smartphone – PSafe Blog https://www.psafe.com/en/blog Articles and news about Mobile Security, Android, Apps, Social Media and Technology in general. Thu, 19 Jan 2023 14:49:21 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.3 https://www.psafe.com/en/blog/wp-content/uploads/2018/05/cropped-psafe_blog_purple-shield-32x32.png smartphone – PSafe Blog https://www.psafe.com/en/blog 32 32 <![CDATA[Spoofing: What’s it all about?]]> https://www.psafe.com/en/blog/spoofing-whats-it-all-about/ Fri, 08 Apr 2022 21:34:50 +0000 https://www.psafe.com/en/blog/?p=21236 We can define spoofing as an act of disguising something: usually a communication or request for action — seemingly from some known and trusted party, inducing the user to interact with the (unknown) source. It can occur on a somewhat superficial level, such as emails and messages, or through more technical means: such as DNS and IP spoofing.

In practice, spoofing is used by hackers to achieve numerous goals, such as getting sensitive information from their targets, or gaining access to restricted digital environments from which they can launch additional attacks (such as ransomware) — and much more.

How does spoofing work?

It is possible to commit a wide variety of crimes by using information obtained through spoofing activities. Just imagine what a hacker or cybercriminal might do if they’re able to convincingly impersonate a company or another person.

A well-engineered spoof can take over the domain of an email or website to approach a possible victim, or gain access to internet protocols or IP addresses (which act as an identifier for computers connected to the network). Thus, it’s possible to have access to a person’s applications, get hold of their confidential data (whether personal or banking), and a spoofer can even send messages on their behalf.

This type of scam is not new, but its methods and purposes vary and increase every day.

What are the dangers of a spoofing attack?

With the possession of sensitive data, criminals can carry out a series of financial transactions using the spoofing victim’s name. Sometimes this transaction can be done with the leaked credit card details, and sometimes they can impersonate the victim in order to get credit, money from people they know, or make debts on their behalf.

A spoofer can also monitor your activities, gain access to messages sent from your device, and even sell the data they obtain to other companies.

What are the types of spoofing?

Now that you know what spoofing is, it is important to understand that this type of attack can take many forms, from the simple to the complex. Here are a few of the main forms spoofing can take:

email spoofing

Probably the most typical model occurs when an attacker uses an email to trick the recipient into thinking the message came from a trusted source. Typically, this is done in one of two ways: by removing the sender field (so that it is not possible to know who sent it), or by disguising known addresses from unknown senders.

For example, a lowercase “l” and an uppercase “I” are practically impossible to identify in a sender’s address. This type of message can also be sent via SMS (known as “smishing”), or through social media messages and other channels.

spoofing website

Website spoofing occurs when an attacker uses elements of a known page to create a similar or virtually identical copy, often displayed within a context that makes sense.

The idea is for the victim to put their information into the impostor website so that it is intercepted by the attacker.

IP Spoofing

IP spoofing is one of the more sophisticated attacks, looking to mimic a more technical point. It’s probably a type of attack that the user’s rarely even see, as the goal is to trick the system itself.

For example, a network can be configured to authenticate users according to their IP address. If the attacker manages to disguise the IP and trick you, their access is easily granted.

DNS Spoofing

The idea of ​​DNS spoofing is similar to the previous one. As you may well know, DNS (Domain Name Server) is a system that helps you translate website addresses into IPs. With DNS spoofing, attackers are able to trick the system and redirect traffic to an IP they control.

A simple metaphor can make this example clearer: just imagine that DNS are the signs on the streets, which indicate where a driver needs to go. With spoofing, a criminal “swaps” the street signs, with the aim of taking drivers wherever they want.

Facial Spoofing

This is a different strand of spoofing, with a similar principle. More and more, facial recognition models are becoming popular (to unlock smartphones, for example). For this approach, it’s common for hackers to use photos or videos of the person, with the aim of tricking the system and pretending that they are indeed there.

Good artificial intelligence may offer protection here, because it will be able to identify whether a person is trying to access that system or not.

Spoofing on social networks

Telegram, WhatsApp, Instagram and any other online service of the same category can also be used as a vehicle for spoofing.

In these cases, the victim has their account hacked, and cybercriminals use their profile or account to contact friends or family. Generally, these people simulate some emergency situation to ask for money, or they’ll announce products for sale (at extremely low prices) — but the products don’t even exist.

