wi-fi_security_booth_2

How Far Would you go to Get Free Wi-Fi?

Using public Wi-Fi without a VPN is risky. Lots of people know that. Unfortunately, most don’t give a s**t. Think about it. People do all kinds of risky things even when they know they shouldn’t. They smoke, drink, eat too much. You get the idea. But when it comes to public Wi-FI, one of the biggest reasons people don’t care about the risks is because they don’t really know what they are. Well, we’re going to let you in on a little secret. Ready? Free public Wi-Fi isn’t actually free. In fact, every time you use it you’re exposing really personal stuff like your passwords, search history and waaaaay more. So why would anyone be interested in seeing your personal stuff? After all, it’s not like your name is Kim or Kanye, right? Long story short: So they can hack you. All it really takes is a few hundred dollars, some easy-to-buy software and a criminal mind. And it happens all the time. In fact, one in ten people will be the victim of an online crime. We took to the streets of New York to have some fun and prove a very important point. If people actually knew just how much intimate stuff they were giving away on public Wi-Fi, would they? Well, you’ll have to watch the hilarious video to find out. But let’s just say you’d be surprised just how far some people are actually willing to go to get online. In fact, some of the stuff people were willing to reveal in exchange for our free Wi-Fi password (no, we weren’t actually giving away free Wi-Fi) was so risque that it ended up on the cutting room floor. Risking it all for free Wi-Fi is ridiculous. Luckily, it’s also ridiculously easy to protect yourself with Freedome VPN.   https://www.youtube.com/watch?v=fN7z-XrSQyE

December 2, 2016
BY 
freedomexslush2016

5 Really Inspirational Things we Heard at an Epic Startup Event

Slush is Europe’s leading and the world’s’ coolest startup event. Over 15,000 top tech investors, starry-eyed startups and journalists brave the godawful Finnish November weather (blink and you miss the day’s sunlight) to give talks, pitch their ideas, form partnerships and finally wind down at the mythic Slush afterparty. But the greatest thing you walk away with is inspiration, and here are five eye-opening things we heard on day one. They are not conventional business tips, but instead give insight into the mindset of successful entrepreneurs and offer some exciting glimpses into what technology can do for us. Shark Tank billionaire gives advice to young people. “Buy less shit so you won’t be tied down to things and can live the life you want”. Chris Sacca was one of the early investors in companies like Twitter, Instagram and Uber, so this billionaires refreshingly anti-materialistic attitude driven by soft values was a welcome change from attitudes prevalent in the  business world. Sacca also called Finland’s free education system a huge competitive advantage and praised the value of liberal arts degrees. He was also clearly impressed with the main stage pyrotechnics! VP of Tinder on the shallowness of networking “When you go to an event, don’t try to make 50 contacts. Instead try making 5 friends”. Young Silicon valley superstar Ankur Jain did not like the concept of networking, and the fact that people's first question to others is often "what do you do?" This question makes you feel like you are being assessed for your value to the asker, not for who you are as a person. That's quite insightful coming from a 26-year old who would definitely impress everyone with HIS answer to "what do you do?" Tesla Motors and SpaceX board member is the most down-to-earth investor in the world “Us investors should mostly act as cheerleaders to the companies we invest in". Steve Jurvetson, who sits on the board of  companies like Tesla Motors and SpaceX, came to our Speaker Studio after an impressive keynote, and talked a lot about how investors often exaggerate their contributions to startups. He even mentioned an unnamed company that prides itself in being the "first VC to invest in Apple", while conveniently omitting the fact that they pulled all their funding well before Apple went public. He was an incredibly humble guy and we all have tremendous respect for him. Jamie Siminoff on how not focusing on profit made a company profitable “When we started focusing on our mission instead of profit, profits followed soon after”. Jamie Siminoff is the founder of U.S startup Ring talked about the ups and downs of being a serial hardware entrepreneur. His struggling startup was about to go under, but when their experiment done with LAPD became a national news story (in summary, installing their doorbells in a neighborhood dropped burglary rates by 50%), things changed. Their mission of making homes safer proved to be their success (Ok, the 28 million investment from Richard Branson probably helped too). Risto Siilasmaa talks about a technology-driven approach to completely revolutionize healthcare. “It’s about promoting and maintaining health, rather than treating sickness”. Medical startups had a large presence at Slush, and we heard similar sentiments throughout the day . Nokia recently acquired  digital health wearable Withings, and hearing about Risto's  vision on the future of digital health made us feel a bit less worried about growing old! See our full interview on the subject with the most successful tech entrepreneur in Finnish history below.   https://www.youtube.com/watch?v=26DGKk5UwuI&t=118s    

