MWC 2015: Shaping the Mobile Future

The phones are ringing, the telecom operators are chattering and the developers are pulling all-nighters programming. It’s beginning to look a lot like Mobile World Congress (MWC).

MWC is one of the biggest extravaganzas for the mobile world. It brings together mobile operators, device manufacturers, technology providers, vendors and content owners from across the world to discuss the future of mobile telephony. This year the conference will be held from the 2nd-5th of March in the scenic city of Barcelona. Here are some tips to make the most of your time in Barcelona, and to give you a glimpse into the mobile future!

Hot Topics to Watch For

Trends we expect to see buzzing at MWC? Mobile payment systems, security applications, and of course, wearables. Not to be forgotten, we’ll also get to see the much-anticipated launches from major mobile device manufacturers.

While a few large and competing mobile payment systems rolled out toward the end of last year, it is clear there’s still a lot of work to be done in this field before we see widespread adoption.

Another mobile area where we’re expecting to see exciting innovations is security. With last year’s breaches and the spike in malware samples, companies need to be innovative and proactive when creating security mechanisms for mobile devices. From mobile security apps to two-factor authentication, you can expect to see it all at MWC.

Like CES, we’re hearing rumblings of wearables taking the center stage in 2015. What better time for mobile, wearable devices to turn up than at Mobile World Congress? 

MWC Tips and Tricks

First thing’s first: come visit us! We’ll be in the Intel stand #3D30 in Hall 3, so stop by and check out all of the exciting Intel Security demos and chat with our team. We may even have a surprise for you!

We know it can be tempting to fill your schedule to the brim with sessions, keynotes, and MWC after-hours events. However, we recommend leaving some unplanned gaps in your schedule so you can explore the venue and spend some time in each of the eight halls.

Another great place to spend some time in is the Networking Gardens, renamed ‘Les Rambles’ in honor of MWC’s 10-year anniversary in Barcelona. Swing by any of the ten outdoor networking gardens for a coffee or snack, a few impromptu meetings, a look at the graffiti wall or some fresh air.

The Best of Barcelona

Barcelona—the land of beautiful beaches, delicious tapas, and Gaudí’s finest works. There is no shortage of things to do in any down time you may have during MWC. So hail a cab, lace up your sneakers and take a walk, or make use of the Metro for a little sightseeing!

If you’re looking for a place to grab dinner or drinks, hop on the Metro (yellow line) and head on over to the El Born neighborhood. There’s a plethora of restaurants to choose from, and plenty of discotecas for those of you planning on keeping up with Spain’s late night hours.

If you have an extra day, be sure to check out the Gothic Quarter or Passeig de Gràcia for some shopping and a glimpse of Gaudí’s most famous buildings. If you’re a foodie, walk on over to Las Ramblas and check out the largest covered market in Barcelona, La Boqueria. Here you’ll not only see tons of fresh seafood, smoothies, produce and sweets, but also will be able to sample a myriad of traditional Spanish tapas.

Stay tuned for more Mobile World Congress updates from Intel Security by following @IntelSec_Home on Twitter, liking our page on Facebook, and checking back here on the blog. And, for those of you joining us in Barcelona, we’ll see you March 2n-5t at Hall 3, Stand #3D30!

lianne-caetano

Mobile Apps Failing Security Tests

It’s been said that there are over a million different apps for the smartphone. Well, however many may exist, know that not all of them are passing security tests with flying colors.

You may already be a user of at least several of the 25 most downloaded apps And what’s so special about the top 25? 18 of them flunked a security test that was given by McAfee Labs™ this past January. And they flunked the test four months after their developers had been notified of these vulnerabilities.

App creators’ first priority is to produce the next winning app before their competitors do. Hence, how secure it is doesn’t top the priority list, and that’s why there’s such a pervasive problem with security in the mobile app world.

Because these apps failed to set up secure connections, this opens the door for cybercriminals to snatch your personal information such as credit card numbers and passwords. And this is growing because this weakness in apps is so well known and it’s pretty easy for cybercriminals to purchase toolkits that help them infect smartphones via these vulnerable apps.

