Data Tug-O-War: How Are Companies Keeping Tabs on You Online?

In a world where online tracking has not only become commonplace, but also accepted by many users and businesses alike, the future of privacy seems uncertain. As our lives are increasingly lived in the digital realm, our activities and the trail of data they leave behind have spawned a multi-billion dollar online advertising industry. These digital breadcrumbs aren’t just restricted to activities on the Internet. For mobile users, technologies such as location-based tracking connected to global positioning systems (GPS) can pinpoint users, allowing advertisers to target potential shoppers just as they enter physical stores. Some see this as convenience, others as an invasion of privacy. As finger pointing ensues, questions about data privacy and who has rights to data are still unanswered. Despite recent policy changes, digital advertisers are continually looking for new ways to monitor your activities for the sake of personalization, but what does this really mean for consumers?

Many savvy mobile users are wising up to the use of cookies to track user preferences and browsing histories online, and some companies like Mozilla are even following suit with cookie blocking options. But, as this data tug-o-war escalates, companies at the other end of the rope are responding with new and even harder-to-avoid methods of information collection.

Earlier this year, web properties like MSN and Hulu were caught using so-called ‘Super Cookies’ to thwart users’ attempts to block tracking. These new super cookies, developed by Microsoft and Google, are able to track users in their searches anywhere and everywhere, whether it’s a smartphone, PC, game console, or Smart TV. There’s almost no way for consumers to hide their searches from companies looking to follow consumer habits for marketing purposes. Super cookies are stored in a different place and are therefore much harder to find and delete—not to mention they can even evade the detection of the built-in cookie delete function on almost any Internet-connected device. Despite an overwhelming number of consumers opposing the use of more robust monitoring tools, many web marketing and advertising businesses still refuse to follow industry best practices, citing their “right to track.”

With the cookie dilemma in mind, the next frontier in web activity tracking leaves these not-so-sweet tools behind in favor of authenticated tracking. Some of the most popular companies today no longer need to rely on cookies to track activity because consumers have already voluntarily signed in to use them. The act of logging into Facebook to update a status, checking email in Gmail, or downloading a new mobile app on your phone creates a new kind of tracking process and allows these companies to see every move you make while signed in. However, the implications of authentication tracking go far beyond a single action—where users can now be monitored across devices and platforms. These types of identifiers are now being used to collect and ascribe a great deal of data about people’s online and mobile habits, that may or many not be used in the right way by the parties who hold it.

One of the most important questions for mobile users is how the increased use of authentication-based tracking will impact privacy. Authentication tracking almost seems like choosing the lesser of two evils: many companies knowing something or big companies knowing everything. For mobile users, this has additional implications, as not only are your movements on the web tracked, but also in respect to the location of where those activities are happening in physical space. It could, however, in some respect give mobile users more control over who sees their information, as this more concentrated approach may actually be beneficial for avoiding the prying eyes of digital marketing firms and other third-parties by limiting tracking capabilities to the companies users have chosen to have a direct relationship with.

For many consumers, personalization wins out over privacy, with 64% of Accenture survey respondents choosing a more tailored experience in favor of not being tracked. Despite these results, personalization can still be a double-edged sword and for those who are concerned about the level of information being stored on them, there must be a way to gain the upper hand. Companies will always be looking for the next loophole to exploit when it comes to tracking, but being an educated user on any Internet-connected device will help you to stay one step ahead. Below are some tips to help keep your online activities private—whether it’s on a laptop, tablet, or mobile device—and limit the amount of information third parties can collect.

  • Manage app permissions. Third-party apps, especially games or entertainment apps, should have limited access to personal data such as location or social networking sites. You can allow or deny these permissions in the Settings menu of your mobile device.
  • Location, location, location. Be aware of which mobile apps can track your location and review the permissions accordingly. Using Yelp maps to get to that new ice cream place is great, but it’s also important to limit how and when your location can be tracked with a mobile device.
  • Don’t leave your browser cookies lying around. Review privacy permissions in your browser of choice. In Google Chrome on your mobile browser, you can select the ‘Do Not Track’ option in the Settings as well as tell it to clear browsing data after exiting. To do so, click on the Settings cog at the top right of the Google search screen, and then select Browsing. From this menu you can enable/disable On-device history and/or Clear on-device history, as well as Clear third party cookies. Try to get into the habit of periodically clearing both your history and the cache for cookies. From the same Privacy menu you can also activate or turn off Location Reporting and delete your Location History.
  • Go incognito when surfing the web. Aside from actively clearing browser history, Google Chrome offers the Incognito window for anonymous browsing on mobile devices. It’s important to note that browsing in incognito mode on mobile keeps Google Chrome from storing only information about the websites you’ve visited. It does not stop the third-party sites from recording your visit. Any files saved to your computer or mobile devices will still remain. Sites visited here will not show up in your history and won’t leave other traces, like cookies, after closing the window. A number of apps in Google Play also offer private search functions.
    • Important to note for iOS users: regular and incognito windows still share local storage, which is used by sites to store files on your device or to provide offline functionality. This means the same sites can always access their data in this storage on you from both regular and incognito tabs.
  • Always remember to log out. While certain companies may still be able to track your activities when logged into various mobile apps or sites, it’s crucial to remember to log out once you have finished. Forgoing the ‘remember me’ function on mobile devices is not only good for security, it limits the number of avenues with which companies can monitor you by.
  • Get comprehensive security on your devices. Protect your device and your information from becoming exposed due to unsafe online searches. McAfee® Mobile Security comes with many features to help protect your mobile devices from a variety of threats and overzealous apps that want more information from you than they should have.

