Identity Protection Service: The Best Solution to a Growing Problem

Read Time:6 Minute, 1 Second

I’m about to tell you an extraordinary fact about cybercrime. Some of the most significant data breaches in internet history weren’t after bank account numbers, cryptocurrency, or even credit card numbers. They were, in fact, after YOU. That’s right, the most valuable data on the internet is the data that comprises your identity. Let’s take a look at what that data is, how it gets leveraged by cybercriminals, and how you can get the online identity monitoring you deserve.

Identity exposure in the news  

1 billion is a big number. In the case of a recent CVS database leak, that’s how many user records were accidentally released online, including details like email addresses and even searches about Covid vaccines. This is just one of the dozens of breaches that have occurred recently and will continue to happen as personally, identifiable information becomes more valuable to cybercriminals. Just as remarkable as the huge volume of user data being exposed online is the speed with which compromised data is used by hackers online. Cybersecurity researchers recently discovered that cybercriminals access leaked or stolen credentials within 12 hours to exploit them as soon as possible. These circumstances beg the question, why has your personally identifiable information has become so valuable lately?  

Why your Personally Identifiable Information is worth so much to criminals online   

While the value of some information, like a credit card number, is obvious, you may think your name and date of birth aren’t that big of a deal. After all, it wasn’t so long ago that you could find all that information in a phone book. In fact, personally identifiable information (PII), also known as data used to identify a specific individual, is what many data breaches are after.    

Armed with just a mailing address, a phone number, and a date of birth, a cybercriminal can begin constructing a fake identity to take out loans and disguise many kinds of criminal activities. With a social security number and a few personal details from a social media account, they could take over a bank account. When it comes to your PII, any information is as good as gold to cybercriminals.   

Your PII may not be as safe as you think. 

If our PII were treated like actual gold and held in a safe location like Fort Knox, I wouldn’t be writing this post. But in fact, it’s the currency we use to obtain many services in our connected lives. Social media sites are massive repositories of PII, and their access to our most personal details and the ability to sell it to marketers is the reason the service remains free. Free email services are the same. Now consider all the other accounts we may have created to, say, try out a streaming service for free, or even old accounts we no longer use. From that perspective, you can see how much of your data is being used by companies, may not be very well protected, and is a tempting target for cybercriminals. Fortunately, there are many things you can do to keep your identity safer online.

Learn to spot a breach and to keep your identity safer 

When it comes to protecting your PII, knowledge is power. Let’s start by identifying if you’ve been the target of a data breach. Here are a few tell-tale signs:   

You receive a bill for a credit card account that, though in your name, is not yours. This probably means a thief opened the account in your name.   
Unfamiliar purchases on your credit card, even tiny ones (crooks often start out with small purchases, and then escalate). Challenge even a $4 purchase.   
You receive a credit card or store card without having applied for one. If this happens, immediately contact the company.   
Your credit report has suspicious information, like inquiries for credit that you didn’t make.   
Collectors are calling you to collect payments you owe, but you owe nothing.   

Be stingy when it comes to PII  

Okay, now that you know the signs of a data breach, let’s look at how you can take action to protect yourself. The best way to avoid being the victim of identity theft is by limiting the amount of PII you provide. There are some easy ways to do this.

1. Avoid giving out your social security number whenever possible 

Only a few types of organizations legitimately need your social security number. These include employers or when contracting with a business, group health insurance, financial and real estate transactions, applying for credit cards, car loans, and so forth.   

2. Stay away from online quizzes 

Quizzes, social media games, and other kinds of interactive clickbait are often grifting pieces of your PII in a seemingly playful way. While you’re not giving up your SSN, you may be giving up things like your birthday, your pet’s name, your first car … things that people often use to compose their passwords or use as answers to common security questions on banking and financial sites.    

3. Watch out for phishing scams  

A phishing email poses as a real email from known or trusted brands and financial institutions. These emails attempt to trick you into sharing important information like your logins, account numbers, credit card numbers, and so on under the guise of providing customer service. Here are some more ways to spot a phishing email.   