Telephone spoofing

Telephone spoofing calls can happen when someone impersonates a company or an institution over the phone. This usually happens through a service called Voice over Internet Protocol (VoIP), which is used to transmit online calls and spoof the number or name to be displayed on the caller ID.

So be suspicious when your cell phone shows a call with a certain name, but from some number or locale you don’t recognize

How can you detect spoofing?

Detecting spoofing yourself is possible, but as we’ve noted, it’s not necessarily easy. 

However, there are some signs that can help identify this type of attack.

Look for English and grammar errors in messages. These can be more serious grammatical errors, such as wrong words, or more subtle, such as certain inconsistencies or strange structures. 

Make it a habit to always check the links you are clicking or the email address of senders. Look for any unusual changes, however small. Look closely and compare the domain if you can. 

On smartphones, you can place your finger on links for a few seconds, so that a preview window of the content opens, as well as the link;

Note if your browser does not automatically fill in your information (if it usually does) Especially on a site you visit frequently, this may be an indication that you are on a spoof site instead.

Confidential information such as credit card numbers, passwords should only be shared on secure and encrypted sites using HTTPS at the beginning of the URL.

If an email looks sketchy, do a Google search for the content of the email itself. If it’s a known scam, it will likely turn up. 

Use the dfndr lab link checker. This is a free tool that tells you in a few seconds if a link is trustworthy or not.

How to protect yourself from spoofing?

Even if you follow all the tips above, protecting yourself can be hard to do. The big problem is that most folks won’t be able to closely observe all these details and stay aware on a daily basis.  And this is exactly what hackers count on.

Imagine someone who is going through an extremely busy day, doing a thousand things at once, who receives an email with these subtle changes. The chance of the person stopping to look and detect these errors is small. Hackers know that it is virtually impossible to be alert 100% of the time.

Of course, it’s best not to click on unfamiliar links or attachments coming from emails you’re not sure where they came from. However, as we mentioned throughout the post, the purpose of spoofing is precisely to disguise these attacks as something familiar and reliable.

Another big problem with modern companies is underestimating hackers. Attacks are no longer made by a single person wearing a hood, in a dark basement. There’s a lot of strategy and sometimes large organizations behind these hacks, resulting in attacks that are extremely sophisticated and very difficult to identify, as we have discussed in the examples above.

One option is to avoid clicking on direct links. For example, if you receive an email, an SMS (Short Message Service) or a call from your bank notifying you of a problem, avoid clicking on the link. Access the direct website or the app to confirm the information.

In cases involving social media intrusions or phone line cloning, it is important to be cautious when opting for two-step verification. Several applications already provide this option in their menu to enhance your security.

By creating extra phases for your login in communication apps, a spoofer will not have access to your message history (even if they have access to the confirmation code needed to login) and will certainly find it more difficult to hack your account.

Finally, it’s important to use some security solution (like dfndr enterprise) on your computer to make sure that the pages you access really are trustworthy. A software based on artificial intelligence will have more resources available to assess the security of your network, block potential threats, and protect your device before it becomes the target of an attack.

Did you learn something from this post? Now that you know what spoofing is and how to protect yourself from it, take the opportunity to subscribe to our newsletter. 

Then you’ll have access to more first-hand safety tips, right in your email!

]]>
<![CDATA[Careful With That QR Code! Five Steps For QR Code Safety]]> https://www.psafe.com/en/blog/careful-with-that-qr-code-five-steps-for-qr-code-safety/ Fri, 11 Mar 2022 18:14:35 +0000 https://www.psafe.com/en/blog/?p=21198 For 20 million people, the temptation proved too hard to resist. For a full minute, a simple QR code ping-ponged back and forth on their television screens during a break in the action at the Super Bowl. Cryptocurrency company Coinbase reportedly paid 14 million dollars for that ad – but clearly, they got their money’s worth: 20 million people were redirected via QR code to their landing page, specially designed for the ad. 

Caution Flags 

The radical simplicity and irresistible pull of the Coinbase spot was the talk of the post-game ad reviews. But out of the din of this discussion came another message — this one from the Federal Bureau of Investigation (FBI). Inc Magazine’s Jason Aten pointed to a warning they had issued a month prior to the big game – the first lines lay out the situation quite clearly:

The FBI is issuing this announcement to raise awareness of malicious Quick Response (QR) codes. Cybercriminals are tampering with QR codes to redirect victims to malicious sites that steal login and financial information.

