Tag: Mobile app security

How To Protect Yourself From Social Engineering

Adam QuirkThere is no end to the methods that scammers have come up with to attain information vital to the success of their schemes. Whether they are seeking to perpetrate fraud, hacking or espionage, the most tried and true method is also one of the oldest: social engineering. It is one of the most successful because it is one of the least obvious methods, and can often require much more effort than would be reasonable for the small kernels of information that it can gather. However, those small nuggets of information can be as precious as gold to someone with the worst of intentions. Understanding and preventing social engineering is essential to protecting yourself and your business from everything from financial scams to identity theft.

So what is social engineering?

Adam QuirkSocial engineering is basically an attempt to attain personal or confidential information through manipulation and subterfuge. This can be online or face to face, in conversation or through electronic collection of data. It is a concerted effort to exploit trust in order to obtain information ranging from what you might be working on, to passwords that will allow access to data or processes. This is usually accomplished by individuals misrepresenting themselves as someone who would have a legitimate need for this information.

How to prevent social engineering

While there may be no way of completely eliminating the threat of social engineering, it can be mitigated by proper awareness and action. Here are some common sense steps that will take the bite out of social engineering attempts.

1. Treat Every Email As If It Were Potentially Compromised

401044-securityEmails, even those from trusted friends and co-workers, can be accessed and manipulated by any number of people. Even legitimate-looking emails from holders of your personal information such as your financial institution should not be trusted enough for you to click on the links to access your account. If at all possible, securely access the site on your web browser rather than clicking suspect links.

2. Never Reveal Personal Information Over The Phone

A common scam is to receive a call off someone claiming to be a financial or government entity. They may ask you to verify your identity with your social security number, date of birth, password or other information. If you cannot verify the number that is calling you as belonging to that entity, never give the information. It is safer to hang up and contact the organization directly at a known secure phone number to see if there is business that requires that verification.

3. Watch What You Say And To Whom You Say It

When someone you have just met is interested in your work or personal life, be very sparse with details and give them only what they need to know. Something as simple as what you are working on or when your birthday is could give them the information they need to advance their plan just one step closer.

While these may seem at first to be extreme steps to take, scammers are relying on your trusting nature to take social engineering attempts at face value.

Adam Quirk is a criminal justice professional with over 15 years of experience in the field. Adam also owns Stealth Advise, Wisconsin’s premier private investigations firm. In his free time, Adam enjoys blogging and traveling internationally.

Top 5 iPhone Security Apps

As mobile phones become the next battleground in cyber security, a number of apps are stepping up their game in the race to deter hackers and protect sensitive data. With everything from family vacation photos to sensitive banking information flowing through Apple and Android phones, hackers have never had a bigger target to hit than they do today.

In order to protect your personal and increasingly valuable information, consider these five security apps for your iPhone.


Lookout Personal for iOS
LookoutOne of the most profitable attack vectors for hackers is targeting phones running out-of-date software. The longer you let your device run a last-generation operating system, the more vulnerable you become to attack. Hackers and criminals spend a lot of time looking to exploit old software because so many people neglect regular updates.Give Lookout Personal for iOS a try. It’s a consumer version of Lookout’s powerful suite of security tools. By keeping watch for out-of-date software and scanning for malicious applications, Lookout shores up two of the most common ways hackers find a way into personal devices.

The best part is, you don’t need to keep checking the app to make sure you’re secure. Lookout will alert you if it finds something that needs your attention.


SpiderOakONE

SpiderBenjamin Franklin famously remarked, “In this world, nothing can be said to be certain, except death and taxes.” If Franklin were alive today, he may want to add “cybercrime” to the list.

Billions of dollars are lost each year to cybercrime, and not only from businesses. Personal bank accounts and identities are juicy targets too. By creating a secure backup in the cloud, you can ensure that your digital life doesn’t come to a screeching halt if you do get hacked.

Starting at just a couple bucks a month, SpiderOakONE is an encrypted solution with individuals in mind. Perhaps the biggest selling point of SpiderOak’s system is their “zero knowledge” guarantee, promising that their team sees none of your data. In short, your data is yours, and yours alone.


LastPass

LstPassSince the dawn of the internet, people have been writing passwords down on sticky notes and posting them on their desks at home. This will work well until you lose the note or suffer a break-in. Imagine dealing with the double whammy of residential theft and your bank account being drained. That’s a bad day!

Take a step toward personal security with password management platforms like LastPass. Reusing passwords across multiple sites is one of the best ways to expose yourself to hacking. Stop cybercriminals in their tracks by using the LastPass “password vault” to store unique passwords for each web account you own. All you need to do it remember one “master” password to access your vault. 


Find My iPhone

Find MyThis built-in application can be a lifesaver when your phone goes missing. Built by Apple and included in every new iPhone by default, Find My iPhone is GPS-based security software that will help you track down your phone whether it is hiding in the couch at home or in a thief’s pocket across town.

In addition to displaying your phone’s last known location on a map, Find My iPhone also allows you to trigger a loud alarm on your phone, which is useful if you are in the vicinity but don’t know its exact location. You also can remotely wipe the phone’s data. If it ever gets to that point, it can be reassuring to know you’ll at least be able to clean your sensitive information off your lost device.


McAfee Mobile

MCAfeeWhile we normally think of computer viruses targeting desktop computers, there is a growing black market for viruses targeting mobile devices. So much commerce takes place over phones and tablets — from business email to personal shopping — that iPhone- and Android-specific viruses are on the rise.

McAfee Mobile gives users a suite of alert and location services similar to Find My iPhone, but the real meat of the application is in its “Secure Media Vault,” a feature that will let you restrict access to your personal data when you hand off your device to a friend or coworker. You needn’t be worried they may snoop through your family photos; rest easy as you lock down your personal pictures before sharing.

Built for both the iPhone and iPad, this app adds one more arrow to your quiver of security tools.


With these five applications installed, you’ll be miles ahead of most users when it comes to everyday security.