a quick buck than spend their time forcing their way through in-depth security. That’s why it’s so important to follow the 5 most important rules for online shopping.

1. Strengthen your passwords

There’s no reason to still use the same password you came up with in high school. It’s a dirty truth that big businesses suffer data breaches – that means the longer you use a password the more likely it’s been hacked. Even if you’re not using that old website, hackers might know your information and will try logging in to common sites using your old email + password combination. We know it can be a pain to keep track of everything, and that’s why we recommend using a password manager service.

2. Visit reputable sites

We all want to score the best deals on holiday shopping, but the old adage is true – if it seems too good to be true, it probably is. You don’t need to go to sketchy sites to find the best prices. The biggest retailers have deals all season long. Plus, when you use a big site you don’t run the risk of getting a knockoff product.

3. Protect your WiFi

So much of our life is on the go, and holiday shopping is no different. Did you know that WiFi networks are often targeted by hackers and scammers? Even the one in your home can be spoofed, allowing thieves to steal your information. That’s even more true when you’re connected at the local coffee shop. With a VPN (Virtual Private Network – something all the best antivirus options offer), your information is secure no matter where you connect.

4. Invest in antivirus

You get what you pay for doesn’t just apply to your shopping. If you really want to make sure you’re safe online during the holidays, you want to make sure to invest in a reputable antivirus. No one wants a knock-off gifts – they’re low quality and unreliable. So why would you settle for a knock-off antivirus? Look for an option that has lots of good reviews, or even better go to a big box store and ask their experts for recommendations.

5. It pays to be suspicious

A healthy amount of suspicion can go a long way in protecting yourself while you’re shopping online (and let’s not get started on the sketchy ads we all get on social media). It’s always important to trust your gut. It’s also important to be wary of free money, unexpected calls from financial institutions and sites asking for personal information (rather than just billing info). And let’s not get started on the sketchy ads we all get on social media.

Holiday shopping can be stressful enough, don’t let it get worse with a stolen credit card or hacked computer. Follow the 5 most important rules for staying safe online and you can shop worry free and get back to celebrating.

Interested in learning about award-winning antivirus?

Discover Webroot.

The risk of becoming a victim of identity theft has never been greater

We are increasingly living our lives in the digital realm. Whether we’re banking, purchasing or browsing, our daily activities are most likely taking place online. Not only has this sped up our efficiency, but it has also expanded our exposure to a host of cybercriminals who are eager to use our personal information.

According to the Federal Trade Commissioner (FTC), incidents of identity theft and related fraud rose nationwide in the United State in 2021. Consumers lost more than 5.8 billion, skyrocketing over 70% from the previous year. The FTC received 5.7 million fraud and identity theft reports in 2021. Over a million of these reports were consumer identity theft cases.

The rise in identity theft and fraud means it’s especially important to secure not only the devices you use but also your personal identity.

Your identity is unique to you. Keep it that way with Webroot and Allstate Identity Protection

There are many steps you can take to ensure your identity isn’t compromised:

• Shredding bank statements
• Securing important documents
• Ensuring your passwords are effectively managed
• Investing in a quality antivirus for your devices

However, these actions won’t help you regularly monitor your financial accounts, scan for emerging threats or provide fraud or stolen funds reimbursement.

That’s where Webroot can help. Webroot has partnered with Allstate Identity Protection to offer two unique ways to preserve both your devices and identity: Webroot™ Premium and Allstate Identity Protection Add-on.

The same trusted antivirus but with the added bonus of identity protection

Webroot Premium is a combination of our top-of-the-line antivirus protection and Allstate Identity Protection.

Enjoy all the great benefits of our antivirus plus these great features:

• Dark Web, financial and identity monitoring: Credit card and bank account transactions, 401(k) and account takeover
• 24/7 U.S.-based customer care
• 1 bureau credit monitoring
• 550K in fraud expense and stolen funds reimbursement*

In addition to Webroot Premium, we’re offering existing customers the chance to keep their current Webroot subscription and just add identity protection with Allstate Identity Protection Add-on.

Experience the benefits of your current Webroot antivirus plus:                                              

• Dark Web monitoring with social security trace
• Financial monitoring with account takeover alerts
• Identity monitoring, including identity health status updates
• 24/7 U.S.-based restoration
• $25K fraud expense reimbursement*

This holiday season, ensure your online shopping purchases remain secure while safeguarding your devices and identity with Webroot and Allstate Identity Protection.

Learn more about Webroot Premium and discover what our comprehensive protection can do for you.

Allstate Identity Protection Legal Disclaimer

*Identity theft insurance covering expense and stolen funds reimbursement is underwritten by American Bankers Insurance Company of Florida, an Assurant company. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Product may be updated or modified. Certain features require additional activation.