QR Codes Are Back, And Bigger Than Ever

Once again, it seems that bad actors have seized on a popular trend to help them do their dirty work. A simple technology dating back to the 90’s, QR Codes are on the rise lately – as they’ve become a very effective digital tool for marketers who want to quickly convert mobile phone readers into shoppers and buyers. The Wikipedia entry on QR codes gives you a quick grasp of just how powerful they can be when scanned on a mobile phone:

QR codes may be used to display text to the user, to open a webpage on the user’s device, to add a Card contact to the user’s device, to open a Uniform Resource Identifier (URI), to connect to a wireless network, or to compose an email or text message.

All you have to do is think about how hackers might use that kind of power, and you can quickly see that indiscriminate scanning of QR codes could lead you into some serious trouble. 

Two Primary Sources of QR Code Danger

The first danger with malicious QR codes is the fact that they can transport you seamlessly to a fake website. As with most hacks, the first layer of the transaction seems to be legitimate: the QR code works! The user arrives at a site that has the offer or information they were seeking. 

And this is when many users will let their guard down, and fail to notice telltale signs that the site isn’t legitimate. Super-sweetened offers can also play a role in softening up otherwise careful users. The bad website can be a collection point for private information and financial data, and the path to financial losses and ID Theft is paved.

The second danger is QR codes that include malware themselves. Once again, let’s turn to the FBI for — “just the facts”:

Malicious QR codes may also contain embedded malware, allowing a criminal to gain access to the victim’s mobile device and steal the victim’s location as well as personal and financial information. The cybercriminal can leverage the stolen financial information to withdraw funds from victim accounts.

That’s about as bad as it can get. So, short of forsaking the use of all QR codes — how do you defend yourself?

What Can You Do?

Here are the five steps you can take – we discuss each below in more detail:

  1. Get informed about what QR codes are and what they can do.
  2. Make sure your device has good security software.
  3. Use that security software regularly!
  4. Before scanning any QR code, scan “the situation.” 
  5. Make sure you land where you expected to!

You’ll be glad to know that you’re well on your way to completing the first step. We hope this article has helped in this regard, and if you want to get even more up-to-date on potential threats to you and your mobile device, we highly recommend these two companion articles:

Six Ways That Cybercriminals Try To Take Over Your Device – QR codes are covered here along with several other traps, like WiFi Honeypots, Fake Apps, and even Subtitles in Streaming Apps. Do give it a careful read – lots to learn here.

Can a QR Code Be Used In A Phishing Attack? – If you’ve followed us so far, you know the answer to this question is YES! But hit the link to get more information on how QR codes can bait the hook for hackers’ big Phishing expeditions.

Security Help

If you’re using dfndr security, make sure you activate the anti-hacking feature to protect you from scams and malware. dfndr security PRO plan also has a dedicated Safe App function to help sniff out apps that contain malware, and also provides complete Identity Theft reports should you suspect trouble.

Eyes Up!

But your awareness is always going to be your first line of defense. Remember that QR codes primary benefit is to help you connect to a specific spot on the web without your having to type in a URL. The “fun” of seeing this work is no doubt a major part of the success of that Coinbase ad. 

If you decide you do want to scan a QR code – make sure you can verify it’s from a trusted source, and take a good close look at the surroundings: the copy and design, the context of use. Is the code stuck on a wall outside a club? Or did it come to you via a traceable source like a mass mailing? If you can verify that the code is from a trustworthy source – make sure the landing spot is what you expected it to be.  

Just remember what your friends in the FBI told you: a QR code isn’t a game to be taken lightly — or a Pokemon type game where you have to capture and collect. They serve a very specific function, and they’re more powerful than they look. Treat QR codes with the same caution you’d give to any unknown app or web address.

]]>
<![CDATA[Pharming: Phishing’s Nasty Big Brother]]> https://www.psafe.com/en/blog/pharming-phishings-nasty-big-brother/ Tue, 08 Mar 2022 17:31:21 +0000 https://www.psafe.com/en/blog/?p=21190 Pharming is somewhat less familiar than the term “phishing,” but both are methods employed by hackers to perpetrate fraud and gain illegal access to your private information. 

The ph prefix means that both are…well…phake.