December 1, 2016
BY 
460263181_598085a805_o

What’s a Mirai Botnet Doing With My Router?

Mirai – malware designed to infect internet of things devices - is behind some of the biggest DDoS attacks in history. It knocked Twitter, Netflix, and other popular websites offline in October. And now, it looks like a variant of Mirai has been modified (or upgraded) to infect routers. Nearly a million people in Germany have lost their internet access over the past few days due to infected routers. News reports say that over 900,000 routers from Deutsche Telekom (DT), Germany’s largest telecommunications provider, were knocked off the internet over the past few days. The attack(s) are being attributed to Mirai based on their use of infrastructure seen in previous Mirai attacks. “Mirai was designed to infect IoT devices. And since IoT devices and routers have many of the same security issues, adapting Mirai to target routers seems worthwhile for attackers,” says F-Secure Security Advisor Sean Sullivan. “It takes a bit of work to adapt the malware, but since the code has been dumped online, it’s doable.” The Mirai variant hitting routers in Germany exploits a vulnerability in the firmware of particular models of Speedport and Zyxel routers. Previous Mirai variants have been more focused on IoT devices (most notably webcams), and brute forcing passwords to infect devices with malware. You can find a list of affected router models here. DT has apparently already developed a fix for this, which is impressive given the general industry-wide neglect of vulnerable firmware. But reports say that there may be as many as five million devices connected to the internet that are susceptible to the same attack used against DT routers. And this estimate doesn’t include devices with other security problems leveraged by Mirai, such as the use of weak default passwords set by manufacturers. How to Troubleshoot Bots Attackers infect devices with Mirai, and then connect tens or maybe even hundreds of thousands of infected devices together to create a network of bots (hence the term, botnet). Using botnets, attackers can do things like issue commands to infected devices, launch devastating DDoS attacks, install additional malware, or spread the infection through more networks (thereby increasing the size of their botnet). But fighting botnets isn’t a huge priority for anyone but ISPs. A phone, laptop, or webcam can be part of a botnet without really inconveniencing the device owner. However, that doesn’t mean bot infections should be ignored. Many bots, including Mirai, receive instructions from attackers. New instructions can give bots new capabilities, including having them attack device owners in more direct ways. And because Mirai (and bots like it) can infect non-traditional PCs, it’s more difficult to get rid of. Here’s a few things you can do to get rid of bot infections on devices that can’t run antivirus software. Reset your device Resetting routers and IoT devices infected by Mirai is enough to remove the infection. It’s a good first step. But this doesn’t fix the underlying problem, so you’ll remain vulnerable to future infections unless you take additional actions. And because Mirai spreads aggressively, you may only have a matter of minutes until you’re infected again. Change default passwords (if possible) Most people don’t change default passwords on their routers or IoT devices. This is a HUGE problem, since many of these devices use common passwords for the same model or line of products. And to make things worse, lists of default passwords are often available online. Many attackers know people don’t change passwords on their devices, and use that to help them plan attacks. Mirai is programmed to try logging in using popular passwords like “123456” and “password”, as well as passwords that have proven effective against specific devices (such as “admin” and “xc3511”). So change default passwords whenever possible. Contact device vendors/ISPs Some devices cannot be fixed easily. Sometimes passwords cannot be updated by users. Firmware often ships with vulnerabilities, requiring vendors to create and distribute patches. In these cases, ISPs or device manufacturers need to get involved. So make an effort to check their websites, and if needed, contact them. They may or may not help. DT is making an effort to restore service to customers affected by the recent outbreak. And after the massive Mirai attack on Dyn in October, a Chinese webcam manufacturer recalled some of its products that used passwords that could not be changed by users. In the worst case scenarios, people may be forced to actually throw out an infected device. “Like any new technology, it’s buyer beware,” says Sean. “Security researchers and even hackers have been talking about insecure IoT devices for years. Now the problems are starting to arrive, and they’ll most likely get worse before they get better.” There are multitude of other security measures you can take to protect things like routers and IoT devices. Some of the best ones include making sure Universal Plug n Play is disabled, checking that your DNS settings are configured correctly, and that you log out of devices’ admin portals after changing any settings. [ Image by Sascha Pohflepp | Flickr ]