The technique is called a “man in the middle” attack. The “man” stands between you and the hacker, seizing your personal information. The “man” may capture your usernames and passwords for social media accounts and so much more—enough to open up a credit card account in your name and then max it out (guess who will get the bills); and enough to commit a lot of damage by manipulating your Facebook account.

So What Can You Do?

Here’s some tips to help you protect yourself from these unsecure apps:

  • Before purchasing an app, get familiar with its security features—read reviews and check what permissions the app is asking access to. You don’t want to end up with an app that accesses way more information about you than necessary for what you want the app for in the first place.
  • Download only from reputable app stores, not third-party vendors. This will reduce your chance of downloading a malicious app.
  • Don’t have your apps set to auto login. Even though it may be a pain when you want to access Facebook, it’s better to be safe than sorry.
  • Make sure you use different passwords for each of your apps. Sorry, I know that’s a hassle, but that’s what you must do. And make sure your password is long and strong.

Here’s to staying safe on our mobile devices.

RobertSicilianoRobert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Hacking Humans: How Cybercriminals Trick Their Victims

Intel Security has compiled a list of the top ways cybercriminals play with the minds of their targeted victims. And the chief way that the cybercriminals do this is via phishing scams—that are designed to take your money.

The fact that two-thirds of all the emails out there on this planet are phishy tells me that there’s a heck of a lot of people out there who are easily duped into giving over their money. I’m riled because many of these emails (we all get them) scream “SCAM!” because their subject lines are so ridiculous, not to mention the story of some befallen prince that’s in the message

I bet there’s a dozen phishing emails sitting in your junk folder right now. Unfortunately, a lot of these scam emails find their way into your inbox as well.

McAfee Labs™ has declared that there’s over 30 million URLS that may be of a malicious nature. Malicious websites are often associated with scammy emails—the email message lures you into clicking on a link to the phony website.

Clicking on the link may download a virus, or, it may take you to a phony website that’s made to look legitimate. And then on this phony site, you input sensitive information like your credit card number and password because you think the site really IS your bank’s site, or some other service that you have an account with.

6 ways hackers get inside your head:

  1. Threatening you to comply…or else. The “else” often being deactivation of their account (which the scammer has no idea you have, but he sent out so many emails with this threat that he knows that the law of numbers means he’ll snare some of you in his trap).
  2. Getting you to agree to do something because the hacker knows that in general, most people want to live up to their word. That “something,” of course, is some kind of computer task that will compromise security—totally unknown to you, of course.
  3. Pretending to be someone in authority. This could be the company CEO, the IRS or the manager of your bank.
  4. Providing you with something so that you feel obligated to return the favor.
  5. “If everyone else does it, it’s okay.” Hackers apply this concept by making a phishing email appear that it’s gone out to other people in the your circle of friends or acquaintances.
  6. Playing on your emotions to get you to like the crook. A skilled fraudster will use wit and charm, information from your social profiles, or even a phony picture he took off of a photo gallery of professional models to win your trust.

In order to preventing human hacking via phishing scams, you need to be aware of them. Aware of the scams, ruses, motivations and then simply hit delete. Whenever in doubt, pick up the phone and call the sender to confirm the email is legit.

RobertSicilianoRobert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

Sniffing out a cybercriminal: be on guard for online persuasion tactics

Many people will be familiar with renowned psychologist Robert Cialdini’s “Six Principles of Influence”. In its most basic form Cialdini offers a step-by-step psychological guide to getting people to say yes.

Very effective in the workplace or that crucial sales meeting, but these principles aren’t necessarily confined to the noble quest of ‘better business.” In fact, cybercriminals are now swotting up on the latest social psychology tactics in order to get their hands on your data. And this battle is growing: according to McAfee Labs, two-thirds of the world’s email is now spam trying to extort information and money.

So what can we do to sniff out a cybercriminal? At Intel Security we have been analysing the most common psychological levers being used by these hackers and phishers and have updated Cialdini principles to reveal how they apply in the digital world and what you need to do to stay safe.

Persuasion Techniques in the Digital World:

Scarcity: An offer to good to be true? It probably is. An email from your bank asking you to do something within 24 hours? Seems too scary to be legitimate? You’re probably right. Cybercriminals use scarcity and urgency to dupe people into clicking on something malicious without taking the time to think.

