Hasil tina tés ieu nyorot pentingna milih parangkat lunak kaamanan sareng browser anu leres pikeun ngajagaan tina ancaman phishing.
Dina kuartal kahiji 2023, serangan phishing nyababkeun 31,98% tina sadaya ancaman anu diblokir ku Avast. Sanaos jumlah anu signifikan ieu, masih aya sakedik tés anu ngevaluasi kumaha anti-malware sareng parangkat lunak browser ngajagaan pangguna tina ancaman phishing. Éta sababna kami ngalaksanakeun tés anti-phishing mandiri anu dilakukeun ku AV-Comparatives, laboratorium tés antipirus anu unggul.
Kadé dicatet yén Pilihan produk dijieun sacara mandiri ku AV-Comparatives, sarta sakabeh ngical paralatan diperlakukeun sarua. Boh Avast atawa nu ngical paralatan séjén diuji teu dibere beja sateuacanna ngeunaan tanggal test atawa dibere wawasan salajengna, pikeun ngaleungitkeun sagala poténsi kaunggulan, pangaruh atawa bias.
Naha panyalindungan anti phishing penting
Serangan phishing tujuanana pikeun maok inpormasi pribadi sareng kauangan, masang malware, atanapi nyababkeun karusakan anu sanés. Serangan ieu janten langkung canggih, kalayan penjahat cyber nganggo téknik rékayasa sosial pikeun nipu pangguna. Nalika serangan phishing janten langkung kompleks, penting pisan pikeun pangguna gaduh panyalindungan anti phishing anu efektif pikeun ngajagi inpormasi sareng alatna.
Hasil Uji Anti-Phishing AV-Comparatives
AV-Comparatives nguji rupa-rupa produk antipirus sareng browser pikeun nangtukeun efektivitasna dina ngablokir halaman phishing sareng ngahindarkeun positip palsu. Produk antipirus anu diuji nyaéta Avast Free Antivirus, Avira Free Security, Bitdefender Internet Security, ESET Internet Security, Kaspersky Standard, Malwarebytes Premium, McAfee Total Protection, Microsoft Defender sareng Norton 360 Deluxe.
Dina babak tés ieu, pamimpin panyalindungan anti phishing nyaéta McAfee, Trend Micro, Bitdefender, sareng Avast, kalayan tingkat blokir 95% dugi ka 97%. Husus, Microsoft Defender sareng Chrome Plugin ngagaduhan tingkat blokir 77%, sedengkeun Malwarebytes Premium gaduh tingkat blokir ngan 57%.
Hasil Uji Anti-Phishing Browser
AV-Comparatives nguji laju deteksi halaman phishing tina lima panyungsi anu seueur dianggo, kalebet Avast Secure Browser, Google Chrome, Microsoft Edge, Mozilla Firefox, sareng Opera. Ahéng, Google Chrome, browser panglobana dipaké global, kalawan leuwih ti genep di sapuluh urang ngagunakeun eta, boga panyalindungan phishing awon kalawan laju blok 58%, sedengkeun nu kadua awon Microsoft Edge kalawan laju block 75%. Panyungsi anu nawiskeun panyalindungan anti phishing pangsaéna nyaéta Avast Secure Browser (93%), Opera (87%) sareng Mozilla Firefox (87%).
Di dunya anu saling nyambungkeun ayeuna, panyalindungan anti phishing penting pikeun ngajagi inpormasi pribadi sareng kauangan tina penjahat cyber. Hasil tina tés ieu nyorot pentingna milih parangkat lunak kaamanan sareng browser anu leres pikeun ngajagaan tina ancaman phishing. Hasilna nunjukkeun, sababaraha produk tiasa dianggo langkung saé tibatan anu sanés dina ngahalangan halaman phishing sareng ngahindarkeun positip palsu.
Bacaan salajengna: Pentingna nguji pihak katilu bebas tina solusi anti malware
Hasil tés AV-Comparatives nunjukkeun yén milih browser anu leres sareng parangkat lunak kaamanan tiasa sacara signifikan ngirangan résiko janten korban serangan phishing. Pikeun tetep aman, pangguna henteu ngan ukur ngandelkeun antipirus sareng browser, tapi ogé ngadopsi prakték online anu aman. Salawasna ati-ati nalika ngaklik tautan dina email, pesen téks, atanapi pesen média sosial, sareng ulah masihan inpormasi pribadi ka situs wéb anu teu biasa.
Di Avast, kami komitmen pikeun nganteurkeun solusi kaamanan anu ngarah di industri pikeun ngajagi pangguna tina rupa-rupa ancaman siber, kalebet serangan phishing. Kami resep kana hasil uji anti-phishing AV-Comparatives sareng bakal teras-terasan investasi dina panalungtikan sareng pamekaran pikeun ngajaga sareng ningkatkeun efektivitas produk urang.
Kanggo inpo nu leuwih lengkep, tingali laporan lengkep ti AV-Comparatives.
We all know that our phones know a lot about us. And they most certainly know a lot about where we go, thanks to the several ways they can track our location.
Location tracking on your phone offers plenty of benefits, such as with apps that can recommend a good restaurant nearby, serve up the weather report for your exact location, or connect you with singles for dating in your area. Yet the apps that use location tracking may do more with your location data than that. They may collect it, and in turn sell it to advertisers and potentially other third parties that have an interest in where you go and what you do.