November 30, 2016
BY 

Latest Posts

wi-fi_security_booth_2

Using public Wi-Fi without a VPN is risky. Lots of people know that. Unfortunately, most don’t give a s**t. Think about it. People do all kinds of risky things even when they know they shouldn’t. They smoke, drink, eat too much. You get the idea. But when it comes to public Wi-FI, one of the biggest reasons people don’t care about the risks is because they don’t really know what they are. Well, we’re going to let you in on a little secret. Ready? Free public Wi-Fi isn’t actually free. In fact, every time you use it you’re exposing really personal stuff like your passwords, search history and waaaaay more. So why would anyone be interested in seeing your personal stuff? After all, it’s not like your name is Kim or Kanye, right? Long story short: So they can hack you. All it really takes is a few hundred dollars, some easy-to-buy software and a criminal mind. And it happens all the time. In fact, one in ten people will be the victim of an online crime. We took to the streets of New York to have some fun and prove a very important point. If people actually knew just how much intimate stuff they were giving away on public Wi-Fi, would they? Well, you’ll have to watch the hilarious video to find out. But let’s just say you’d be surprised just how far some people are actually willing to go to get online. In fact, some of the stuff people were willing to reveal in exchange for our free Wi-Fi password (no, we weren’t actually giving away free Wi-Fi) was so risque that it ended up on the cutting room floor. Risking it all for free Wi-Fi is ridiculous. Luckily, it’s also ridiculously easy to protect yourself with Freedome VPN.   https://www.youtube.com/watch?v=fN7z-XrSQyE

December 2, 2016
freedomexslush2016

Slush is Europe’s leading and the world’s’ coolest startup event. Over 15,000 top tech investors, starry-eyed startups and journalists brave the godawful Finnish November weather (blink and you miss the day’s sunlight) to give talks, pitch their ideas, form partnerships and finally wind down at the mythic Slush afterparty. But the greatest thing you walk away with is inspiration, and here are five eye-opening things we heard on day one. They are not conventional business tips, but instead give insight into the mindset of successful entrepreneurs and offer some exciting glimpses into what technology can do for us. Shark Tank billionaire gives advice to young people. “Buy less shit so you won’t be tied down to things and can live the life you want”. Chris Sacca was one of the early investors in companies like Twitter, Instagram and Uber, so this billionaires refreshingly anti-materialistic attitude driven by soft values was a welcome change from attitudes prevalent in the  business world. Sacca also called Finland’s free education system a huge competitive advantage and praised the value of liberal arts degrees. He was also clearly impressed with the main stage pyrotechnics! VP of Tinder on the shallowness of networking “When you go to an event, don’t try to make 50 contacts. Instead try making 5 friends”. Young Silicon valley superstar Ankur Jain did not like the concept of networking, and the fact that people's first question to others is often "what do you do?" This question makes you feel like you are being assessed for your value to the asker, not for who you are as a person. That's quite insightful coming from a 26-year old who would definitely impress everyone with HIS answer to "what do you do?" Tesla Motors and SpaceX board member is the most down-to-earth investor in the world “Us investors should mostly act as cheerleaders to the companies we invest in". Steve Jurvetson, who sits on the board of  companies like Tesla Motors and SpaceX, came to our Speaker Studio after an impressive keynote, and talked a lot about how investors often exaggerate their contributions to startups. He even mentioned an unnamed company that prides itself in being the "first VC to invest in Apple", while conveniently omitting the fact that they pulled all their funding well before Apple went public. He was an incredibly humble guy and we all have tremendous respect for him. Jamie Siminoff on how not focusing on profit made a company profitable “When we started focusing on our mission instead of profit, profits followed soon after”. Jamie Siminoff is the founder of U.S startup Ring talked about the ups and downs of being a serial hardware entrepreneur. His struggling startup was about to go under, but when their experiment done with LAPD became a national news story (in summary, installing their doorbells in a neighborhood dropped burglary rates by 50%), things changed. Their mission of making homes safer proved to be their success (Ok, the 28 million investment from Richard Branson probably helped too). Risto Siilasmaa talks about a technology-driven approach to completely revolutionize healthcare. “It’s about promoting and maintaining health, rather than treating sickness”. Medical startups had a large presence at Slush, and we heard similar sentiments throughout the day . Nokia recently acquired  digital health wearable Withings, and hearing about Risto's  vision on the future of digital health made us feel a bit less worried about growing old! See our full interview on the subject with the most successful tech entrepreneur in Finnish history below.   https://www.youtube.com/watch?v=26DGKk5UwuI&t=118s    