But despite the cute names, the damage that can be wrought with either method is considerable. Identity Theft is the end game for many of these swindles, and as you may know, the long tail effects of ID theft can be personally devastating (and if you’ve never really experienced or read-about just how hard ID Theft can be for individuals, we highly recommend reading through that linked article. Not fun, but essential information).

While phishing attacks are made through phishy emails, pharming is the term applied when the hacker sets a trap in the form of a malevolent website: frequently, an impostor-site posing as a well-known and trusted company site. 

Pharming: Individual User Attacks

Phishing and pharming often go together – and the phishy email lures a single user to a malicious website, where the user enters their private information and the pharmer makes off with it, using it later to sow havoc by deploying it on the real site.  

Sometimes these sites are simply set up like traps on the web – you may have encountered one or more of these by simply misspelling the name of a popular site. The result may be a jarringly different site than what you expected. 

In truth these situations are relatively easy to avoid.  But sometimes the site you’re delivered to can be very close to what you expected, and that’s where real pharming trouble can begin.

Malware can drive pharming too – redirecting you to the substitute site without your awareness or permission. It’s important to remember that hackers are increasingly fond of using techniques of misdirection. You may inherit malware through a new app you download, but the consequences arrive later, when you first log on to your bank-site or try to pay your credit card bill, and the malware takes you to an impostor site to steal that information from you.

DNS Switching  

DNS switching takes the whole pharming idea to a more dangerous height. Whereas the malware or phishing-driven pharming operates at an individual user level, DNS Switching redirects all traffic to a given website to a pharmed-out impostor. 

The malware works within the DNS server and redirects requests to reach the authentic site to the pharming site. These more sophisticated attacks often involve more sophisticated fakery, and the pharming sites can be very convincing.

How To Protect Yourself, Down on The Pharm

As always, there are a few different layers of protection you can enlist to keep yourself from pharming — and the more of them you employ, the safer you’ll be:

Mindset: Your mindset as a user is one of the best defenses you have against hackers. Remember that hackers are fond of using social engineering – which some might refer to as “good old psychology” — to lure users into interactions with iffy emails, sketchy sites, and strange-people on well-known platforms. Keep your guard up, and if somebody, something, or some site asks you for information that your bank or health club or grocery-delivery (etc.) already should have, let that alarm bell go off loudly in your head. Then take three giant steps away from your keyboard. 

If your spider-sense has even an inkling that an email from a friend or a site isn’t the real deal: slow down and check it out. In general: try not to confer the trust you have in a person or company onto any representation made for them on the web. The web is…the web. And it should always be treated with caution.

Unprotected?: Public, unsecured wifi networks really are the devil’s playground.

The upshot is that public networks have chinks in their armour, and hackers use those chinks to “eavesdrop” on your conversations. Information they steal through this technical kind of listening can lead to direct attacks, or…down the road, a phishing or pharming attack tailored just for you. 

S matters: There’s a big difference between http:// and https:// — the difference is that “s,” which stands for secure. When you see the full https://, it means that information on both ends of the website transaction is encrypted and secure. When you don’t – that may not be the case. This is such a widely accepted standard now that the absence of that s should put you on high alert.  

Phishy?: If it looks or sounds phishy, it probably is. It might also be pharmy. Here’s an example of what we mean: in one of the biggest pharming attacks ever launched, a DNS Switching attack on more than 50 financial institutions, the affected users were presented with an error screen that asked them to switch off their anti-malware and any firewall protection they might be running. Many users simply complied, and provided access to the pharming malware to do the rest of the work. 

This obviously relates to our mindset discussion as well, but we wanted to emphasize that even very sophisticated pharming attacks will sometimes rely on users turning off systems of defense: whether it be their own mindset, or settings in place on their computer designed to protect them!

Speaking of Defense…  

Of course one of the essential bits of protective equipment is a good security software solution. dfndr Pro provides several excellent tools to help you protect not only your private information but your physical phone as well. Having that combination of protections is important. 

Pro also offers a Safe App function that enables you to screen any app you might want to try before downloading it, and that can be an excellent first line of protection from malware of all types – including those that are designed expressly to uh, ”take you down on the pharm.” 

With your mindset on high-alert, and your phone protected with a well-designed, and multi-layered security capability, you can move about confidently. Just be careful out there, and try not to get any mud on your shoes!