For the past year, hackers have been following close behind businesses and families just waiting for the right time to strike. In other words, 2022 has been an eventful year in the threat landscape, with malware continuing to take center stage.

The 6 Nastiest Malware of 2022

Since the mainstreaming of ransomware payloads and the adoption of cryptocurrencies that facilitate untraceable payments, malicious actors have been innovating new methods and tactics to evade the latest defenses. 2022 was no different.

The ransomware double extortion tactic continues to wreak havoc, with ransomware attackers threating to both steal your data and also leak it if you don’t pay up. But this year also saw the onset of the triple extortion method – with this type of attack, hackers threaten to steal your data, leak it and then also execute DDoS attack if you don’t pay up. As a result, many organizations are shifting away from cyber insurance and adopting layered defenses in an effort to achieve cyber resilience.

Ransom payments continued to balloon – last year at this time the average was just below $150,000 but it now stands close to $225,000 (that’s increasing faster than the rate of inflation, for those counting at home!).

In bad news (as if we needed more), malicious actors seem to have settled on a favorite target: small and medium sized businesses. Large-scale attacks make headlines, but hackers have found that smaller environments make for easier targets.

But it’s not all bad news… after all, the first step in defeating your enemy is to learn their tactics. Our researchers have been hard at work uncovering the worst offenders to better build defenses against them. With that, here are the 6 Nastiest Malware of 2022.

Here are this year’s wicked winners

Emotet

• Persisting botnet with cryptomining payload and more
• Infects via emails, brute force, exploits and more
• Removes competing malware, ensuring they’re the only infection

Lockbit

• The year’s most successful ransomware group
• Introduced the triple extortion method – encryption + data leak + DDOS attack
• Accept payments in two untraceable cryptocurrencies Monero and Zcash as well as Bitcoin

Conti

•  Longstanding ransomware group also known as Ryuk and a favorite payload of trickbot
•  Shutdown attempts by US gov have made them rebrand into other operations such as Hive, BlackCat, BlackByte, and AvosLockerWill leak or auction off your data if you don’t pay the ransom

Qbot

• The oldest info stealing trojan still in operation
• Works to infect an entire environment to ‘case the joint’ before its final stage
• Creates ransomware Voltrons through partnerships with Conti, ProLock and Egregor

Valyria

• Malspam botnet that starts with email attachments containing malicious scripts
• Known for their complex payloads that can overwhelm defenses and evade detection
• Partners with Emotet to create a two-headed monster

Cobalt Strike / Brute Ratel

• White hat designed pen testing tool, that’s been corrupted and used for evil.
• Very powerful features like process injection, privilege escalation, and credential harvesting.
• The customizability and scalability are just too GOOD not to be abused by BAD actors

Protect yourself and your business

The key to staying safe is a layered approach to cybersecurity backed up by a cyber resilience strategy. Here are tips from our experts.

Strategies for business continuity

• Lock down Remote Desktop Protocols (RDP)
• Educate end users
• Install reputable cybersecurity software
• Set up a strong backup and disaster recovery plan

Strategies for individuals

• Develop a healthy dose of suspicion toward messages
• Protect devices with antivirus and data with a VPN
• Keep your antivirus software and other apps up to date
• Use a secure cloud backup with immutable copies
• Create strong, unique passwords (and don’t reuse them across accounts)
• If a download asks to enable macros, DON’T DO IT

Regional restrictions on NFL game broadcasts and rising membership fees on streaming sites like Netflix, Hulu, and Disney Plus are just some reasons why frustrated consumers turn to illegal streaming sites. Marketed as an alternative to legitimate streaming services, illegal streaming sites have become a portal to connect criminals directly to you (their target).

Unlike official streaming platforms that generate revenue from advertising or user subscriptions, illegal streaming sites must find alternative ways to make money—even if that means giving cybercriminals access to your information. Not surprising, these sites open a gateway for criminals to access bank accounts, commit fraud, and install malicious software. While computer antivirus is effective, sometimes malware still wins. Even the most tech-savvy viewer can fall victim.

With the NFL season kicking off and a host of new fall shows and movies rolling out, findings from the UK serve as a timely reminder to sports fans and movie enthusiasts around the globe to be cautious.

Threats are Real

New research from our threat team reveals the extent to which consumers are being exposed to fraud, dangerous scams, and explicit content on illegal sports streaming sites. Analysis of 50 popular “free-to-view” sites during several major sporting events uncovered that every single site contained malicious content, while over 40 percent of sites did not have the necessary security certificate.