December 1, 2016
460263181_598085a805_o

Mirai – malware designed to infect internet of things devices - is behind some of the biggest DDoS attacks in history. It knocked Twitter, Netflix, and other popular websites offline in October. And now, it looks like a variant of Mirai has been modified (or upgraded) to infect routers. Nearly a million people in Germany have lost their internet access over the past few days due to infected routers. News reports say that over 900,000 routers from Deutsche Telekom (DT), Germany’s largest telecommunications provider, were knocked off the internet over the past few days. The attack(s) are being attributed to Mirai based on their use of infrastructure seen in previous Mirai attacks. “Mirai was designed to infect IoT devices. And since IoT devices and routers have many of the same security issues, adapting Mirai to target routers seems worthwhile for attackers,” says F-Secure Security Advisor Sean Sullivan. “It takes a bit of work to adapt the malware, but since the code has been dumped online, it’s doable.” The Mirai variant hitting routers in Germany exploits a vulnerability in the firmware of particular models of Speedport and Zyxel routers. Previous Mirai variants have been more focused on IoT devices (most notably webcams), and brute forcing passwords to infect devices with malware. You can find a list of affected router models here. DT has apparently already developed a fix for this, which is impressive given the general industry-wide neglect of vulnerable firmware. But reports say that there may be as many as five million devices connected to the internet that are susceptible to the same attack used against DT routers. And this estimate doesn’t include devices with other security problems leveraged by Mirai, such as the use of weak default passwords set by manufacturers. How to Troubleshoot Bots Attackers infect devices with Mirai, and then connect tens or maybe even hundreds of thousands of infected devices together to create a network of bots (hence the term, botnet). Using botnets, attackers can do things like issue commands to infected devices, launch devastating DDoS attacks, install additional malware, or spread the infection through more networks (thereby increasing the size of their botnet). But fighting botnets isn’t a huge priority for anyone but ISPs. A phone, laptop, or webcam can be part of a botnet without really inconveniencing the device owner. However, that doesn’t mean bot infections should be ignored. Many bots, including Mirai, receive instructions from attackers. New instructions can give bots new capabilities, including having them attack device owners in more direct ways. And because Mirai (and bots like it) can infect non-traditional PCs, it’s more difficult to get rid of. Here’s a few things you can do to get rid of bot infections on devices that can’t run antivirus software. Reset your device Resetting routers and IoT devices infected by Mirai is enough to remove the infection. It’s a good first step. But this doesn’t fix the underlying problem, so you’ll remain vulnerable to future infections unless you take additional actions. And because Mirai spreads aggressively, you may only have a matter of minutes until you’re infected again. Change default passwords (if possible) Most people don’t change default passwords on their routers or IoT devices. This is a HUGE problem, since many of these devices use common passwords for the same model or line of products. And to make things worse, lists of default passwords are often available online. Many attackers know people don’t change passwords on their devices, and use that to help them plan attacks. Mirai is programmed to try logging in using popular passwords like “123456” and “password”, as well as passwords that have proven effective against specific devices (such as “admin” and “xc3511”). So change default passwords whenever possible. Contact device vendors/ISPs Some devices cannot be fixed easily. Sometimes passwords cannot be updated by users. Firmware often ships with vulnerabilities, requiring vendors to create and distribute patches. In these cases, ISPs or device manufacturers need to get involved. So make an effort to check their websites, and if needed, contact them. They may or may not help. DT is making an effort to restore service to customers affected by the recent outbreak. And after the massive Mirai attack on Dyn in October, a Chinese webcam manufacturer recalled some of its products that used passwords that could not be changed by users. In the worst case scenarios, people may be forced to actually throw out an infected device. “Like any new technology, it’s buyer beware,” says Sean. “Security researchers and even hackers have been talking about insecure IoT devices for years. Now the problems are starting to arrive, and they’ll most likely get worse before they get better.” There are multitude of other security measures you can take to protect things like routers and IoT devices. Some of the best ones include making sure Universal Plug n Play is disabled, checking that your DNS settings are configured correctly, and that you log out of devices’ admin portals after changing any settings. [ Image by Sascha Pohflepp | Flickr ]