 

]]>
<![CDATA[Avoid the Tinder Swindler: how to date online safely]]> https://www.psafe.com/en/blog/avoid-the-tinder-swindler-how-to-date-online-safely/ Tue, 22 Feb 2022 14:18:16 +0000 https://www.psafe.com/en/blog/?p=21174 Good con artists have a strange relationship with emotion: many of them demonstrate an almost uncanny ability to manipulate and elicit emotions in others, yet they’re often detached from their own emotions. This frightening combination is in evidence throughout the recent independent film sensation The Tinder Swindler.

The film tells the story of a conman who uses the Tinder app to insinuate himself into the lives of three female victims. In the film, Simon Leviev sets up elaborate romantic cons to appear as a wealthy diamond heir, then uses the trust he has gained to steal information, then money – only to use that money to fund the con for his next victim.

It’s a taut and dramatically told story, but without a clear moral or ending. (The New York Post has reported that Leviev has signed with a Hollywood agent, and “wants his own dating show.”)   

How To Stay Safe: Five Scammer Prevention Keys

But the moral for users of Tinder — and social media in general — are still the same: proceed with caution!  Below are a Five Keys to help you stay safe as you navigate dating apps like Tinder — they’re also useful guidelines for people you might meet on any other social app like Facebook:

  • Do some research — and take your time. Before meeting in real life with anyone you’ve met online, take the time to do a little background research and find out if the person you’re speaking to is who they say they are. 
  • Consider bringing a friend for the first date(s), and meet in public. Yes, this will keep you safer, and it might also help provide a more casual atmosphere where you can learn a little bit more about your new friend.
  • Be sensitive about peculiar information requests. Spoiler alert: The Tinder Swindler orchestrated reasons to get Passport information, and then quickly put it to nefarious use. Whatever the reason given, a quick pivot to requests for detailed personal data is always a sure warning sign, especially in a new relationship.
  • Keep your purse, phone, and ID’s close. Don’t overlook simple physical sources of data like these. Don’t leave them unattended. 
  • If you have any suspicions, check in to things. If anything seems odd in terms of your interactions, don’t bury your head in the sand. A good security solution like dfndr security can help you track where your data is going and also protect your physical phone from theft. Stay on top of your bank and credit card accounts.

Remember: Most Scammers Don’t Do A Lot of Romancing

The Tinder Swindler is also a healthy reminder that most scams are not quite as elaborate as those cooked up by Simon Leviev.  But most scams operate on the same human emotions of romance and self-interest. 

Set some clear rules for yourself in the dating world – and also for when you’re answering emails and text messages — or when you’re looking for work on a job site.  If it looks too good to be true – it probably is! 

    

]]>
<![CDATA[Nutty Malware Can Wipe Out Two-Factor Authentication]]> https://www.psafe.com/en/blog/two-factor-authentication-malware-linkedin-phishing-scam/ Mon, 10 Sep 2018 20:29:32 +0000 https://www.psafe.com/en/blog/?p=19360 Two-factor authentication has garnered plenty of praise as one of the most secure ways to sign into an online or mobile account without getting hacked. However, cybercriminals have now developed a piece of malware that can wipe out two-factor authentication and steal your data through a phishing email.

Read More: 5 Tips to Determine if an Email is Actually a Phishing Scam

While you should still implement this type of authentication on all your accounts, protect yourself further with an antiphishing app that adds another layer of security to your device and data. With dfndr security, your phone will have an anti -hacking feature that protects your device and warns you of malicious links, blocks them, and prevents you from falling for phishing emails.

Here’s what you should know about the malware that can wipe two-factor authentication.

Not as Powerful as it Looks
Security researchers released a video that shows how easy it is to take over an account or someone’s personal information, even with this type of authentication. The video revealed a phishing email with a bit of code that can steal or compromise the login information of a user by placing the code into a login box.

Fraudulent LinkedIn Email
The phishing scam sends what appears to be a legitimate LinkedIn email showing that someone is trying to connect with them through the social media site. The researchers showed that if you look closely, the return address of the email is not correct as it’s actually a spoofed version of LinkedIn.

What Happens Next?
If the target falls for the phishing email and clicks the “interested” button, the malware will then be downloaded onto the victim’s device. The email then takes the victim to the real LinkedIn site where they log in their information to complete the connection process, including having the site send an access code to the account holder’s phone.

While this is going on, the malware in the background has gained control of the email and password linked with the victim’s account, along with the session cookie. The criminal can then use the victim’s information to log into their account, even without two-factor authentication and without the victim’s device.