Likewise, cell phone providers have other means of collecting location information from your phone, which they may use for advertising and other purposes as well.
If that sounds like more than you’re willing to share, know that you can do several things that can limit location tracking on your phone—and thus limit the information that can potentially end up in other people’s hands.
How do Smartphones Track Your Movements?
As we look at the ways you can limit location tracking on your phone, it helps to know the basics of how smartphones can track your movements.
For starters, outside of shutting down your phone completely, your phone can be used to determine your location to varying degrees of accuracy depending on the method used:
GPS: The Global Positioning System, or GPS as many of us know it, is a system of satellites operated by the U.S. government for navigation purposes. First designed for national defense, the system became available for public use in the 1980s. It’s highly accurate, to anywhere between nine to 30 feet depending on conditions and technology used, making it one of the strongest tools for determining a phone’s location. This is what powers location services on cell phones, and thus can help an app recommend a great burger joint nearby.
Cell towers: Cell phone providers can track a phone’s location by the distance it is to various cell phone towers and by the strength of its signal. The location information this method provides is a bit coarser than GPS, providing results that can place a phone within 150 feet. It’s most accurate in urban areas with high densities of cell phone towers, although it does not always work well indoors as some buildings can weaken or block cell phone signals. One of the most significant public benefits of this method is that it automatically routes emergency services calls (like 911 in the U.S.) to the proper local authorities without any guesswork from the caller.
Public Wi-Fi: Larger tech companies and internet providers will sometimes provide free public Wi-Fi hotspots that people can tap into at airports, restaurants, coffeehouses, and such. It’s a nice convenience but connecting to their Wi-Fi may share a phone’s MAC address, a unique identifier for connected devices, along with other identifiers on the smartphone. Taken together, this can allow the Wi-Fi hosting company to gather location and behavioral data while you use your phone on their Wi-Fi network.
Bluetooth: Like with public Wi-Fi, companies can use strategically placed Bluetooth devices to gather location information as well. If Bluetooth is enabled on a phone, it will periodically seek out Bluetooth-enabled devices to connect to while the phone is awake. This way, a Bluetooth receiver can then capture that phone’s unique MAC address. This provides highly accurate location information to within just a few feet because of Bluetooth’s short broadcast range. In the past, we’ve seen retailers use this method to track customers in their physical stores to better understand their shopping habits. However, more modern phones often create dummy MAC addresses when they seek out Bluetooth connections, which helps thwart this practice.
Now here’s what makes these tracking methods so powerful: in addition to the way they can determine your phone’s location, they’re also quite good at determining your identity too. With it, companies know who you are, where you are, and potentially some idea of what you’re doing there based on your phone’s activity.
Throughout our blogs we refer to someone’s identity as a jigsaw puzzle. Some pieces are larger than others, like your Social Security number or tax ID number being among the biggest because they are so unique. Yet if someone gathers enough of those smaller pieces, they can put those pieces together and identify you.
Things like your phone’s MAC address, ad IDs, IP address, device profile, and other identifiers are examples of those smaller pieces, all of which can get collected. In the hands of the collector, they can potentially create a picture of who you are and where you’ve been.
What Happens to Your Location Information That Gets Collected?
What happens to your data largely depends on what you’ve agreed to.
In terms of apps, we’ve all seen the lengthy user agreements that we click on during the app installation process. Buried within them are terms put forth by the app developer that cover what data the app collects, how it’s used, and if it may be shared with or sold to third parties. Also, during the installation process, the app may ask for permissions to access certain things on your phone, like photos, your camera, and yes, location services so it can track you. When you click “I Agree,” you indeed agree to all those terms and permissions.
Needless to say, some apps only use and collect the bare minimum of information as part of the agreement. On the other end of the spectrum, some apps will take all they can get and then sell the information they collect to third parties, such as data brokers that build exacting profiles of individuals, their histories, their interests, and their habits.
In turn, those data brokers will sell that information to anyone, which can be used by advertisers along with identity thieves, scammers, and spammers. And as reported in recent years, various law enforcement agencies will purchase that information as well for surveillance purposes.
Further, some apps are malicious from the start. Google Play does its part to keep its virtual shelves free of malware-laden apps with a thorough submission process as reported by Google and through its App Defense Alliance that shares intelligence across a network of partners, of which we’re a proud member. Android users also have the option of running Play Protect to check apps for safety before they’re downloaded. Apple has its own rigorous submission process for weeding out fraud and malicious apps in its store as well.
Yet, bad actors find ways to sneak malware into app stores. Sometimes they upload an app that’s initially clean and then push the malware to users as part of an update. Other times, they’ll embed the malicious code so that it only triggers once it’s run in certain countries. They will also encrypt malicious code in the app that they submit, which can make it difficult for reviewers to sniff out. These apps will often steal data, and are designed to do so, including location information in some cases.
As far as cell phone service providers go, they have legitimate reasons for tracking your phone in the ways mentioned above. One is for providing connectivity to emergency service calls (again, like 911 in the U.S.), yet others are for troubleshooting and to ensure that only legitimate customers are accessing their network. And, depending on the carrier, they may use it for advertising purposes in programs that you may willingly opt into or that you must intentionally opt out of.