To help you decide whether using illegal streaming websites are worth the risk, let’s dive into some of the threats our intelligence experts uncovered during their analysis.

• Banking trojans, a type of malware that is hidden under legitimate-looking software and designed to hack your bank accounts. For example, a banking trojan may be disguised as a mute button that, once clicked, automatically starts downloading a trojan onto your device. This type of malware acts extremely fast, and if your antivirus is not up to date, it may not recognize it.
• Phishing webpages, the most common type of malicious threat, are websites designed to look legitimate to fool you into providing your credentials. These scams offer the ability to view premium content as long as you log into your email hub or another important account that would be later used for identity fraud.
• Crypto scams, an increasingly popular malware that targets crypto apps on your phone. Crypto scams typically appear as pop-ups or redirects that show users fake stories of local politicians or celebrities to lure people into sophisticated financial ploys. These scams can seem very real and sometimes even imitate popular media publishing sites to sell the lie and get you to share your bank details. Another common crypto scam on these sites is malicious extensions that pretend to be a wallet for popular coins.
• Explicit content has surged on illegal streaming sites and it’s becoming more prevalent and more extreme each year. If you frequently lend your children your device beware, you be unknowingly exposing them explicit content.

How to stay safe

Cybercriminals have a deep bag of tricks, but there are some red flags you can look out for. Most of the illegal sites analyzed ran HTTP as opposed to HTTPS. While the difference of a single letter may not seem like much, “S” is crucial as it indicates encryption. An HTTPS site isn’t a guarantee that a website is entirely safe. However, its absence should always serve as a red flag not to use it.

Illegal streaming sites also are flooded with pop-ups and redirects to grab your attention and convince you to click–don’t! Links are pretty common and can be disguised as anything, making users highly vulnerable. And if an offer looks too good to be true, it usually is.

Avoid anything that wants to install an extension as part of the requirement to view content. This major red flag will typically lead to malware or phishing redirects.

Of course, the best way to say safe is to avoid risky free-to-view sites. Reliable antivirus that blocks malicious webpages will prevent you from opening and falling victim to these sites.

Click here to learn more.

The UK government has released a National Cyber Strategy to help guide the country’s strategic approach to combating the proliferation of cyber threats. As part of this strategy, the UK government is looking to expand its regulations under the Network and Information Systems (NIS) to include managed service providers (MSPs). The government’s efforts follow a string of supply chain attacks targeting SolarWinds, Microsoft Exchange Servers and the Colonial Pipeline. The UK government has highlighted a number of barriers to proper management of supply chain risks, including low risk recognition, limited visibility and insufficient expertise and tools to evaluate suppliers.

This strategic move by the UK government involves widening the scope of the NIS regulations to include MSPs. Original NIS regulations came into effect in 2018 to optimize cybersecurity offerings provided by companies within the essential services industries – water, energy, transport, healthcare and digital infrastructure. Expansion of the NIS regulations to include MSPs informs part of the UK government’s broader strategy to improve the country’s overall cyber resilience.

MSPs provide critical digital outsourcing services for IT departments and manage key business processes for many organizations. As such, MSPs play a vital role in promoting a digital-first economy. The UK government wants to ensure MSPs are fully prepared to manage ongoing cyber threats and protect the data integrity of their customers.

As the UK government moves forward with its plans, part of its proposal involves defining what an MSP does, from a commercial perspective. Under the proposed regulations, MSPs could be required to enact reasonable and proportionate security measures to protect their network and proactively manage the risks associated with services provided to customers. As of late, the NIS regulations that are being proposed could carry reporting requirements and heavy fines for those MSPs that don’t comply.

Embrace regulatory shifts with ease

We know adapting to these new and evolving requirements can be overwhelming.

Carbonite + Webroot are here to help. We offer a suite of business solutions to help keep your customers secure with reliable always-on protection, backup and recovery solutions designed to fit your needs.

Find the best solution for your business.

According to the latest ISACA State of Security 2021 report, social engineering is the leading cause of compromises experienced by organizations. Findings from the Verizon 2021 Data Breach Investigations Report also point to social engineering as the most common data breach attack method.

Social engineering is a term used to describe the actions a cybercriminal takes to exploit human behavior in order to gain access to confidential information or infiltrate access to unauthorized systems and data.

What does social engineering look like?

Social engineering can take many forms. Some malicious actors might trick you into giving your password or financial information away. They may also try and convince you to provide remote access to your computer or mobile devices. Cybercriminals are looking for ways to gain your trust and take advantage of your curiosity by sending messaging that contains malicious links or downloads.