4. Free yourself from PII worries with a new kind of identity protection 

Clearly, we’re in a new era when it comes to securing our identities online. In response, McAfee has created a new kind of identity monitoring.

We knew from the outset Identity monitoring had to be proactive, holistic, and accessible. We also wanted it to follow the timeline for how cybercrime actually affects your identity.  When it comes to PII, the breach is just the first step for cybercriminals. The 10 months following a breach is when cybercriminals will use your PII to commit fraudulent acts using your data.

To address this, your identity monitoring looks after more personally identifiable information than other leading competitors. It will also alert you of stolen personal info an average of 10 months ahead of other monitoring services. And it’s accessible anywhere via mobile app, browser, and the web.

In practice, McAfee’s identity monitoring protects all your online accounts by doing the following:

Monitors your PII   
If detected, alerts you  
Offers quick and guided help to neutralize the threat   
Provides educational content to help prevent future issues   
Offers insurance and agent-assisted remediation, available for select plans  



Enjoy your life online again with a holistic approach to security  

As we spend more of our lives online, we need an approach to security that reflects this new reality. Identity monitoring is part of it. VPN is part of it. Antivirus is part of it. They are all pieces of a puzzle that we solve with products like McAfee Total Protection. Our premier security service is comprehensive, affordable, and, with identity monitoring, an indispensable part of your life online.

The post Identity Protection Service: The Best Solution to a Growing Problem appeared first on McAfee Blog.

Read More

Germany’s BSI warns against Kaspersky AV over spying concerns

Read Time:40 Second

Germany’s Federal Office for Information Security (BSI) has warned businesses against using Kaspersky virus protection products amid concerns of Russian technology being coerced by Russian government agents and forced to attack target systems against its will or spied on. The BSI did not raise any concrete allegations against Kaspersky products but recommended replacing them with alternatives due to the Russian-Ukraine conflict. The Russian vendor responded in an official statement suggesting the BSI’s actions have been made on political rather than technological grounds.

The warning echoes earlier unconfirmed claims by U.S. intelligence agencies about ties between Kaspersky and the Russian government. Those claims led to the removal of Kaspersky Lab products of approved vendors for U.S. federal agencies in 2017.

To read this article in full, please click here

Read More

Top tools and best practices for WordPress security

Read Time:39 Second

If you run a WordPress website, you need to get serious about keeping it as secure as possible. WordPress continues to be a widespread target for hackers. Last November, more than a million GoDaddy-managed WordPress customers were part of a breach that could have exposed their email addresses, private SSL keys, and admin passwords. The attacker was apparently able to operate undetected inside the company’s networks for two months.

In February, Ukrainian university WordPress websites were attacked as the Russian invasion began. Another attack on a WordPress server redirected traffic to malicious websites where visitors would receive malware. Going back in time, a botnet used compromised WordPress servers to attack others in 2018 and another series of attacks in 2019.

To read this article in full, please click here

Read More

Preparing Microsoft cloud networks for regional disruptions

Read Time:1 Minute, 0 Second

We live in an always-on world of 24/7 websites, servers, help desks and internet connectivity—that is, until it’s not connected. The Ukrainian crisis shows that IT and security admins of Microsoft environments need to be aware of geographic and other risks they might not have considered yet.

As we move servers to the cloud, have we considered the impact of geographic and geopolitical issues and boundaries? Cases in point:

Microsoft’s Brad Smith recently announced it would shut down new sales of Microsoft services to Russia.
Apple and Google announced similar positions halting product and advertising sales, respectively.
VMWare has announced an immediate suspension of all business operations in Russia and Belarus.

Any international business must think about local security and privacy policies and regulations they must follow to be compliant everywhere they operate. If you do business in Germany, you must abide by the European Union’s General Data Protection Regulation (GDPR), which governs how personal data of individuals in the EU may be processed and transferred. Have customers in California? You are subject to security and privacy laws of both the United States and California.

To read this article in full, please click here

Read More

Post Title

Read Time:31 Second

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the Internet. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user rights on the system, exploitation of the most severe of these vulnerabilities could have less impact than if it was configured with administrative rights.

Read More