Ways to Limit Tracking on Your Smartphone
We each have our own comfort level when it comes to our privacy. For some, personalized ads have a certain appeal. For others, not so much, not when it involves sharing information about themselves. Yet arguably, some issues of privacy aren’t up for discussion, like ending up with a malicious data-stealing app on your phone.
In all, you can take several steps to limit tracking on your smartphone to various degrees—and boost your privacy to various degrees as a result:
Switch your phone into Airplane Mode. Disconnect. Without a Wi-Fi or data connection, you can’t get tracked. While this makes you unreachable, it also makes you untraceable, which you may want to consider if you’d rather keep your whereabouts and travels to yourself for periods of time. However, note that iPhones have a feature called “Find My Network” that helps track lost devices, even when they are powered off or disconnected.
Turn off location services altogether. As noted above, your smartphone can get tracked by other means, yet disabling location services in your phone settings shuts down a primary avenue of location data collection. Note that your maps apps won’t offer directions and your restaurant app won’t point you toward that tasty burger when location services are off, but you will be more private than with them on.
Provide permissions on an app-by-app basis. Another option is to go into your phone settings and enable location services for specific apps in specific cases. For example, you can set your map app to enable location services only while in use. Other apps, you can disable location services entirely. Yet another option is to have the app ask for permissions each time. Note that this is a great way to discover if apps have defaulted to using location services without your knowledge when you installed them. On an iPhone, you can find this in Settings à Privacy & Security à Location Services. On an Android, go to Settings à Locations à App Locations Permissions.
Delete old apps. And be choosy about new ones. Fewer apps mean fewer avenues of potential data collection. If you have old, unused apps, consider deleting them, along with the accounts and data associated with them. Also, steer clear of unofficial app stores. By sticking with Google Play and Apple’s App Store, you have a far better chance of downloading safe apps thanks to their review process. Check out the developer of the app while you’re at it. Have they published several other apps with many downloads and good reviews? A legit app typically has quite a few reviews, whereas malicious apps may have only a handful of (phony) five-star reviews.
Turn off Bluetooth while not in use. You can keep passive location-sniffing techniques from logging your location by disabling your phone’s Bluetooth connectivity when you aren’t using it.
Use a VPN.A VPN can make your time online more private and more secure by obscuring things like your IP address and by preventing snoops from monitoring your activity.
On iPhones, look into using Private Relay.Apple’s Private Relay is similar to a VPN in that it changes your IP address so websites you visit can’t tell exactly where you are. It works on iOS and Macs as part of an iCloud+ subscription. Yet there is one important distinction: it only protects your privacy while surfing with the Safari browser. Note that as of this writing, Apple Private Relay is not available in all countries and regions. If you travel somewhere that Private Relay isn’t available, it will automatically turn off and will notify you when it’s unavailable and once more when it’s active again. You can learn more about it here and how you can enable it on your Apple devices.
Stash your phone in a Faraday bag. You can purchase one of these smartphone pouches online that, depending on the model, can block Bluetooth, cellular, GPS, RFID, and radio signals—effectively hiding your phone and that prevent others from tracking it.
Opt out of cell phone carrier ad programs. Different cell phone carriers have different user agreements, yet some may allow the carrier to share insights about you with third parties based on browsing and usage history. Opting out of these programs may not stop your cell phone carrier from collecting data about you, but it may prevent it from sharing insights about you with others. To see if you participate in one of these programs, log into your account portal or app. Look for settings around “relevant advertising,” “custom experience,” or even “advertising,” and then determine if these programs are of worth to you.
More privacy on mobile
There’s no way around it. Using a smartphone puts you on the map. And to some extent, what you’re doing there as well. Outside of shutting down your phone or popping into Airplane Mode (noting what we said about iPhones and their “Find My Network” functionality above), you have no way of preventing location tracking. You can most certainly limit it.
For yet more ways you can lock down your privacy and your security on your phone, online protection software can help. Our McAfee+ plans protect you against identity theft, online scams, and other mobile threats—including credit card and bank fraud, emerging viruses, malicious texts and QR codes. For anyone who spends a good portion of their day on their phone, this kind of protection can make life far safer given all the things they do and keep on there.
Introducing McAfee+
Identity theft protection and privacy for your digital life
Information about what you eat, what you watch, who you text, who you sleep with and where you’re going on vacation has long been a commodity. You basically give it to your browser for free, which then passes it on to companies you have no interest in for them to monetize. If that makes you uncomfortable, you’ve come to the right place — we’re here to help you find a private browser that respects your privacy! But before listing these alternatives, we need to highlight what’s actually wrong with the world’s most popular browser — used by two-thirds of the world’s netizens.
What’s wrong with Chrome privacy?
If you’re interested in the topic of user data collection, you probably already know all about Google, and so you can skip this part. But for those who’ve just joined us so to speak, we’ll briefly explain Chrome’s attitude to user privacy, and why the browser is best avoided.
It’s important to realize that Google gets the lion’s share of its revenue (in 2022 more than 80%) from selling ads. And the basis of such outstanding success of the company in the advertising business is user data. It’s this data that allows advertisers to target audiences far more precisely than through other platforms. That’s because Google can — and does — collect far more of your data than anyone else.
Its sources of user data are wide-ranging: from highly visible products and services used by everyone (search, YouTube, Android, etc.), to invisible ones like Google’s analytical tools, which are used by most websites and applications. Of course, Google’s own browser, Chrome, plays a not-insignificant role in all this.