November 30, 2016
wi-fi_security_new_michelle

Imagine you open your mail and find a letter from the IRS saying you owe them thousands of dollars. The letter also says you’ve collected tens of thousands of dollars in tax returns over the past five years. There’s only one problem – the “you” they’re talking about is actually someone else. You pick up the phone and call the number on the letter. Obviously there’s been a mistake, and you’re confident it will be cleared up by the time you hang up the phone. But it’s not. Actually this is only the beginning. Your heart pounds as you explain that you’ve been on medical disability for the past six years and haven’t made any tax claims or collected any money. The person on the other end of the line listens and then says five words you never thought you’d hear: “Someone has stolen your identity.” From that point on your life becomes a living hell. And there’s nothing you can do about. The statistics are staggering. One in ten people will become the victim of an online crime. And many of those crimes happen on public Wi-Fi. Some victims “just” lose money. But if a hacker gets their hands on your social security number, you can lose way more than that. And that’s exactly what happened to Michelle, a nurse from Queens, New York. We recently asked Michelle and other real victims of identity theft to share their stories and tell us how it really feels to have your identity stolen. Get your tissues out and watch now as Michelle opens up about her experience as a sobering warning to the rest of us. After the interview, Michelle said she’d be happy if her story saves other people from having to go through the nightmare of identity theft. It happened to Michelle. But it doesn’t have to happen to you. Click here to see why public Wi-Fi is so risky and protect yourself with Freedome VPN. https://www.youtube.com/watch?v=l7xfavnro1g&t=92s

