If you are a user of Citrix's GoToMyPC unfortunately you will have to reset your passwords (use something long varied and strong, don't reuse an old password!).
The service, which lets users remotely access PCs over the internet, was hit by a "very sophisticated password attack," Citrix said Sunday in a blog post. The company is requiring users to reset their passwords using the "forgot password" link. This is just another hack in a long line that have been disclosed in the past few weeks as hackers seem to be targeting website with huge user databases in an attempt to reap the rewards of cybercrime.
"Citrix takes the safety and
security of its customers very seriously, and is aware of the password
attack on GoToMyPC," said John Bennett, product line director at Citrix,
in a statement. "Once Citrix learned about the attack, it took
immediate action to protect customers. Citrix can confirm the recent
incident was a password re-use attack, where attackers used usernames
and passwords leaked from other websites to access the accounts of
GoToMyPC users. Further, there is no indication of compromise to any
other Citrix product line."
To reset your GoToMyPC password, go to the site and click on the Log In link.
I would recommend along with resetting your password that you enable two-step verification, a process that sends a
code to your phone each time you want to sign in. If you've used the
same password for GoToMyPC at other websites or for other accounts, you
should change it at those places as well and don't make up a new password and use it on your other sites to, not that you would do such a thing.
Phishing (pronounced fishing) scams are among the most prevalent forms of cybercrime, targeting unsuspecting victims. Although phishing is widespread, it is possible to identify and prevent. Apart from ensuring you install security software, the best way to combat scams is to educate yourself to what these scams are and how to identify them. I found the below video from Meridian Banking that explains phishing very well, and even though its aimed at Meridian customers you should get the idea.
Now that you have an idea of what phishing is and what forms it can take lets go through some addition steps you can take to protect yourself.
1) Be wary of emails asking for confidential information - especially information of a financial nature. Legitimate organisations never look for this information over email or the phone, if you get such a call or an email you should contact that organisation independently using know contact information from previous correspondence such as a statement or contract.
2) Make sure you when signing up to a new website's that you read there privacy policy. The majority of commercial websites have a privacy policy, which is usually accessible at the foot of the page. In this policy look for the website's policy on whether it will or will not sell its mailing list. If the site in question does sell its mailing list see do they have a policy that allows you to sign up and opt out of this feature if not you might want to consider do you really need to join the site in question. The majority of spam and potentially dangerous phishing emails you receive come from sites you have signed up to that have sold your mailing information to another company or companies.
3) Make sure you maintain effective software to combat phishing. Most Internet Security suites automatically detect and block fake websites. Some will also authenticate major banking and shopping sites. I have also stated in another blog how you can add security plugins to your browser that will help identify dodgy sites and links.
4) Never use links in an email to connect to a website unless you are absolutely sure they are authentic. It is very easy to add a fake link or hyperlink text that will bring you to a fake site or similar looking website. To avoid this open a new browsers and type in the url subtle differences could bring you to a fake site (eg) ww.aib.ie is the AIB banking site what if the link you received was www.aibbank.ie would you know the difference?
5) Never submit confidential information via forms embedded within email messages. This is not a secure practice and all reputable companies know this. If the form is part of a phishing attack the senders are often able to track all information entered.
6) Think twice about opening attachments from senders you are not familiar with eg. getting an email off an unknown address with an attachment labelled as "invoice". If you are not expecting an invoice and you don't recognize the sender chances are the attachment is carrying a malicious payload delete it!
7) I will end with my pet hate, clicking articles on social media that are clearly made up just so you will click on them. eg BREAKING NEWS: Pamela Anderson shoots president Obama over views on healthcare! This is clearly a bullshit article don't click on it, you can be guaranteed you are entering a world of spam and malware.
I recently came across a bluebird care campaign surrounding cybercrime and the elderly. As part of that campaign they had an infograph that I think is a super informative and can be viewed by clicking here.
For parents the risks of the internet to your child can be over looked. Coming up to Christmas you may be tempted to buy the next great gadget for your child however with the Vtech cyber attack this week as one example, how safe is the data your children are inputting into these devices? I would always advise parents if they are giving their children access to tablets and smart phones at a young age they should always consider a number of factors.