If you use Chrome, Google can see just about everything you get up to online. And there’s nothing you can do about it: delete as many cookies as you like or browse in Incognito mode, it won’t make a lot of difference — Google will still hoover up data about your internet activity.
And don’t forget that, besides Google, hundreds of other companies are also tracking your actions in cyberspace. And Chrome doesn’t really do much to stop this. But never fear, there are lots of other browsers out there that treat your data far more delicately: they collect less data, link it less rigidly to a concrete identity, and are more proactive in preventing data collection by other parties.
These more privacy-minded alternatives to Chrome are the topic of this post. But since it would take too long to list them all, we’ll focus here on some of the more interesting options — in ascending order of complexity.
Simplest: Microsoft Edge and Apple Safari
Great news for those too lazy to download and install something else: you can get rid of Chrome without lifting a finger. Users of Windows or macOS/iOS just need to switch to the preinstalled browser: Microsoft Edge or Apple Safari, respectively.
Apple Safari
Operating systems: iOS, macOS Based on: Apple’s own development Strict privacy mode: no
User security and privacy have been priorities for Apple for some time now. It first took action against third-party tracking of Safari users five years ago. The latest versions of the native iOS and macOS browser block trackers on sites by default, and are able to hide the user’s IP address and report how many tracking elements have been blocked on viewed pages.
And while Safari may not be the most private browser of all (it allows some trackers and has a unique fingerprint), everything works by default right away — you don’t have to configure anything or enable private mode. In short, if you have an iPhone, iPad or Mac, Safari is a great way to increase online privacy with no effort at all.
Pros:
Installed on iOS and macOS by default.
No setting up required — just open and surf away.
Cons:
No versions for other OSes.
No strict privacy mode.
Average level of anti-tracking protection.
Microsoft Edge
Operating systems: Windows, Android, iOS, macOS, Linux Based on: Chromium Strict privacy mode: yes
Following Apple’s example, Microsoft felt obliged to beef up privacy in its own browser. The current version of Edge features highly effective built-in tools for combating web trackers; however, they’re not enabled by default. On the plus side, as before, Windows users don’t have to install anything — the browser comes with the operating system.
There are three main drawbacks to Edge…
First, there’s the fact that it’s based on Google’s open-source browser Chromium, which underpins Chrome — the very browser we’re trying to avoid. Chromium has in the past been caught sending data to Google (to be fair, this was quickly rectified).
Second, Edge sends quite a lot of data to Microsoft’s servers. This isn’t good, of course, but at least Microsoft’s cross-platform tracking abilities are less developed than Google’s.
Third, in the default basic mode, Edge does nothing to deter web trackers. To combat them, you need to enable strict privacy mode in the settings — something that few users will bother to do.
Pros:
Installed on Windows by default.
Versions exist for all other OSes.
Great protection against trackers in strict privacy mode.
Cons:
Doesn’t stop trackers at all in basic mode.
Based on Google’s Chromium.
Collects data for Microsoft.
More complex: Mozilla Firefox and Vivaldi
Now let’s look at a couple of options that require downloading and installing. Note that both are noticeably better at combating web trackers than the native browsers in Windows, iOS and macOS, and at the same time they’re still quite simple and user-friendly, so switching over is relatively painless.
Mozilla Firefox
Operating systems: Windows, Android, iOS, macOS, Linux Based on: Mozilla’s own development Strict privacy mode: yes
Mozilla Firefox is the only browser that was developed from start to finish independently of any IT giant (at least directly). Firefox is particularly notable for its in-house web engine. Mozilla gets most of its revenue from the search engines Google, Yandex and Baidu for setting them as default (depending on the region, of course) in the browser settings. But that’s about it: Mozilla doesn’t sell user data and doesn’t try to stop you changing the default search engine in Firefox to something else.
Even in basic mode, Firefox offers great protection against online tracking. And if you crank up the privacy slider to the top, it’s one of the best in the business. Incidentally, in addition to the regular Firefox, there’s also a version for mobile OSes called Firefox Focus, which is even more privacy-focused (available for both Android and iOS).
Pros:
Versions exist for all OSes.
Decent protection against trackers even in basic mode.
Great protection against trackers in strict privacy mode.
Mozilla’s own development.
Cons:
Vivaldi
Operating systems: Windows, Android, macOS, Linux Based on: Chromium Strict privacy mode: yes
Vivaldi’s developers concentrate primarily on privacy. The brains behind this browser belong to Jon Stephenson von Tetzchner, the legendary creator of Opera (once considered one of the most secure browsers, even having a built-in VPN). Vivaldi boasts a lot of customization options: its settings cover two dozen screens.
The browser has a built-in ad and web-tracker blocker, which does a fine job. Another interesting feature: Vivaldi lets you set different search engines for normal and private windows, which makes it possible to quickly switch between, say, Bing, Google, and DuckDuckGo.
Like Mozilla, Vivaldi earns its crust from user searches in search engines, as well as from placing links to various internet services on the browser’s home screen. At the same time, Vivaldi’s creators openly state that they don’t engage in any kind of user data collection, profiling or tracking. The only thing to bear in mind is that Vivaldi, like Edge, is based on Google’s Chromium engine (see above for potential issues).
Pros:
Versions exist for all operating systems except iOS.
Great protection against trackers in strict privacy mode.
