If you’re like me, whenever I get new PC, smartphone or tablet, the box is open and the screen is coming to life as soon as I get a chance.
Here are a few suggestions to help you get off to a safe start from the moment you’ve got your system up and running.
PC–Laptop or Desktop
1. Make sure you’re running the most up to date software.
There have likely been several system updates since your hardware was packaged and you opened it. Hopefully your system updated itself or prompted you to update as you installed. But it’s always a good idea to double check. You can do go to Windows Update for your Windows machine. On a Mac, just click on the apple in the top left of your desktop and select, Software Update. You also want to make sure your other software is current and isn’t leaving some hole that can be exploited by an online criminal. You can update each program one-by-one or use our free Health Check.
2. Install security software.
Of course, as company that’s been protecting computers for 25 years, we believe security software including anti-virus is crucial. But don’t just take our word for it. Most, if not all, law enforcement agencies, governments and experts agree that you need security software if you’re planning to use the Internet. So if you aren’t going to use our award-winning Internet Security–which we invite you to try for free–please use another.
3. Choose a backup.Yes, we’re also in the backup business because we believe it’s essential to safe, smart computing. But if you aren’t going to use our Online Backup, you can use an external hard drive, DVDs or some other backup solution. But as our Mikko Hypponen demonstrated in his TED Talk, a reliable backup can save the day.
You may also want to: Uninstall all the programs that came on your PC as promotions if you know you won’t be using them. If you’re super security conscious, you should also disable all your Java plug-ins or make sure they never get enabled–unless you need them.
Smartphone or Tablet
After you’ve registered your accounts and synced your phone when possible, your mobile device is a lot like your PC.
1. Install mobile security.
We also offer Mobile Security for Android that protects your smartphone and tablet from bad apps and scams that are even more tricky on mobile browsers. Some say Android is replacing Windows as the number one target of online criminals–if that happens, it will be the result of too many people not protecting their phones.
Sorry, there’s no iPhone mobile security available yet because Apple isn’t allowing anyone to develop such apps and is relying on keeping bad guys out with its well-policed app store. But if you do not jailbreak your iPhone, it will likely be safe from bad apps.
2. Choose a backup.
You can choose from a variety of backup services for your smartphone, which as you know soon fills up with irreplaceable content. You can also backup by dragging and dropping your content to your backed up PC whenever you dock your phone. Set up your Android to save your settings regardless of what happens to your device. Just go to Settings > Privacy, and make sure that “Back up my settings” and “Automatic restore” are checked off.
3. Install Anti-Theft.
It just makes sense that you’re more likely to misplace your phone or tablet than your PC. But it’s also simple to track your device and protect your data if it falls out of your hands. We offer free Anti-Theft. Apple offers a Find My iPhone app for free.
4. Stick to Official App Stores.
If you get your apps from the official Google Play or ITunes store, you will likely never deal with a malicious app. Be sure to check user reviews and stick with software that has a proven record.
Enjoy your new toy!
Every time you go online, your personal privacy is at risk – it’s as simple as that. Whether you’re creating an account on a website, shopping, or just browsing, information like your email, IP address and browsing history are potential targets for interested parties. All too often, that information is sold on or sometimes even stolen without you even knowing it. And the threats to our online privacy and security are evolving. Fast. As F-Secure’s Online Protection Service Lead, Christine Bejerasco’s job is to make life online safer and more secure. “We’re basically online defenders. And when your job is to create solutions that help protect people, the criminals and attackers you’re protecting them against always step up their game. So it’s like an arms race. They come up with new ways of attacking users and our job is to outsmart them and defend our users,” Christine says. Sounds pretty dramatic, right? Well that’s because it is. While it used to be that the biggest threat to your online privacy was spam and viruses, the risks of today and tomorrow are potentially way more serious. “Right now we’re in the middle of different waves of ransomware. That’s basically malware that turns people’s files into formats they can’t use. We’ve already seen cases of companies and individual people having their systems and files hijacked for ransom. It’s serious stuff and in many cases very sad. If your online assets aren’t protected right now you should kind of feel like you’re going to bed at night with your front door not only unlocked but wide open.” Christine and her team of 11 online security superheroes (eight full-time members and three super-talented interns) are on the case in Helsinki. Here’s more on Christine and her work in her own words: Where are you from? The Philippines Where do you live and work? I live in Espoo and work at F-Secure in Ruoholahti, Helsinki. Describe your job in 160 characters or less? Online guardian who strives to give F-Secure users a worry-free online experience. One word that best describes your work? Engaging How long is a typical work day for you? There is no typical workday. It ranges from 6 – 13 hours, depending on what’s happening. What sparked your interest in online security? At the start it was just a job. As a computer science graduate, I was just looking for a job where I could do something related to my field. And then when I joined a software security company in the Philippines, I was introduced to this world of online threats and it’s really hard to leave all the excitement behind. So I’ve stayed in the industry ever since. Craziest story you’ve ever heard about online protection breach? Ashley Madison. Some people thought it was just a funny story, but it had pretty serious consequences for some of the people on that list. Does it frustrate you that so many people don’t care about protecting their online privacy? Yeah, it definitely does. But you grow to understand that people don’t value things until they lose it. It’s like insurance. You don’t think about it until something bad happens and then you care. What’s your greatest work achievement? Shaping the online protection service in the Labs from its starting stages to where we are today. What’s your idea of happiness? Road trips and a bottle of really good beer. Which (non-work-related) talent would you most like to have? Hmmm… tough. Maybe, stock-market prediction skills? What are your favorite apps? Things Stumbleupon What blogs do you like? Security blogs (F-Secure Security blog of course and others – too many to list.) Self-Help Blogs (Zen Habits, Marc and Angel, etc.) Who do you admire most? I admire quite a few people for different reasons. Warren Buffett for his intensity, simplicity and generosity. Mikko Hyppönen for his idealism and undying dedication to the online security fight. And Mother Theresa for embodying the true meaning of how being alive is like being in school for your soul. Do you ever, ever go online without protection? Not with systems associated to me personally, or with someone else. But of course, when we are analyzing online threats, then yes. See how to take control of your online privacy – watch the film and hear more from Christine. See how Freedome VPN will keep you protected and get it now.