Scary Stuff! What Should I Do?
Naturally, two-factor authentication will not help you at this stage, so the best thing you can do is download an antivirus app like dfndr security that has antiphishing technology, but don’t just leave it up to a security app, be sure to always check emails closely. The sender address, how the email is composed (language and punctuation), and the urgency level are some clues to whether or not an email is legitimate.

]]>
<![CDATA[How to Hide Private Files on Your Computer or Smartphone]]> https://www.psafe.com/en/blog/how-to-hide-private-files-on-your-computer-or-smartphone/ Mon, 23 Jul 2018 22:00:15 +0000 https://www.psafe.com/en/blog/?p=18701 Organizing data is sometimes the last thing we want to deal with, but if you have critical financial documents or collections of embarrassing party photos lingering around, these are the types of files you should keep private in case of snoops or hackers (it does happen!). Having a passcode on your device is smart, but it’s not always enough if you share your computer or phone with friends and family. Be even smarter and limit access to your hidden world with the following tips.

Windows
A simple trick for Windows is to merely place your sensitive information within a folder and then mark the folder as ‘hidden,’ which will hide it within the file explorer. To hide a folder, right click on the folder and select the properties option. Once the properties dialogue is open, ensure there is a checkmark next to the hidden label – that’s all there is to this method! When you want to view that hidden folder, simply select the view tab within the file explorer and check the option to display hidden items.

Read More: 3 Private Messenger Apps That’ll Keep It Confidential

MacOS
The process isn’t as easy on Mac and does involve a bit of time in the Terminal application. If you’re unfamiliar with using Terminal, we suggest checking out a quick tutorial first. Start by opening the Terminal app from your Applications folder and navigate to the directory in which your folder is placed. Once you are within the proper directory type the following command, followed by the enter key,’ to hide the folder: “chflags hidden [name of folder].” For example, if we have a folder named ‘photos’ which we want to keep hidden, we would type: “chflags hidden photos.”

Android
Due to the open nature of the Android platform, one of the best options for hiding sensitive data is a third-party solution. One such option is dfndr vault, an app that easily allows you to create a hidden gallery of photos and videos; it even offers a feature known as applock, which can prevent access to certain apps by letting you add a secure passcode. No need to worry anymore about friends snooping around your Tinder profile or co-workers discovering embarrassing snapshots. Android users can also take advantage of dfndr performance, which has a ‘quick cleaner’ feature to remove any private information that might be in your device’s temporary files.

iOS
If you’re an iPhone or iPad user, you can choose to add your private photos or videos to a ‘hidden gallery’ built into the device. Simply visit your Photo app and navigate to the media you wish to hide, once there tap the share button (the square with the upward facing arrow), and select hide from the menu. The photo you just chose to hide will no longer be viewable from the main camera roll or any of the adjacent photo features. To view the private collection, head to your albums and locate the folder named Hidden. Sadly this option won’t keep the most curious of individuals out, but it will prevent any private images from popping up while scrolling through your camera roll.

]]>
<![CDATA[A Cyber Drive-By Attack Could Be Lurking in Your Hood]]> https://www.psafe.com/en/blog/a-cyber-drive-by-attack-could-be-lurking-in-your-hood/ Thu, 28 Jun 2018 22:00:47 +0000 https://www.psafe.com/en/blog/?p=18743 Ever heard of a drive-by? A disturbing picture comes to mind, but now apply the same idea to a cyber attack. Huh, sounds confusing right? But this crime has been gaining traction and is called a cyber drive-by attack. What’s disturbing is these hacking attacks target users without the usual method of having to open a malicious file or link. What hackers do at a cyber drive-by is station themselves close to a house or a place of business and attack.

Read More: The Danger of Spoofed Websites: Learn to Tell the Difference

The best way to protect yourself from cyber threats is to ensure you download antivirus software on all your devices, your phone included. For Android users, we recommend dfndr security, which has a security scan feature that combs your entire device, even the SD card, and blocks viruses or malware.

Get dfndr security now

How It All Began
A cyber drive-by attack wasn’t much of a threat in the early days, mainly it was used to gain free access to Wi-Fi. Hackers would drive by the streets of a town, locate a Wi-Fi signal and If the signal was insecure, they would hack through to siphon Internet.

