The best way to safely use your mobile service is to use a VPN on your mobile devices. All the time. If you can't use a VPN, at least change the default DNS server.
Posted by: kguske on Sunday, October 10, 2021 @ 08:00:00 CDT
Disable Wi-Fi Auto-Connect to Avoid Evil Twin Wi-Fi Phishing
What Is An Evil Twin Attack?
An Evil Twin attach is a form of phishing in which attacker creates a Wi-Fi access point that appears to be a legitimate Wi-Fi network. When users connect to this "evil twin" access point, the data they share with the network passes through a server controlled by the attacker.
Evil Twin Attacks are more common on public wifi networks which are unsafe and leave your personal data vulnerable.
SInce the evil twin uses the same network identification (SSID) as a legitimate network it isn't possible to detect before connecting. But you can prevent an evil twin from spoiling your day. US Cybersecurity Magazine recommends:
Do not connect to open WiFi access points without verifying it as legitimate.
Disable to auto connect feature and promiscuous mode on all wireless devices.
Report, block and / or delete phishing and spam communications.
First, what is phishing? According to Phishing.org:
Phishing is a cybercrime in which a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Many Ways to Scam You
But, let's be clear: hackers, phishers scammers and spammers don't care how you receive the message. And they'll use any method they think will work on you:
phone (aka vishing - voice phishing): Please to call IRS immediately to pay your back taxes or we put warrant for out for you are arrested
email (from: William J Clinton <im.hacker@mail.ru>: I'm the president of a mythical African nation and need help getting gold out of the country - would you like some?
SMS / text (aka smishing): Your Amazon package insured for $5000 is on the way, click http://h@ck.me/AcXyj3 for details
instant messages: (via FB Messenger or Whatsapp, from Sally's real-life friend Krysten, who lives in Peoria and never travels): Hi, Sally. It's your friend Krysten, and I'm stuck in a mythical country. Can you send money via Western Union so I can get home?
Social media (social phishing) - on Facebook, with a picture of a starving puppy: Your gift of $50 can help save puppies from cruel humans! Click to donate: http://weh8u.too)
Regular mail: (formal letter that looks like it's from your insurance company) Dear Mr. Gullible, Your policy # 654321 has been cancelled due to non-payment. Please call 800-SCAMYOU to make payment and reinstate.
Spear phishing is an especially nefarious approach that targets a specific individual or group of individuals. According to cybersecurity tool provider Crowdstrike, "One adversary group, known as Helix Kitten, researches individuals in specific industries to learn about their interests and then structures spear phishing messages to appeal to those individuals. Victims may be targeted in an effort to reach a more valuable target; for example, a mid-level financial specialist may be targeted because her contact list contains email addresses for financial executives with greater access to sensitive information. Those higher-level executives may be targeted in the next phase of the attack." Another group used AI to mimic a CEO’s voice.
A Foolish Clicker and His Money Are Soon Parted
Don't fall for it. Just delete it. And, if possible, report and block the sender.
Use a browser with built-in security on all devices to block ads & malware, force https and minimize your browser fingerprint
The ability to securely surf the Internet has improved significantly in recent years. It's easier to block ads and malware using powerful services. Websites offer encrypted access (https) on a much wider scale than just a few years ago. VPN services are faster, cheaper and more widely available than ever before. Private browsing and tracker blocking capabilities continue to improve. But hackers and surveillance businesses and governments continue to find new ways to harm us. Although great tools to protect us are available as plug-ins, using a browser with built-in security - on all devices - can help.
Cybersecurity Awareness Tip 6: Use multi-factor authentication when available and require it for email, phone, and financial accounts, but beware of security questions.
Authentication happens when you provide evidence to identify yourself. This happens when you board a plane, pay your taxes, open a locked door, withdraw money from a bank, or vote (at least in some states). Evidence can come in several forms, or factors, including:
Something you know, or a knowledge factor (e.g. a password, PIN, birthdate, mother's married name, answers to security question)
Something you have, or a possession factor, (e.g. a passport, driver's license, SSN card, ATM card, key, one-time password generator device, Universal 2nd Factor / U2F device)
Something you are, or a physical inherence factor (e.g. finger/eye/face/voice print, DNA)
Somewhere you are, or a location factor (e.g. in a building / room that requires secure access, in a specific geographical location)
For many years, a single piece of evidence (a single factor) was sufficient for identification. But criminals found ways to provide false identification. As technology advanced and online activity grew, cybercriminals found ways to circumvent the online single factor: passwords. Some debated whether passphrases with 4 or more random words (e.g. correct horse battery staple") are more secure than passwords because they are harder to guess and easier to remember. Others suggested resisting password reset questions - or answering them with lies. Since passwords and other knowledge factors will never go away, use a password manager and unique passwords.
Two Factors are Better Than One
Requiring more than one factor made false identification significantly more difficult because it requires the criminal to have access to all required factors. For example, having an ATM card (first factor) without knowing the PIN (2nd factor) makes the ATM card a worthless piece of plastic.
Can You Take That to the Bank?