There hasn't been app that has exploded this quickly in a long time -- possibly ever. An "augmented reality" game that combines geocaching with a kids' favorite from the 90s- 00s, Pokémon Go is already nearing 10 million downloads. And you can hardly go on social media without finding someone either bragging about snaring a rare Bulbasaur or begging for an explanation of the phenomenon. On Monday several stories broke about privacy concerns about the game so we ran them by our Security Advisor Sean Sullivan who had some good news for us: The stories are mostly overblown. Let's go through them. You heard about the robbery of Pokémon players drawn by robbers to PokéStops? "The robbery stuff is hyped nonsense, allegedly happens once, and the press can't resist telling the story," Sean told us. If you're really worried, practice the same tactics you use when trick-or-treating -- including sticking to well-traveled areas and playing with friends. How about Niantic, the app's maker collecting "your email address, IP address, the web page you were using before logging into Pokémon Go, your username, and your location." Sounds bad right? Maybe. But it's "typical of most apps," Sean says. Still, as always, you should check you privacy settings. What about the news that the app gives Nitantic full access to your entire Google account, which you have to use to create an account for the game!? Turns out that the maker was never able to read your Gmail and the permissiveness has more to do with Google's settings than Nitantic's. However, to play, you may still want to create a separate Google account that isn't connected to your Gmail as F-Secure Labs explains below. https://twitter.com/FSLabs/status/752766796227284993 Yes, criminals are taking advantage of the app's popularity and Android's laxer security standards -- at least compared to the iOS App Store -- to spread infected fake "backdoored" versions of the app. But that's true of many, many popular Android apps, which is you should always stick to the official app stores and check reviews before downloading. Sean is a known fan of Nintendo, which owns the Pokémon brand, so he may be a bit biased. But all he has is good news for you, for now. Given the success of the app, you're bound to hear many stories that stoke suspicion both of the app and the players. You're also likely to see many imitators who will take advantage of how the app has exposed adult's urges to play games on their phone that actually bring them into public. And, of course, there will be efforts to monetize this sensation. Players can already buy virtual items to speed their progress, but augmented reality presents unique advertising opportunities. "The game’s real-world nature also gives Niantic another intriguing moneymaking possibility, by charging fast-food restaurants, coffee shops and other retail establishments to become sponsored locations where people are motivated to go to pick up virtual loot," the New York Times reports. These partnerships may spark new concerns about sharing players' location data with ad partners. But for now, people seem very willing to go out into the world and make themselves known as Pokémon Go players. While the success of Pokémon Go may be extraordinary, the privacy and security concerns are typical of any well-known app. [Image by Noah Cloud | Flickr]
Reports that as many as 40 million iCloud accounts have been compromised by Russian attackers have not been confirmed by Apple. But they haven't been denied either. "For now, let's assume there hasn't been a massive iCloud data breach," writes Steve Ragan at CISO. So... what do the reported attacks look like? "It starts with a compromised Apple ID. From there, the attacker uses Find My iPhone and places the victim's device into lost mode," Ragan writes. "At this point, they can lock the device, post a message to the lock screen and trigger a sound to play, drawing attention to it." Then they demand the ransom -- usually $30 to $50 or all the data will be deleted. What can you do to avoid such an attack? Get your security basics right. "So make sure that you have a unique, hard-to-crack, hard-to-guess password protecting your Apple ID account," Graham Culey writes. "And, if you haven't already done so, I strongly recommend enabling two-step verification on your Apple ID account to make it harder for hackers to break in." It's about a four-minute process. So do it. Now. You start by logging into your Apple ID. And while you're thinking about it, why don't you activate two-factor authentication on any account you can -- especially Google, which calls it "two-step verification" even though it's really "two-factor" since it involves your phone, and Facebook, which calls it "Login Approvals." [Image Gonzalo Baeza | Flickr]