How They Evolved
Now cybercriminals use this same practice but in more sophisticated ways. They often target badly secured routers and first figure out the router manufacturer. Once they’ve gotten that information, they’ll next tap in and listen to the traffic and find ways to compromise the password, which eventually gives them access to a computer or phone.

With all systems weakened, the next stage of an attack is to introduce malware or a keylogger, and once this happens, tapping into someone’s sensitive information is child’s play.

A keylogger can bait a victim by having them visit a legitimate website that’s infected through a popup or ad, or by slyly redirecting the person to an infected site. Information like bank accounts, logins, or social security numbers could be discovered and used in illegal ways.

Criminals are also targeting businesses with this type of attack, which requires no user interaction at all and depends on the vulnerability of a device or modem.

In other cases, cybercriminals use ‘man in the middle’ software, by having attackers spy on victims by setting up conversations between multiple parties.

Last Words and Tips
In addition to downloading a security app, individuals and companies should update devices regularly with the latest security patches and script blocking plugins. Additionally, businesses should ensure employees don’t have local administrative access to their devices. Set them up with a separate account instead.

Other measures to take include segmenting a company’s network so that everyone isn’t running on the same server, which ensures that malware doesn’t spread throughout an entire office.

Finally, all work and personal data should be backed up as frequently as possible on external hard drives or a cloud service, which should not be left connected to the main network.

]]>
<![CDATA[The Best Apps for Father’s Day]]> https://www.psafe.com/en/blog/the-best-apps-for-fathers-day/ Thu, 14 Jun 2018 12:00:07 +0000 https://www.psafe.com/en/blog/?p=18175 Father’s Day is on June 17 and it’s the perfect time to give back to your dad with mobile apps that will make his life easier. There’s an app for just about everything these days and the ones we recommend are geared towards appeasing your father’s musical taste, helping him find the perfect brisket recipe, or facilitating his search for the ideal home.

Read More: 5 Ways to Turbo Charge Your Smartphone’s Internet Speed

Read more to learn which 5 best apps your dad deserves on Father’s Day.

Get Dad to Download StubHub
One of the most popular apps of the last 5 years has been StubHub, which compares ticket prices from various websites in order to find your dad the best deal. Whatever his musical taste or favorite sport may be, StubHub can be tailored to find tickets for the right event on any given night. The app can be linked to your dad’s Spotify, plus it can connect to various e-payment platforms to ensure every transaction is hassle-free.

Help Dad Find His Dream Home
If your father is on the hunt for some new real estate, Zillow.com will help him find a more comfortable home for the entire family. The home search app has an intuitive and logical user interface to search for the ideal home based on your dad’s price range. It can also help him sell his current home by valuing properties in his neighborhood.

For the BBQ Hero of Your Life
If your dad loves to grill meats, check out hundreds of recipes on the Weber Grills app. Each recipe has step-by-step instructions, a built-in grill timer, and a grocery list feature to keep your father’s grilling days organized.

When Your Dad is Mad About Sports
Perhaps the hottest sports app at the moment is Bleacher Report, which offers timely scores and news in football, basketball, baseball, hockey, and just about any sport imaginable. The app can be programmed to fit your dad’s interests so he gets notified of the latest stats for his favorite teams.

Improve Your Dad’s Mobile Performance
The best app for optimizing your dad’s mobile device is dfndr performance, which has a quick cleanup feature that gets rid of old files that could be slowing down his phone. It also has an app manager function to remove unused apps he no longer needs. A memory booster feature can enhance his device’s RAM speed as well. After all, you have to help him make room for all these awesome apps. 🙂

]]>
<![CDATA[Who Should You Hide Apps From and Why]]> https://www.psafe.com/en/blog/who-should-you-hide-apps-from-and-why/ Wed, 13 Jun 2018 12:00:46 +0000 https://www.psafe.com/en/blog/?p=18780 With Google Play Store’s teaming collection of exciting apps, there might be a few sensitive apps, as well as guilty pleasures, that you want to keep hidden. Don’t worry; we aren’t here to judge your secret love of Candy Crush. However, we are here to keep your personal information safe from prying eyes and snoops.

Read More: Which Android Apps Should You Be Locking?

If you want to keep curious individuals out of your Android phone, we recommend dfndr security’s applock feature. By creating a secondary passcode, you can quickly lock down apps that you don’t want anyone to access on your device. Whether your phone is stolen or you’re lending it to a friend, using applock can ensure your most important apps are off limits.