Learn about the latest mobile security updates and threats, by following our team on Twitter at @McAfeeConsumer or Like us on Facebook.

lianne-caetano

The post Data Tug-O-War: How Are Companies Keeping Tabs on You Online? appeared first on McAfee Blogs.

McAfee 12 Scams Season of Sharing Sweepstakes: Win a Dell Ultrabook!

It’s that time of year again. Yes, I know it seems like we just got past the spooks from Halloween, but the holidays are just around the corner. While we are busy buying gifts and making travel arrangements, cybercriminals are making their lists, and checking them twice, as they prepare to unleash a host of scams designed to take advantage of the seasonal surge in online shopping and sharing. Since it only takes one scam to spoil your holiday season, it’s a good idea to get familiar with our list of the 12 Scams of the Holidays, and learn how to avoid them.

To help you stay protected as you search high and low both on and offline for the perfect presents for your loved ones, McAfee has released its annual 12 Scams of Holidays list full of digital dangers to be on alert for as you surf the web for holiday deals and steals and how to be safe in the coming months and beyond.

And to make sure that we all have a safe and merry holiday, McAfee is hosting the Season of Sharing Sweepstakes*. By sharing the #12scams content with your friends and family, you’ll not only be helping others to stay safe online this holiday season, but you’ll also earn a chance to win a Dell XPS 12 Convertible Ultrabook or Dell Venue 8 Pro Tablet along with McAfee LiveSafe™ to make sure all your devices are protected! And while you’re at it, check out the deals on the Dell tablets as well!

BlogBanner_inline

Here’s how you can help spread the joy so we can all avoid the 12 scams of the holidays.

HOW TO ENTER

  1. Go to 12scams.com
  2. Sign into the page using your Facebook or Twitter account
  3. Share the #12scams content to earn entries into the sweepstakes drawing
  4. Sit tight for winners to be announced on December 17.

WHAT YOU COULD WIN

  •  Grand Prize: 1 winner will receive a Dell XPS 12 Convertible Ultrabookand a 1-year subscription to McAfee LiveSafe
  •  1st Place: 1 winner will receive a Dell Venue 8 Pro Tablet and a 1-year subscription to McAfee LiveSafe
  •  2nd Places: Ten (10) winners will receive a 1-year subscription to McAfee LiveSafe

 

Have fun and stay safe this holiday!

 

*Sweepstakes open to US residents only. NO PURCHASE NECESSARY. Sweepstakes is from November 18 – December 13, 2013. See www.12scams.com for full terms and conditions.

 

RobertSiciliano

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

The post McAfee 12 Scams Season of Sharing Sweepstakes: Win a Dell Ultrabook! appeared first on McAfee Blogs.

Protecting Your Privacy in a Not-So Private World: The Mobile Security Debate

To share or not to share, that is the question on many mobile device users’ minds today. As the world becomes increasingly mobile, the influx of smart devices has been a boon for convenience and productivity, but it has also caused some repercussions when it comes to personal security. For some people, openly embracing the mobile way of life equates to forgoing or forgetting about privacy. The same mobile apps that make our lives easier may also track our location, collect data from our contacts or call history, and much more. Cybercriminals have also taken note of this phenomenon and looked for ways to take advantage of user data. And with people connected, for the most part, to their virtual surroundings around the clock, there are more opportunities than ever to steal personal information. Mobile malware alone has been growing steadily for the last couple of years, with a 35% increase in Android-based malware in the second quarter of this year alone.

With these challenges in mind, Mobile Monday will be hosting a panel sponsored by McAfee on how to protect your mobile privacy in a not-so private world. Michelle Dennedy, McAfee’s chief privacy officer, will be moderating a panel of security experts who will discuss how to keep your digital identity safe as well as how to reap the benefits of mobile devices without sacrificing your privacy. While some users choose to ignore mobile safety concerns in favor of convenience, others simply do not know how to curb the risks. It starts with understanding good mobile habits and taking advantage of the tools available to help keep devices safe.