Authority: Criminals don’t have to dress up in dodgy outfits to mimic a public official or a trusted source anymore. But they still use authority to get their hands on your data. Ask yourself, why has that delivery company sent me that email when I haven’t ordered something?

Social Validation: People tend to comply when others are doing the same thing. A dodgy looking social media message might trick you into clicking a link simply because it has a group of your friends on it. If it seems odd, it’s probably not real!

Liking: People are more likely to comply when the social engineer is someone they like. Be on guard for a hacker that might use charm via the phone or online to ‘win over’ an unsuspecting victim

Reciprocation: A seemingly helpful call from your mobile service provider offering to help you out by talking you through a virus scan? Be aware of these ‘helpful’ people who might trick you into returning the favour and providing details you wouldn’t normally

Consistency: Have you just promised a caller from your bank to adhere to security procedures? And now they’re asking for personal information as part of these procedures? We all try and stick to our promises, but this can get us in trouble if we’re not careful

You can also watch our latest video to learn more about these persuasion techniques: ‘Hacking the Human OS’

Top tips to stay safe online:

  • Think before you click – use your best judgment when responding to an email. Are you expecting a parcel delivery? Or why would your bank send you an urgent notification asking you to update your account? Consider what you’re being asked to do before rushing to do something you could regret later
  • Check and verify – received a text message, email or message on social media from a friend that just doesn’t sound right? Call them, ask them if it was them. Same goes for the bank notification – find the legitimate phone number and ring and speak to customer service to check and verify everything is above board
  • Security software: Make sure you have some form of security software, such as McAfee Live Safe, which you can use across all your devices to help scan and monitor for suspicious links and malicious files

The post Sniffing out a cybercriminal: be on guard for online persuasion tactics appeared first on McAfee Blogs.

Personal Privacy vs. Security – Do We Have to Choose?

Since the dawn of the mobile era, there has been a continuous fight for an increase in the security measures taken to protect user’s data sent through mobile apps.

When various mobile messaging apps began rolling out encryption, it came as no surprise that consumers and security aficionados rejoiced. After all, encryption is more or less a high-tech way of creating a code for users’ data so that it can’t be read by prying hackers – thus allowing them to safely peruse their apps of choice. What did come as a surprise, however, was the potential backlash of cybercriminals utilizing encryption to plot their crimes. This backlash is the cause of the current conundrum we are in when regarding the debate between personal privacy and security.

So, if it came down to it, what would you choose: your personal privacy rights or the safety and security of the masses?

This seems like quite the brain exercise, but with recent discussions and hearings around banning encrypted mobile messaging apps, this may not be a purely theoretical question much longer.

As we’ve discussed before, encryption is a key security measure that mobile apps employ to help protect a user’s data from the spying eyes of invasive hackers. Encryption makes possible everything from e-commerce and online banking to secure mobile messaging and file-sharing.

However, as some are beginning to note, one side effect of encryption is that it creates a “safe space” for those with malicious intent to communicate and share information privately. More specifically, the concern is that these safe spaces create protected breeding grounds for cybercriminals to plot and plan their attacks.

If the above is indeed true, then where do we draw the line between personal privacy and the monitoring of potentially threatening and harmful information? Should users of encrypted mobile messaging apps be willing to turn over their personal data for the sake of society’s protection?

While at times it may seem like security infringes privacy, this should not be the case. The two concepts actually complement one another, and consumers should not have to forgo one in order to have the other.

A great example of privacy and security working together can be seen through the McAfee® Mobile Security product. Free for both Android and iOS, it offers a variety of protections for users’ data, while also weeding out cybercriminals who are up to no good.

For the time being at least, encryption is here to stay. We’ve come too far in terms of our security developments for a technology like this to disappear without significant backlash. As both general consumers and those with malicious intent continue to have access to tools like encryption, it’s important to have discussions about how to gather security intelligence while still respecting users’ privacy rights.

Of course, when users allow any apps to access their personal information, there must be an understanding that the data may not be completely private. Therefore, until the argument about encryption and personal safety is settled, the simplest course of action is to avoid these apps altogether—or at least avoid sharing sensitive information on and with them.

As always, to keep up with the latest security threats, make sure to follow @IntelSec_Home on Twitter, and Like us on Facebook.

lianne-caetano