Huge amount of customization.
Cons:
Based on Google’s Chromium.
Hardcore: DuckDuckGo, Tor Browser, Mullvad Browser
Lastly, for extreme privacy seekers, there are DuckDuckGo, Tor Browser and Mullvad Browser. Although there’s nothing hugely complex about them, maximum anti-tracking protection comes at the expense of surfing speed and user-friendliness. So if you want total control over your data, you’ll have to put in some effort.
DuckDuckGo
Operating systems: Windows, Android, iOS, macOS Based on: Mozilla Firefox Strict privacy mode: maximum privacy by default
The DuckDuckGo browser was created by the team behind the private search engine of the same name, so, as you might guess, that’s the default option. An important detail: you can’t change the default search engine, so it may take some time to get used to both the browser and the search interface.
Among other things, DuckDuckGo helps against user tracking on YouTube: it offers a browsing mode in which it opens all YouTube videos in the native Duck Player.
DuckDuckGo’s developers make no secret of the fact that they earn money from ads in search results, but point out that they do so without tracking or profiling users, based only on the content of search queries: “If you search for cars, we’ll show you ads about cars. It’s that simple.”
Pros:
Versions exist for all operating systems except Linux.
Great anti-tracking protection.
Maximum privacy settings right out of the box.
Uses the private search engine DuckDuckGo.
Plays YouTube videos in its own Duck Player.
Let’s you quickly delete all history and start surfing with a clean slate.
Cons:
Tor Browser
Operating systems: Windows, Android, macOS, Linux Based on: Mozilla Firefox Strict privacy mode: maximum privacy by default
Tor Browser is Mozilla Firefox on steroids. Its creators made it as secure as possible against online tracking, with strict privacy mode enabled out of the box. Tor is great at blocking trackers, has a minimally unique fingerprint, and uses the DuckDuckGo search engine by default (can be changed in the settings).
But the main feature is that all traffic in Tor Browser is routed through the Tor (The Onion Router) network — with all the advantages and disadvantages this entails. The chief plus, of course, is maximum anonymity and anti-tracking protection; the main minus is the low surfing speed. For those accustomed to modern connection speeds, browsing in Tor will be quite painful. It’s possible to configure Tor Browser to work without the Tor network, but there’s a better option, which we discuss below.
Tor Browser is available for all desktop operating systems, as well as for Android. But not for iOS: instead, the Tor Project recommends that iPhone owners use the Onion Browser app, made by a Tor-friendly developer.
Pros:
Great anti-tracking protection.
Versions exist for all operating systems except iOS.
Maximum privacy settings right out of the box.
Uses the private search engine DuckDuckGo.
Lets you quickly delete all history and start surfing with a clean slate.
Anonymous connection through the Tor network.
Cons:
Mullvad Browser
Operating systems: Windows, macOS, Linux Based on: Mozilla Firefox Strict privacy mode: maximum privacy by default
Mullvad Browser is basically the answer to the above question of how to use Tor Browser without the Tor network. It’s essentially the same browser, only instead of The Onion Router network it offers a secure connection through Mullvad VPN, an anonymous VPN service that even allows users to pay in cash sent by snail mail — all in the name of privacy.
All other features remain in place: excellent protection against web trackers immediately after installation, with the ability to enhance privacy and security using custom settings. Despite this, the connection speeds are still very fast, so surfing with Mullvad Browser doesn’t evoke memories of the dial-up modem era.
Mullvad Browser was launched just recently, so currently it’s available only for desktop operating systems — we’ll have to sit patiently for Android and iOS versions.
Pros:
Great anti-tracking protection.
Maximum privacy settings right out of the box.
Uses the DuckDuckGo search engine by default.
Lets you quickly delete all history and start surfing with a clean slate.
Cons:
No versions for Android and iOS.
Private surfing: what else to consider
Finally, a few extra tips on how to make internet surfing as private as possible:
If a “hardcore” private browser just isn’t your thing, try using several different browsers at the same time, varying the balance between privacy and ease of surfing as per the circumstances.
Set the most private browser you use as the default: this way, it will automatically open any link you click on, so you won’t need search and other wonders of technology.
Try not to install browser extensions unless absolutely necessary — these are commonly used for tracking (and not only).
Use a reliable VPN to secure the connection and hide your IP address.
Bayangkeun yén anjeun badé nyéred file anu tangtu dina komputer anjeun. Anjeun klik dina file jeung ujug-ujug aya bewara pop up dina layar Anjeun nyebutkeun komputer Anjeun compromised sarta pikeun meunangkeun deui payil Anjeun kudu mayar. Ieu katelah ransomware, jinis malware jahat anu henteu deui ditangtayungan pikeun multi-jutawan sareng perusahaan. Penjahat siber nahan file komputer jalma biasa sareng dokumén pribadi anu sénsitip disandera pikeun kauntungan finansial sorangan.
Ieu sadayana anu anjeun kedah terang ngeunaan kumaha ransomware asup kana alat anjeun sareng tujuh kaamanan digital Kabiasaan anjeun tiasa ngamimitian ayeuna pikeun nyegah éta kajadian ka anjeun.
Kumaha Ransomware Dipasang dina Alat?
Ransomware nginféksi alat anu disambungkeun – smartphone, laptop, tablet sareng desktop – nalika nu gaduh alat teu sadar ngaklik tautan atanapi pop-up anu ngagaduhan parangkat lunak jahat anu dipasang di jerona.