However, security aside, there are many mobile-related concerns facing both consumers and businesses alike, and organizations like Mobile Monday are striving to bring together industry leaders to address these issues. More than 300 volunteers around the world organize monthly events to examine how the mobile industry can contribute to making neighborhoods, cities and societies better. Whether you’re looking for a place to eat, banking, or updating your Facebook status, mobile devices play a role in almost every aspect of your life. But, a lack of security in any one of these activities can invite a wealth of malware onto your device. A simple app download could take down your phone, your identity and more. Organizations like Mobile Monday are working to solve mobile-related dilemmas facing individuals and the industry at large through their network of resources and experts.

Even though manufacturers are working to incorporate new safety measures on devices, safety precautions still need to be proactively taken by mobile users. The introduction of biometrics technology, such as Apple’s Fingerprint ID scanner, adds a new level of complexity to personal security management, but is not infallible. The first and best step to keeping your digital identity safe starts with securing your phone—be it with a PIN or passcode or your fingerprint—as well as using mobile security software on all of your Internet-connected devices. According to a recent study, more than 30% of users don’t even have basic security on their smartphones. Don’t be another statistic; stay ahead by searching safely, managing app permissions, and being aware of Wi-Fi networks before accessing sensitive information.

Below are some additional event details about the upcoming consumer security panel sponsored by McAfee.

What: Protecting Your Privacy in a Not-So Private World: The Mobile Security Debate

When: Monday, November 18th 6:00PM PST

Where: Computer History Museum, 1401 N Shoreline Blvd, Mountain View, CA 94043

Who: McAfee’s chief privacy officer, Michelle Dennedy, and a diverse panel of privacy experts and industry journalists discussing how to protect your privacy in a not-so-private world and what’s trending in mobile security and privacy.

Panelists: Jarad Carleton, Kashmir Hill, Sameer Bhalotra and Magnolia Mobley.

Be sure to register for the upcoming Mobile Monday event and get more information here: http://secureyourself.eventbrite.com/. To learn more about the Mobile Monday organization and its history, check out their website and calendar of events.

For more mobile security tips and tricks, check out our Mobile Security blog, here. Keep up with the latest security news on Twitter by following @McAfeeConsumer and don’t forget to Like us on Facebook.

lianne-caetano

The post Protecting Your Privacy in a Not-So Private World: The Mobile Security Debate appeared first on McAfee Blogs.

Scrooge’s 12 Scams of the Holidays

They’re baaaack! Actually, they never left—Scrooge’s little trolls work hard all year, scheming and scamming to steal holiday presents—or at least valuable information—from good girls and boys. From the North Pole to the South Pole, they target every one of us through phishing, SMiShing (text phishing), shipping and gift card scams. If you aren’t paying attention, they will hack your devices, spy on your surfing and empty your bank account.

The holidays are supposed to be a fun-filled time for celebrating with family and friends, so make sure you keep the cheer in your holiday and learn about the “12 Scams of the Holidays,” the dozen most dangerous online scams to watch out for this holiday season, revealed today by McAfee.

12 Scams of the Holidays

 

To make sure your holidays are not stolen by the Grinch, here are some tips on how to protect yourself against scams during the holidays, and year-round:

  • Educate yourself—Keep up-to-date on the latest scams and tricks cybercriminals use, so you can learn to recognize scams and avoid potential attacks.
  • Use strong passwords— Make sure your passwords are at least eight characters long and contain a variety of upper and lower case letters, numbers and symbols.
  • Be careful when clicking—Don’t click on links in messages from people you don’t know, and use a URL expander to know what site you are going to before clicking on a shortened URL.
  • Stay suspicious—Like mom said, be wary of any offer that sounds too good to be true.
  • Practice safe surfing—When searching for holiday gifts, use a safe search plug-in such as McAfee® SiteAdvisor®.
  • Practice safe shopping—Make sure you stick to reputable e-commerce sites that have been verified as safe by a trusted third-party, like the McAfee SECURE™ mark. Also look for “https” at the beginning of a site’s URL, which indicates that the site is using encryption to protect your information.
  • Use comprehensive computer security—Make sure you have comprehensive security protection for all your devices, including your mobile phone and tablet, that also protects your data and identity protection, like McAfee LiveSafe™ service.

 

RobertSicilianoRobert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  Disclosures.

 

The post Scrooge’s 12 Scams of the Holidays appeared first on McAfee Blogs.