The concept of locking down apps, in general, might seem weird. You might be wondering, why bother doing this and on what occasions would you need to?

 Love Knows No Bounds in Your eBooks
We know, you love Stephenie Meyer’s Twilight books; it’s the way she weaves vampire romance onto a page, but you don’t want your friends to discover her books’ in your Kindle app – not to mention all the detailed notes and highlights you took on Edward and Bella’s relationship. Be smart, lock your secrets away, but don’t delete the ‘undead’ passion.

Absolutely Not, You Can’t Buy That on Amazon
Kids seem to be born with an instant ability to understand technology, but that can sometimes have a downside. Keep those prying little fingers out of shopping and financial apps such as Android Pay or the Amazon Store. Sure, you want to make your kid happy, but how thrilled will you be when a $250 LEGO set shows up at your doorstep?

That Embarrassing Photo, ‘You Know the One’
It was late, you definitely lost count of the beers you were drinking and the number of karaoke songs you sang badly. Sure, you can look at the pics and laugh now, but your mother-in-law might beam a cold stare at you when she accidentally clicks on your photo gallery. Lock it all down, and hopefully, she won’t be curious to see what you were up to last Saturday.

Stop Your Friend From ‘Fixing’ Your Love Life
Anyone single can relate to dealing with ‘that person’ – the one who has made it their mission to put you in a relationship. Keep your privacy under wraps, and keep others from swiping left for you. After all, do you really need a date with another person that your friend finds absolutely ‘perfect?’ Maybe it’s time to “fire” your self-appointed matchmaker, because no, that guy in ripped camo shorts with the python probably isn’t your soulmate, no matter what your friend thinks.

]]>
<![CDATA[Manufacturers Caught Lying About Device Security]]> https://www.psafe.com/en/blog/manufacturers-caught-lying-about-device-security/ Sat, 09 Jun 2018 12:00:53 +0000 https://www.psafe.com/en/blog/?p=18307 When you purchase a new Android smartphone, you want to feel assured that the company you chose is doing their best to protect your security. Unfortunately, a recent study by a German security firm showed that a majority of manufacturers we’ve instilled with our trust might not deserve it. Over 1,200 different smartphone from over a dozen vendors have security holes that leave your device and your personal information vulnerable to hackers who can exploit these vulnerabilities.

Begin Protecting Your Device
One way to start protecting your Android if manufacturers aren’t doing it is to use a reliable third-party app like dfndr security. Take advantage of a full virus scan feature and anti-hacking technology that fights any malware threats or phishing attempts. With 21 other great features included, you may not be able to control your manufacturer, but you can stay one step ahead of hackers.


Who is Guilty and Why
The study found that manufacturers who are leaving security gaps in their systems and may be attempting to deceive customers include Google, Sony, Samsung, Wiko Mobile, Xiaomi, OnePlus, Nokia, HTC, Huawei, LG, TCL, Motorola, and ZTE. As you can imagine, these companies are not small players in the Android market. At the top of the charts, Samsung holds almost 48% market share around the globe, putting nearly half of all Android users at risk. But, how exactly are these manufacturers deceiving their customers?

Read More: What You Need to Know About Google’s Security Patch Record

According to the study, the manufacturers have been claiming within their devices’ settings that all security and system patches are up to date when they are actually behind. This practice of deceit not only leaves Android phones vulnerable but also calls into question the validity of a manufacturer’s security practices. In order to find the cleverly hidden lie, the firmware of many devices had to be carefully examined.

For Some, The Problem is Worse Than Others|
Companies with a mix of patched and unpatched devices or only behind by a single patch includes Google, Sony, Samsung, and Wiko Mobile. However, of those noted previously, companies HTC, Huawei, LG, Motorola, TCL, and ZTE are at least 3 or more patches behind. While Google is the company that issues patches for the Android operating system, it’s the responsibility of each manufacturer to deliver patches to their line of handsets accurately.

Some Light at the End of the Tunnel
Luckily, there could be a possible solution. Google has begun implementing a new project they have dubbed Treble. The project attempts to fix manufacturer patching issues by putting more control of Android’s core back into the hands of Google. What this means is your device could be updated as soon as a patch is released without having to wait for a manufacturer. While Treble has been included in Android 8.0 Oreo, not all devices currently support it. However, the good news is the project will be implemented on all Android devices moving forward.

]]>