Usaha phishing mangrupikeun kendaraan umum pikeun nyebarkeun ransomware. Penjahat cyber nutupan tautan jahatna dina email, téks, atanapi pesen langsung média sosial anu ngadesek réspon gancang sareng ngancam akibat anu parah. Contona, hiji phisher bisa impersonate bank jeung boga hiji panarima polos klik link pikeun cageur jumlah badag duit. Sabalikna, tautanna henteu nuju ka halaman wéb bank resmi, tapi ka halaman unduhan malware. Ti dinya, parangkat lunak ransomware ngawasa sareng ngamungkinkeun para penjahat cyber pikeun ngonci sareng ngonci file anu paling penting anjeun.
Naon anu kudu dipigawé lamun alat Anjeun kainfeksi Ransomware
Upami penjahat cyber ngahubungi anjeun sareng nyarioskeun yén aranjeunna nahan file anjeun disandera, ulah kalibet sareng aranjeunna sareng ulah mayar tebusan. Sanaos anjeun mayar tebusan, henteu aya jaminan yén penjahat bakal ngaleupaskeun file anjeun. Barina ogé, aranjeunna penjahat, sarta anjeun teu bisa dipercaya. Masihan sareng mayar tebusan ningkatkeun kapercayaan penjahat cyber yén skéma na jalan, ku kituna aranjeunna bakal teras-terasan ngalakukeun panipuan.
Tetep tenang jeung geura pegatkeun sambungan alat Anjeun nu kainfeksi ransomware tina Wi-Fi. Ieu bakal nyegah program tina luncat tina hiji alat ka alat sejen disambungkeun ka jaringan nu sami. Lajeng, dina alat sejen, buka Taya deui Proyék Tebusan. Inisiatif ieu, dirojong ku McAfee, gaduh arsenal saran sareng kode anu tiasa ngaleungitkeun program anu ngabahayakeun alat anjeun. Salaku tambahan, laporkeun acara ka Cybersecurity & Badan Kaamanan Infrastruktur. Agén tiasa ngabantosan anjeun muka konci alat anjeun atanapi mamatahan anjeun ngeunaan cara neraskeun.
7 Kabiasaan Kaamanan Digital pikeun Nyegah Ransomware
Cara anu pangsaéna pikeun nyiapkeun ransomware nyaéta pikeun nyegah éta kajadian di tempat munggaran. Tujuh kabiasaan online ieu mangrupikeun cara anu saé pikeun ngajaga alat anjeun sareng inpormasi anu tiasa diidentipikasi sacara pribadi anu disimpen tina ragrag kana panangan cybercriminals.
1. Nyadangkeun data anjeun
Penjahat cyber teu gaduh pangaruh upami alat anjeun henteu nyimpen naon waé anu berharga. Nyadangkeun file anjeun anu paling penting unggal sababaraha bulan, boh ka méga atanapi ka hard drive. Ku cara ieu, upami anjeun nampi inféksi ransomware, anjeun tiasa mupus alat anjeun sareng pasang deui file anjeun tina cadangan. Cadangan ngajaga data anjeun, sareng anjeun moal kagoda pikeun ngaganjar pangarang malware ku cara mayar tebusan.
2. Candak panyalindungan sandi serius
Nalika ngamutahirkeun Kapercayaan anjeun, anjeun kedah salawasna mastikeun yén anjeun sandi kuat tur unik. Bahaya pikeun ngagunakeun deui kecap akses anu sami dina akun sabab sadayana anu diperyogikeun pikeun nempatkeun akun anjeun dina résiko mangrupikeun pelanggaran data pikeun ngabocorkeun kecap akses anjeun ka wéb poék. Ampir teu mungkin pikeun nginget sadaya kecap akses sareng kombinasi nami pangguna anjeun, janten percanten ka manajer kecap konci pikeun nyimpen éta pikeun anjeun.
3. Aktipkeun auténtikasi dua-faktor atawa multi-faktor
Auténtikasi dua atawa multi-faktor nyadiakeun lapisan tambahan kaamanan, sabab merlukeun sababaraha bentuk verifikasi pikeun asup kana rekening online. Contona, anjeun bakal dipenta pikeun pariksa idéntitas anjeun nganggo kode sakali anu dikirim ka telepon sélulér anjeun atanapi ngajawab patarosan kaamanan sareng kecap konci anu leres. Léngkah tambahan ieu dina prosés login ngagagalkeun plot ransomware sabab upami anjeun nyimpen dokumén penting anjeun di tukangeun program awan anu ditangtayungan ku auténtikasi multi-faktor, penjahat ngagaduhan sakedik nilai pikeun disandera.
4. Kudu ati dimana anjeun klik
Entong ngaklik tautan atanapi ngabales email, pesen langsung média sosial, sareng pesen téks ti jalma anu anjeun henteu terang. Ieu penting sabab phishers mindeng nipu jalma kana ngundeur malware jeung ransomware software ngaliwatan tumbu cryptic.
Ngagunakeun ekstensi kaamanan dina pangotektak wéb anjeun mangrupikeun salah sahiji cara pikeun ngotéktak langkung aman. McAfee WebAdvisor, contona, ngingetkeun anjeun nalika anjeun ngasupkeun situs picilakaeun anu tiasa nyimpen malware. Situs wéb anu ngaku gaduh acara TV gratis, pilem sareng parangkat lunak mangrupikeun anu paling bahaya.