Pay by Person: What Biometrics Means to PayPal

Movies like Minority Report and Blade Runner may still be science fiction, but some of the technologies they showcase are becoming a reality today. The ability to sign in by retinal scan, turn on lights with your voice, unlock doors and activate devices with a fingerprint—otherwise known as biometrics, is quickly becoming a standard especially in mobile technologies. Using your person as your passcode has most recently come into the mainstream marketplace with the release of Apple’s iPhone 5s and iOS 7 software, which incorporate fingerprint-scanning technologies to unlock devices and make purchases through the iTunes and Apple App stores. And keeping the iPhone 5s new Touch ID technology in mind, PayPal recently released a study in conjunction with the National Cyber Security Alliance (NCSA) that looked at consumer behaviors and perceptions around mobile devices, including the use of biometrics for security purposes.

Released as part of National Cyber Security Awareness Month (NCSAM), the study collected responses from 1,000 U.S. adults over two days in September of this year with an aim to better understand how consumers use their mobile devices, as well as how much they know about mobile safety issues. According to the study, people are more reliant than ever on mobile, including a growing use of mobile devices for shopping. However, most of those surveyed still do not view mobile as a very secure option for making purchases online or in-store. It was found that 70% did not feel that storing payment information on a smartphone was safe, and more than 60% were unsure about what financial information could be stored on their devices.

Yet, when it came to biometric protections on mobile devices, respondents were open to trying out these new technologies in place of traditional security measures like passwords. Interestingly, more than half of the respondents (53%) said that they would be willing to replace passwords with fingerprints, and 45% would even opt for a retinal scan instead.

In a previous post, we discussed the latest from Apple, and how their fingerprint scanning technology could be a game changer for mobile. With the number of cyber attacks on the rise, identity theft is a major concern for many, so it’s no wonder that people are open to finding a better alternative to PINs and passwords. Passwords are not only easier to crack than ever before, but remembering 20 plus complex logins for various devices and accounts is becoming impossible to manage. While such security methods as two-factor authentication have been gaining traction with users and businesses, these require additional steps and still rely on passwords as the first level of entry.

Even before the iPhone 5s release, PayPal’s Chief Information Security Officer, Michael Barrett, discussed his thoughts on passwords and the potential of biometrics at Interop IT in Las Vegas. According to Barrett, passwords are obsolete and a new standard needs to be found. However, passwords won’t simply go away overnight and are of no use if not activated in the first place. Despite many people being in favor of new biometric technologies, a whopping 56% in the study admitted that they don’t even take the simplest mobile security precaution—setting up a PIN.

While the PayPal survey results speak to the current public sentiment around biometric technologies, it’s also important to explore the impact of using our bodies as identification. The convenience factor of biometrics is definitely a benefit for mobile commerce, where shoppers would only need to scan a finger instead of entering a login to make a purchase. It’s pretty much impossible to forget your fingerprint, but passwords are lost all the time. Because of the potential to make personal authentication seamless and reduce friction when shopping via a mobile device, companies will almost surely follow in Apple’s Touch ID footsteps.

Nevertheless, the possibility of having your password or other personal information stolen is a frightening reality, and adding a biometric aspect ups the stakes even more. Hackers can already do a lot of damage with only a username and password—imagine what they could do with a fingerprint or retina profile. With this in mind, here are some tips on protecting yourself when using these new biometric security tools:

  • More security is better. Use biometrics in conjunction with a PIN or passcode for extra security if possible. While cybercriminals can no longer gain access to your phone by snooping over your shoulder once biometric safeties are in place on your mobile device, adding in extra defenses if they do get in is crucial.
  • Limit the access of your third-party apps. Biometrics can’t keep malicious apps from accessing your information, so always be careful about what permissions each app is allotted.
  • Only download apps from official sources. Third-party app stores and websites are known for fostering risky apps and malware. Stick to downloading from trusted online sources, such as the Apple App Store and Google Play, that both work to ensure the apps don’t contain anything malicious.
  • Limit your usage while connected to public Wi-Fi. Touch ID technology may be able to keep out unwanted users if your phone gets lost or stolen, but it can’t protect from wireless snoopers and sniffers. Never bank or online shop while using free or unreliable Wi-Fi networks. These kinds of transactions should be reserved for secure and private connections.
  • Update your mobile software. Make sure you are using the latest versions of your operating system, browser, and security software. Updates usually contain additional protection against viruses or malware.
  • Don’t forget about mobile security software. Just because biometrics makes it harder for hackers to get into your device or personal accounts, that doesn’t mean you shouldn’t have extra security. McAfee® Mobile Security comes with many features to help protect your mobile devices from a variety of threats.

Learn about the latest mobile security updates and threats, by following our team on Twitter at @McAfeeConsumer or Like us on Facebook.

lianne-caetano

The post Pay by Person: What Biometrics Means to PayPal appeared first on McAfee Blogs.