November 25, 2016
7405511146_10a3bd2e7b_b

Holiday shopping has become such a tradition that it now has its own international holiday. Two of the them, actually. In Finland, for instance, where only American expatriates might celebrate Thanksgiving, Black Friday has become an annual celebration of great deals. It's now the unofficial beginning of the holiday season -- much as it is in the U.S. where most people have the day off to fight off their turkey comas. In recent years, Black Friday has increasingly absorbed Thanksgiving Thursday and customers have often had to fight off each other to get to the best deals. Cyber Monday, the online version of Black Friday, has alway never had any borders. And even though you don't have other shoppers breathing down your neck, the pressure to get a deal before it's sold out -- or before your boss notices you're shopping at your desk -- can be similarly intense. Under that kind of pressure, you're not going to be crushed by a crowd but you could be ripped off by a crook. You need to start with a secure device, but even that may not be good enough to outsmart all online criminals. So here are three things you can do to prepare yourself for these "holidays." Give yourself a shopping-only browser Download a browser you don't currently use right now. It doesn't matter if it's Firefox, Chrome, Safari or Internet Explorer. Start with it fresh and use it only for online purchasing and banking. Now, disable Java. If you must Adobe Flash in this browser, make sure you have "background updates" on. Now close this browser and ONLY use it when you're making an actual transaction. Don't let anyone lead you around Social media and online ads designed to get you to a checkout screen as quickly as possible. You should resist that urge. Avoid clicking on links in deal emails and doing your shopping through a search engine. Go directly to an online retailer whenever possible and use its native search. Then when you're ready to buy cut and paste the URL into your shopping-only browser. Now, before you enter any private financial details, check the URL and make sure you see HTTPS and that little lock in the browser. Always use a VPN, especially when shopping through Wi-Fi These two steps aren't just tips, they're a discipline. They require practice and focus. And they aren't easy if you've never done them before. But the bad news is that even if you master them, you could still be vulnerable if you're shopping over an unsecured network. That's why you should always run a VPN, especially when you're on public Wi-Fi.Because it's holiday season and we're a business, we have a holiday special on our only high-rated VPN. This isn't just the best offer we'll make all year; it's a chance to practice what we just preached.If you're interested cut and paste this link (https://campaigns.f-secure.com/freedome/blackfriday/en_global/) into your shopping-only browser. Cheers, Sandra [Image by Robert Couse-Baker | Flickr]  

November 24, 2016
britain_privacylaw_hero_artboard-7-copy

A turbulent U.S. election season. Ongoing tragedy in the Middle East. A Brexit vote result that threatens to tear apart the very fabric of European unity. Turkey continues to chip away at personal freedom, and Russia shows its increasing unwillingness to indulge dissenting opinions. It’s been one tumultuous year, but at least there are no more nails left to hammer into the coffin of 2016... right? Sadly, there is one more nail. Last week, the UK parliament passed the Investigatory Powers Bill (nicknamed the Snoopers’ Charter), an intrusive law that gives the government unprecedented authority to conduct surveillance and gather data on its own citizens, who will only be able to circumvent this by encrypting their traffic and data. Here’s a short rundown on what the bill includes: Web and phone companies have to keep records of all websites visited by their users for 12 months. They must have capability to instantly intercept any data passing through their networks Not only law enforcement have access to the data, but a huge number of government departments. Here is a full list. Ministers authorize data collection, but a panel of seven judges has the power to veto decisions, except in “urgent cases” (notice the vague wording there). Oversight of the new system will be handled by one senior judge, not three as previously. The media, privacy advocates and the technology industry have reacted with almost unanimous condemnation. Here are four critical points of view, including our own as a VPN provider: 1. What does your Internet history reveal about you? - The Independent In its heavy-handed critique of the law, the Independent mentions the unprecedented erosion of personal privacy. Everything including your medical concerns, religious beliefs and sexual preferences will now have to be stored in a file with your name on it. With the large amount of government agencies having potential access to this information, how long before it's abused? 2.  The law has passed with barely a whimper - The Guardian In its article on the subject, the Guardian rightfully points out the lack of effort from part of the opposition and the privacy movement to get the law passed. With the Labor Party in internal chaos and a public that is still reeling in from other cataclysmic events this year, the government had to make very few concessions to their plan. 3. The most intrusive surveillance system in the west - Edward Snowden The world's most known whistleblower and rightful hero of the privacy movement weighed in on the subject with some sobering tweets, which included this quote: "It is the most intrusive and least accountable surveillance regime in the West". This perspective is crucial to counter any arguments that this is just a natural step for a government to protect the rule of law. It's not. Countries like Germany have recently passed laws extending the powers of intelligence agencies, but the Snoopers’ Charter makes it seem mild in comparison. 4. No direct obligations are imposed on VPN providers - F-Secure Freedome While it's easy to view this topic in a negative light, there is a three-letter silver lining to all this: VPN. The law does not directly mention providers like us, and we will continue to offer the public a way to essentially bypass this intrusive form of mass data collection. We will also do everything we can to challenge anything that would prevent us from providing encryption to UK customers. It's also the opinion of F-Secure's legal experts that the bulk data collection proposed in the law would be found excessive by the European Court of Justice. What effect this will have depends largely on Brexit. So, is free speech dead? Maybe not, but it has definitely suffered a serious injury. 18th century philosopher Jeremy Bentham designed a prison called the Panopticon, where prisoners were given zero privacy and were made very aware of someone potentially watching them every second. He theorized that the simple fear of being observed at all times would eliminate anti-authoritarian thoughts and turn the prisoners into obedient citizens. The Snoopers' Charter can end up having similar effects on us as individuals. However, it's not possible not pleasant to imagine a world full of only obedient citizens where controversial ideas would stop existing because of fear of who might be listening. Protect your privacy, encrypt your connection and don't let the modern day Panopticon get the best of you!