5. Ngan nyambung ka jaringan aman
Jaringan Wi-Fi umum – sapertos anu aya di perpustakaan, toko kopi, hotél sareng bandara – sering henteu aman. Kusabab saha waé tiasa log in, anjeun moal tiasa percanten yén sadayana dina jaringan gaduh niat anu saé. Penjahat siber sering ngarecah kana jaringan umum sareng nguping sacara digital dina alat anu nyambung ka aranjeunna. Janten, anjeun tiasa ngahindarkeun Wi-Fi umum sadayana sareng ngan ukur ngaksés internét ngalangkungan 5G, atanapi anjeun tiasa ngaktipkeun a jaringan pribadi virtual. VPN mangrupikeun jaringan pribadi anu leres-leres énkripsi lalu lintas internét anjeun, ngajantenkeun anjeun teu anonim sacara online.
6. Apdet alat Anjeun ka software panganyarna
Ulah malire bewara alat Anjeun pikeun ngapdet software Anjeun. Ngajaga software Anjeun up-to-date nyaeta cara pangalusna pikeun nyegah penjahat cyber tina maksa jalan ka alat Anjeun. Pembaruan parangkat lunak biasana kalebet patch kaamanan kritis anu nutup sagala liang anu tiasa disusup ku plot ransomware.
7. Ngadaptarkeun solusi kaamanan komprehensif
Pikeun tambihan katenangan, pilih lapisan kaamanan tambahan kalayan solusi sapertos McAfee + pamungkas, nu ngawengku cakupan ransomware nepi ka $25,000. McAfee+ Ultimate ogé kalebet VPN, manajer sandi, sareng ekstensi browsing aman pikeun ngajaga kagiatan online anjeun pribadi.
Nepangkeun McAfee+
Maling identitas sareng panyalindungan privasi pikeun kahirupan digital anjeun
Diantara jaringan sosial, LinkedIn nyepeng posisi anu rada unik. Platform ieu dirancang pikeun komunikasi antara professional, nu otomatis ngakibatkeun kontak jeung jalma anyar, ampir lengkep transparansi informasi pamaké, kitu ogé gelar cukup luhur kapercayaan di strangers.
Kakuranganna nyaéta rélatif gampang pikeun nyiptakeun profil palsu anu masuk akal. Salaku conto, dina usum gugur taun 2022, ahli kaamanan Brian Krebs mendakan sajumlah ageung akun LinkedIn palsu anu ngaku milik Kapala Perwira Kaamanan Informasi perusahaan internasional utama. Ditambah sababaraha rébu rekening palsu daptar usaha nyata salaku dunungan.
Motif tina fraudsters rupa-rupa. Tapi hiji hal anu aranjeunna sami nyaéta aranjeunna henteu paduli merek HR atawa reputasi pausahaan aranjeunna sakuduna dituju dianggo pikeun. Kalayan ieu dina pikiran – dua patarosan timbul: naha mungkin pikeun ngaleungitkeun LinkedIn palsu, sareng kumaha anjeun tiasa ngajaga merek perusahaan anjeun?
Kumaha LinkedIn ngalawan propil palsu
Masalah propil palsu dina LinkedIn sanés énggal. Unggal genep bulan, jaringan sosial ngalaporkeun, diantarana, sabaraha akun palsu anu diblokir. Jumlah pastina beda-beda ti taun ka taun, tapi urang nuju ngawangkong ngeunaan puluhan juta profil unggal periode ngalaporkeun. Salaku conto, ti mimiti 2019 dugi ka pertengahan 2022, jaringan sosial ngablokir ampir 140 juta akun palsu.
Kaseueuran profil LinkedIn palsu (95.4% dina H1 2022) otomatis diblokir. Seringna, akun palsu dileungitkeun nalika masih dina tahap pendaptaran: gumantung kana périodena, 70-90% akun anu dilarang ditembak nalika lepas landas. Propil palsu diblokir sabab keluhan pamaké jumlahna kirang ti hiji persen. Henteu seueur ogé sacara mutlak: contona, ngan ukur 190,000 palsu anu diblokir kusabab keluhan dina H1 2022.
LinkedIn teu nangtukeun persis kumaha carana ngaidentipikasi propil curiga, tapi nyadiakeun sababaraha rinci ngeunaan naon jalma wondering ngeunaan. Hiji bandéra beureum nyaéta over-olahtalatah. Sejen nyaeta mismatch geografis – lamun “Lokasi” dina profil nembongkeun hiji wewengkon, tapi akun didaptarkeun dina hiji lengkep béda. Ogé, hiji halaman tiasa ditandaan salaku curiga upami éta ngabagi sababaraha pola sareng halaman palsu sanés anu dideteksi sareng diblokir.
Ahir taun ka tukang, LinkedIn ngenalkeun sababaraha inovasi anu ditujukeun pikeun ngalawan pemalsuan:
Jaringan sosial ayeuna pariksa poto profil pikeun ningali naha éta dihasilkeun ku AI.
Pesen curiga ayeuna mawa peringatan.