“One method of attack bad actors use quite frequently involves spoofing legitimate vendor support centers. Cybercriminals will pretend to represent these organizations by posting sponsored ads online or through promoted search results. They will offer assistance and sell expired or stolen products of the vendor they have impersonated. These cybercriminals prey on unsuspecting individuals who offer up their personal and financial information because they believe they are in contact with the real vendor,” says Tyler Moffitt, senior security analyst at Carbonite + Webroot, OpenText companies.

Some common social engineering tactics include:

• Impersonating someone. An urgent request from a ‘friend’ or person you may know is a common tactic used by bad actors to compromise your information by attempting to gain your trust.
• A legitimate-seeming request from a trusted source. A phisher may send an email, message or text that appears to be from a legitimate organization you interact with. According to the latest IDG report, phishing attacks are on the rise.
• Oversharing personal information online. Some cybercriminals will gather intel through social networking sites like Twitter or Instagram and use that information to spoof various services or places you visit.

“Oversharing personal information online is especially dangerous for public figures or prominent employees. Cybercriminals conduct research online through a user’s social media channels to determine where a person visits and what activities a person participates in. Cybercriminals will then spoof their target with seemingly legitimate messages from that vendor with attractive offers. All they need is a click,” says Moffitt.

Avoid becoming a victim

To outwit social engineering attacks:

• Slow down and remain in control. If you receive a message that conveys a sense of urgency to act, carefully consider whether you should respond.
• Beware of what you download. Use a reputable web browser and remain conscious of what links you are accessing before clicking on them. Avoid downloading free applications that may possess remote access trojans that can compromise your device.
• Delete any requests to provide financial information or passwords and report them as spam. Avoid responding to requests for help or offers to assist from individuals you don’t know.
• Invest in security awareness training. Prevent your devices from becoming compromised by common attack vectors by investing in security awareness training. Testing yourself regularly with phishing campaigns can help you learn what to avoid.

As cybercriminals continue to exploit human behavior and take great strides to make their attack vectors appear harmless, it’s important to remain vigilant of how cyber threats continue to evolve.

Webroot offers a number of solutions to help you tackle these ongoing cyber threats. Experience powerful and reliable protection from Webroot that won’t slow you down. Whether it’s updating your antivirus software or learning to spot phishing traps with security awareness training, Webroot has you covered.

Find the best solution for your home or your business.

If you own a computer that seems to have slowed to a crawl, you may be thinking about replacing it. But what about all the files on your old dinosaur? You may be thinking about transferring them to an external hard drive, a time-consuming and tedious process, or you may have heard of the far simpler process known as “cloning.”

Cloning is the act of creating a direct, one-to-one copy of a hard drive. Like the term suggests, cloning a computer will leave you with an identical copy of all the particular apps, files and settings on the device, which a user can then install onto a new one or keep as a backup in case something disastrous happens to the original.

Cloning is a pretty simple procedure and there are a lot of free tools to help you do it. But one problem it won’t help you solve is data bloat. Bloat is unwanted data that slows down a computer. This unwanted data can come in all types of different forms. It could be music, photos, games and apps, spreadsheets or text documents. One specific type of bloat, known as “software bloat,” occurs from successive updates to a computer program as they’re layered over one another time after time.

Generally, bloat is the result of the steady accumulation of more and more data as it’s added to your computer. Bloat eats away at the available memory on your hard drive and can lead to performance issues, most notably, slowing it down. If you’re experiencing frequent crashes, it may also be a problem with a corrupted file trying to execute.

You can’t clone the bloat away

Here’s where the problem with cloning comes in. Since a slow computer is a common reason for getting a new one, and cloning simply replicates all the data already stored on a device, it may not be the best strategy for getting existing files from an older computer onto a new one. Given that you’ve also probably updated your hardware, it won’t slam the breaks on your processing speeds immediately, but it’s an added burden right out of the gate.   

An alternative strategy is to back up your old device to the cloud and migrating files to the new one as needed. When done this way, all the old and unnecessary files you don’t think to update yourself aren’t taking up space on your shiny new laptop. When automatic cloud backup is installed, all the latest files from the initial computer exist online, ready to be pulled down to your device whenever a local copy is needed.

Transferring data piecemeal can also help identify anything problematic that’s causing a device to crash. Once isolated, it can be easier to uninstall or delete.

By storing the majority of your files in the cloud, you ensure free space remains on your hard drive log into the future. It’s less taxing on your device, and you’ll notice better performance as a result. There are also organizational benefits to having old files stored in one convenient location. If you’re combing for tax documents from previous years, for instance, you know where to grab them from your old drive. Without having to having to watch an old laptop inch along.

So, when it comes time to replace an old computer, think twice about cloning. Choosing cloud backup from Carbonite could help extend the life and improve the performance of that new device.