1) Don't put your child's personal data into any device when setting it up! Use your own details if you have to otherwise create throw away credentials to enter in any applications that don't require factual information.
2) Set boundaries! balance is key, create times of use around their devices avoid your children becoming addicted to their devices.
3) Educate your children to the dangers of the internet and the fact that everything they do online is there for life! Snapchat is a popular example to use and I suggest you give this article a quick read.
4) Put safe guards in place to monitor your child's online activity, this will give your child the device they want and you can have the piece of mind that they are not putting themselves at danger online.
5) Keep you kids off social media until they are an appropriate age, most sites don't allow children until they are 13 years of age but this can be easily overcome by entering a fake date of birth.
6) Make sure you need to enter a password to download apps and games don't leave your credit card information signed in on the device they use. This will allow you greater control over what applications they are using, it may also stop a nasty credit card bill from unseen app charges.
The internet is a great place but the dangers it poses are very real, take a few minutes to watch the video below before disregarding this post.
Below are some tools for monitoring or limiting the amount of time your child's device is in use.
For Window's users:
When you create an account designated as a child’s account, you get the option to enable Family Safety settings. Family Safety allows you to monitor and /or time the usage from your child’s account, block certain applications or sites, and get weekly reports reviewing the activity on the account.
For Mac users:
Log on as Administrator on your child’s Mac, go to the Sharing preferences and choose Screen Sharing. Continue to “Allow Access For” and choose Administrators. When you are on your Mac, go to the Finder and choose Go: Network to see your child’s Mac. Click on Share Screen to see the activity.
For Smartphones:
Backing up your child's phone’s content to your own PC or Mac is a good way of keeping tabs on things. This will allow you to see which apps are being used on the phone, and you’ll be able to see what calls and text messages your child is making. Be sure to activate the basic security features, as well as any further limitations on usage you want, I have already done a blog on securing iPhone's.
There are also many products on the market that will allow you to use GPS tracking and more in-depth monitoring of all your kids devices. One free option that allows some of this functionality is Norton Family Online. The free version lets you monitor every site your kids visit, examine a list of everything they search for, and track their activity across social media via any Internet connection. You can tell Norton to always allow (whitelist) or block (blacklist) certain sites, customize the settings for each child, and set time limits so you can boot them offline when it’s time for bed. A premier version lets you monitor their instant messages, video consumption and mobile devices. This is just one product that I am aware of but their are many similar software type packages out there.
I hope that you have found this post of some help and if you need advice on anything just pop a comment below and I will do my best to give you a constructive answer,
In light of the popularity of the Black Friday phenomenon having made a full transition online shoppers need to be more aware that ever of how they shop online. This is a day that cyber criminals will be in full flight waiting to grab shoppers credit card and login information using eCommerce sites that are vulnerable. This is a day that shoppers need to be extra vigilante when shopping online. Silcon Republic have posted a number of tips to help customers keep safe and the article can be found here.
The main points from that article can be found below.
1) Consumers should be careful not to expose their computer or mobile screen to the eyes of strangers, especially when a credit card number is visible.
2) Online shoppers need to keep their computer updated with the latest malware protection. Even if a consumer conducts all transactions on a secure site, it is possible for the computer to be hacked or to be running malware, which means all data entered can still be stolen.
3) Be aware of internet connections. Using a public Wi-Fi service without encryption gives anyone the ability to hack into the connection and collect a user’s information.
4) Pay close attention to shopping websites. Many websites do not properly protect the data they collect. Shoppers can know the site is safe if it has a green lock in the address bar, which signifies the company has met strict standards with respect to protecting data they collect from customers.
5) Finally, shoppers should frequently monitor bank statements for suspicious transactions. Many times, cyber theft is done in small amounts in order not to draw suspicion.
If you need help in making your devices even more secure you should have a read of some of my posts on securing your laptop and iphone. All of my posts can be found on my blog.