Many banks and online accounts use a combination of password and a temporary PIN provided by test message, phone call or email. Although this is more secure than a password itself, criminals can intercept the temporary PIN, changing it from something you have (e.g. the phone that received the text message) to something else you know (the intercepted PIN). Different types of evidence is more secure than multiple pieces of the same type of evidence.
Disconnected Possession
Using a One-Time Password (OTP) app such as Authy on your mobile device enhances security because it requires physical access to your phone either with yet another phone password or PIN or with a biometric factor (e.g. fingerprint or facial recognition). The OTP app generates a "random" code using an agreed method that is synchronized between the app and the system requesting identity confirmation.
Hey, Let's Get Mikey to Try U2F!
Since the OTP app is software, it could still be hacked. Hardware-based authentication, such as a Universal 2nd Factor (U2F) security key, enables even more secure authentication by being physically connected (e.g. via USB) or by being in very close proximity (e.g. via NFC / Near Field Communication). USB and NFC are widely available on smart phones, tablets, laptops, desktops and more.
What's In Your Online Wallet?
So check out the multi-factor authentication options for your email, phone, and financial accounts, and protect your online wallet today.
Posted by: kguske on Tuesday, October 05, 2021 @ 23:27:52 CDT
Cybersecurity Awareness Tip 5: Use a password manager with unique passwords for all accounts
Although addition methods of authentication, including biometric, One-Time Password (OTP) and multifactor, are increasing, passwords are and will continue to be critical to securing your online accounts for personal finance (banking, credit cards, cryptocurrencies, investing), social media, shopping and many more. Everyone should know the importance of using complex password (or pass phrases) that are unique to each account, to prevent hackers from guessing. Since most people have more than few online accounts, a secure password manager is necessary.
Different Approaches
Password managers take one of these approaches, based on where the passwords are stored and whether or not they can be accessed on multiple devices:
Modern browsers offer the ability to store and use passwords. Some offer the ability to synchronize across devices. None have the ability to generate passwords or to check the security of your passwords. Because they are built into the browser, no browser extensions are required. However, because they're built into the browser, browser-specific password managers won't work with other applications on your devices.
Offline password managers store your passwords on your device, rather than online. Some of these allow you backup or synchronize across devices, but that requires you to have the knowledge to set up sync yourself or to manually sync - one you might often forget. And one you can't recover if you lose the device or forget the master password. But offline password managers can work with browsers and other apps.
Cloud-based password managers offer the most functionality, and most have strong security, too. Many offer secure password sharing. Some offer 2 factor or multifactor authentication for added security and convenience. Some offer tools for checking to see if your passwords have been shared on the dark web, if you're using the same password in multiple sites, and if you haven't changed your passwords in a while. Most have browser extensions and can also be used with other applications.
SwampGeek Recommends...
SwampGeek recommends (without affiliate or any other compensation):
LastPass (Cloud-based) https://lastpass.com - offers powerful functionality for free, and even more for a small fee.
Posted by: kguske on Tuesday, October 05, 2021 @ 19:24:38 CDT
The bottom line for all of these reasons is that hackers, ISPs and governments can see unencrypted traffic. Banks, retailers and others who collect or provide sensitive personal information use secure HTTP (aka HTTPS) to protect the data you enter or view on those sites, but your usage of those sites is still visible. This includes information about your location, your device, and your browser. And unless you've changed the default DNS server (and you should, even if you use a VPN), you're using an unknown DNS server on public Wi-Fi.
Encrypt your Internet traffic with a Virtual Private Network (VPNs)
Encrypt your Internet traffic on all devices with a Virtual Private Network (VPNs) - especially on hotel, retail, restaurant and other public networks. And treat every network as a public network.
How VPNs work
VPNs protect you by encrypting your Internet traffic and by changing your IP address to the IP address of the VPN server to which you are connected. Encrypting Internet traffic hides your web activity from hackers, ISPs and governments. Changing your IP address limits (but doesn't prevent) hackers, ISPs, governments and advertisers like Google, Facebook and Amazon from tracking your activities. But using a VPN adds another connection to your Internet usage, and this can impact performance, especially if the VPN server you're using is overloaded.
Some VPNs offer the ability to use multiple VPN servers for additional privacy. This capability is called "double-hop" or "multiple-hop," depending on how many servers are involved (the most is 4). Note that reviewers found performance with some double-hop services to be similar to single-hop services.
Which VPN? Beware of free and freely recommended...
There are many available VPNs, including both free and paid services, so it can be difficult to choose. Most VPNs use the same level of encryption (AES 256-bit), so the level of protection is generally equal. However, if you're concerned about privacy and performance, paid services are generally better. Some offer unlimited devices, while others limit the number of simultaneous connections. You can easily find VPN comparisons and VPN recommendations, but be aware of sponsored reviews. Many VPN services offer huge discounts during the week of the US holiday, Thanksgiving and on Black Friday.