November 23, 2016
online bank

Online banking is becoming more common. But whether people are taking the right security precautions when using online banking services is a bit of a question mark. After all, do you really know what to do to keep your bank information safe when using it online? A recent Bank of America survey found that 62 percent of Americans now use digital services (such as online portals or mobile apps) as their primary means of banking. That’s up from 51 percent in 2015, and 47 percent in 2014. Two years in a row might be a coincidence, but three years in a row make this a trend. And unlike some online trends, it’s pretty easy to see the appeal of digital banking services. It saves customers the trouble of visiting a physical branch or machine, and cuts down on wait times that come with telephone banking. But there’s a catch. Digital banking services don’t provide the same kind of security people get when they actually visit a bank, or even an automatic bank/teller machine (known as an ATM in many parts of the world). “Online banking basically puts a bank machine on the internet. But the World Wide Web, Wi-Fi networks, and devices don’t offer people the level of security they expect from banks,” says F-Secure Security Advisor Sean Sullivan.  “Banks aren’t ignoring these risks, but basic man-in-the-middle attacks are more than enough to compromise the security of an online banking session.” Man-in-the-middle (MITM) attacks are when an attacker is able to place themselves in between two parties exchanging information, allowing attackers to monitor or even change the information being communicated. So when you’re doing banking over the internet, you’re sending/receiving information like passwords, financial details, and other data that MITM hackers can steal and use to break into your bank account. But this doesn’t mean you should shy away from using these services. Here’s a few pieces of expert advice you can keep in mind when exchanging bank account details, or really any type of sensitive information over the internet. Devices are the Weakest Link Your PC isn’t an ATM. It doesn’t have the same security features. It’s not in a location monitored by the bank. Taking care of it is up to you. If you do online banking with your PC, make sure you secure your computer with reliable security software that includes anti-phishing and banking protection features. Mobile Apps might be safer than other Digital Banking Services It may surprise you to learn that mobile banking apps can be better options than banking services offered through web browsers. “Official banking apps are better protected against MITM attacks than most web-based services,” says Sean. “As long as you stick to the official apps endorsed by your bank.” So if your bank has a mobile app available for your device, it’s probably safer to use than a website. But remember to use a VPN when sending data with your device’s Wi-Fi connection, as this is often the least secure way to connect to the internet. You’re Responsible for Managing your Money, so be Proactive with Security According to Sean, banks aren’t completely hands-off when it comes to securing internet banking services. “Banks use anti-fraud algorithms to protect their customers from criminals using hacked accounts,” he said. “But this system is hardly perfect.” But proactively protecting your money is just good security advice. And if you use the internet for banking, shopping, or any other activity that requires you to exchange financial information over the internet, you should take the right precautions. Sean Sullivan gave eight data protection tips in a recent interview, so check those out to learn more about some simple security measures you should take to protect the data you send and receive over the internet.

November 21, 2016