SwampGeek recommends (without affiliate or any other compensation):
ProtonVPN (https://protonvpn.com) - offers free VPN with decent performance and minimal constrains, but paid plans are expensive (look for deals on ProtonMail and ProtonVPN combinations)
ExpressVPN (https://expressvpn.com) - good combination of price, performance and features
MullVPN (https://mullvad.net) - another good combination or price, performance and features
NordVPN (https://nordvpn.com) - one more good combination of price, performance and features
Perfect Privacy (https://perfect-privacy.com) - expensive, but has excellent privacy options
SurfShark (https://surfshark.com/) - inexpensive without sacrificing performance or features
Posted by: kguske on Monday, October 04, 2021 @ 14:01:50 CDT
Modern Internet browsers offer the ability to install extra functionality to make surfing easier, faster and safer. This functionality is enabled through browser extensions (Chrome, Opera), also known as addons (Microsoft Edge) or plugins (Firefox For example, LastPass lets you generate complex passwords and use them across browsers and devices securely. But they can also make browsing less secure.
Extensions Make Browsing Less Secure
Internet browser extensions can make browsing less secure in several ways:
Extensions may require access to your Internet activity and private information.
Extensions increase the uniqueness of your browser fingerprint, which makes you easier to identify to advertisers, governments and hackers.
But extensions can also be installed behind the scenes when installing other software. The Adobe Acrobat reader is commonly installed by other apps. Invasive search extensions and home page and search engine replacements are also installed deceptively when installing unrelated software.
What should I do?
Remove unused extensions. Disabled extensions remain visible in your browser fingerprint and offer hacking opportunities.
Limit access to the extension to read and change all your data on websites you visit. In some browsers, you can allow it only when clicked, only on specific websites, or all the time (e.g. password managers).
Update your extensions regularly, but also check for ownership changes. The Qualsys BrowserCheck shows if you need updates.
Posted by: kguske on Sunday, October 03, 2021 @ 09:18:20 CDT
A Domain Name System (DNS) Server translates the an Internet address from a domain name to an IP address, which allows your browser or other Internet client find what you're looking for on the Internet. When a domain name is registered or set to be hosted on a web server, the domain registrar notifies the DNS, triggering updates to DNS servers around the world. A phone book is a common analogy because it performs the same function as a DNS server, but with people's names and their phone numbers. But these days, who uses a phone book?
What's wrong with whatever DNS server I'm using now?
1. Privacy
Many Internet users have no idea what a DNS server is, much less why they should probably change it to use a secure alternative. By default, computers, smart phones and other devices on a network use the DNS server provided by the Internet Service Provider (ISP). Your ISP or mobile carrier is happy to provide a DNS service, because they can track your Internet activity and even use that information to limit your service. If you visit unapproved or illegal websites or use bandwidth on certain services, your ISP can limit or terminate your service. The ISP can sell your DNS activity to advertisers for added revenue. Some ISPs aggregate this information to make it harder to link the traffic to you, but advertisers have many ways to get around aggregation (a topic for another day). Naturally, advertising providers like Google offer DNS servers with wide availability and great performance, all for the "free" price of getting access to your DNS usage.
2. Speed
Making DNS servers available around the world costs money. ISPs and other DNS providers may cut corners by reducing the number and / or limiting hardware of their DNS servers, which can slow the response provided by the DNS server.
3. Security
Since ISPs have a captive audience with default DNS servers, security may not be a primary concern. Unencrypted traffic (which is much easier and less expensive to provide) and poorly maintained DNS servers have increased security risks, including (according to Security Trails writer Sara Jelen):
Domain hijacking, which involves changes in your DNS servers and domain registrar that can direct traffic away from your original servers to different destinations.
DNS flood attack, a type of DDoS attack in which the attacker hits your DNS server in order to overload it, so it can’t continue serving DNS requests.
DNS spoofing, or DNS cache poisoning, which is one of the most common DNS attacks around. By exploiting system vulnerabilities, attackers will try to inject malicious data into your DNS resolvers’ cache. You would then be redirected to another remote server.
DNS hijacking, which involves malware infections used to hijack DNS. Malware hosted on the local computer can alter TCP/IP configurations so they can point to a malicious DNS server, redirecting traffic to a phishing website.
Some DNS servers offer additional security by filtering ads and malicious websites, and / or redirecting mistyped web addresses to the correct website. Filtering at the DNS server makes your browser fingerprint less unique since you won't need to add plugins that can be used to identify you.
Use a Secure DNS Server
To address these issues, Jelen recommends using a secure DNS server. This can be configured on your router so all devices on your network use the secure DNS server, instead of your ISP's. She recommends these free, secure DNS servers, several of which offer filtering and other features:
During October, SwampGeek.com will provide tips and guides across the spectrum of areas with cybersecurity risks.
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) along with the National Cybersecurity Alliance (NCSA) are promoting Cybersecurity Awareness Month with its COVID-inspired theme and suggested hashtag:
Do Your Part. #BeCyberSmart.
CISA offers the public resources to raise awareness about the importance of cybersecurity. NCSA also offers resources to help you stay safe online.
So check it out and #BeCyberSmart.
Posted by: kguske on Thursday, September 30, 2021 @ 22:49:19 CDT
October is Cybersecurity Awareness Month