Fitur anyar anu sanés nyaéta tab “Ngeunaan profil ieu”. Éta nunjukkeun tanggal perkiraan pendaptaran akun sareng inpormasi anu sanés pikeun ngabantosan pangguna mutuskeun naha éta tiasa dipercaya.
Pikeun milarian tab “Ngeunaan profil ieu”, pencét Deui di luhur halaman pangguna
Dupi éta dianggo?
Tapi naha tindakan LinkedIn ngalawan propil palsu tiasa dianggo? Pikeun manggihan, kabel majalah ngalakukeun percobaan saeutik. Mimiti, wartawan nyiptakeun dua profil palsu anu dieusi téks sareng poto anu dibangkitkeun AI. Poé saterusna, LinkedIn nanya ka duanana pamaké pikeun ngonfirmasi identitas maranéhanana sarta réngsé nepi blocking rekening.
Salajengna, wartawan nyobian pendekatan anu béda: aranjeunna ngadamel salinan pinuh ku profil hiji jalma kabel éditor sorangan; kalawan hiji bédana – poto profil diganti (jeung poto aslina sejen). Ogé hiji-hijina inpormasi kontak anu disayogikeun nyaéta alamat email anu kadaptar sareng Proton Mail (layanan email wéb énkripsi anu populer sareng jalma-jalma anu ngahargaan anonimitas). Akun palsu ieu aya dina LinkedIn salila dua bulan pinuh, narima jeung ngirim talatah, nyieun kontak anyar, jeung promosi. kabel eusi, saméméh wartawan sorangan dihapus eta.
Kumaha hasilna? Percobaan ieu nunjukeun yen LinkedIn téh geulis alus dina kaayaan fakes basajan. Tapi saha waé anu peryogi sakedik waktos sareng perhatian pikeun ngadamel palsu anu langkung ngayakinkeun, ngagunakeun inpormasi anu nyata ngeunaan jalma nyata, tiasa ngaliwat gatekeepers LinkedIn.
Kumaha ngabersihan halaman LinkedIn palsu perusahaan anjeun
Aya kamungkinan yén aya anu nganggo nami perusahaan anjeun – sareng inpormasi batur sapagawean anjeun – pikeun tujuan jahat sorangan. Ku alatan éta, kami nyarankeun miceun profil palsu tina daptar karyawan perusahaan anjeun. Mimitian ku ngukur skala masalah: ngan ukur ngabandingkeun jumlah profil LinkedIn anu daptar perusahaan anjeun salaku dunungan ayeuna sareng jumlah karyawan saleresna.
Ogé, laksanakeun penilaian géografis: tingali sabaraha karyawan anjeun kadaptar di daérah anu tangtu numutkeun LinkedIn, sareng bandingkeun éta sareng kanyataan. Ieu bakal ngabantosan ngalokalkeun masalah, sabab profil palsu sigana nunjukkeun daérah khusus dimana scammers milarian korban. Kusabab ieu, akun palsu dimana perusahaan anjeun didasarkeun tiasa henteu disebarkeun merata di sakumna dunya (kamungkinan konséntrasi dina hiji atanapi sababaraha daérah).
Gumantung kana hasil pamariksaan ieu, kitu ogé ukuran sakabéh perusahaan anjeun, léngkah-léngkah salajengna tiasa béda-béda. Upami jumlah palsu relatif leutik sareng anjeun tiasa ngalokalkeun sacara geografis, éta kedah gampang pikeun ngaidentipikasi seuseueurna sareng ngalaporkeun ka dukungan LinkedIn.
Upami masalahna aya dina skala anu langkung ageung, masuk akal pikeun ngamimitian ngabersihan ti luhur ka handap, prioritas profil palsu anu posing salaku karyawan tingkat luhur. Cara pangbasajanna nyaéta nyandak daptar manajer senior sareng milarian profil LinkedInna ku nami. Lamun duplikat kapanggih, kaca aslina bakal paling dipikaresep bisa dibédakeun ti palsu ku tanggal pendaptaran. Awaskeun ogé pikeun henteu cocog géografis, ogé gambar profil anu ganjil.
Platformna sorangan tiasa ngabéréskeun masalah kalayan sahenteuna pemalsuan tingkat luhur ku pariksa akun tokoh masarakat sareng eksekutif perusahaan, contona, nganggo lencana biru anu akrab. Nanging, hanjakalna, LinkedIn ngumumkeun rencana pikeun ngenalkeun metode sapertos kitu ngan dina April 2023. Pikeun ngamimitian, verifikasi ngan bakal sayogi dina modeu percobaan pikeun sababaraha perusahaan utama AS. Nalika organisasi anu sanés tiasa mastikeun yén pangguna jaringan leres-leres karyawanna teu tiasa diprediksi.
Sisi poék bulan: karyawan palsu ti pausahaan séjén
Aya sisi séjén pikeun masalah ieu: penipu tiasa nyerang karyawan anjeun nganggo profil LinkedIn palsu jalma anu disangka damel pikeun organisasi sanés. Anjeun teu kedah milari jauh kanggo conto dimana ieu tiasa ngakibatkeun: ngan taun ka tukang serangan sapertos kitu dilakukeun ngalawan Sky Mavis, pamekar kaulinan maén-to-earn. Aksi Taya Wates.
Panyerang ngahubungi salah sahiji karyawan perusahaan liwat LinkedIn, disangka nawaran padamelan. Salajengna, aranjeunna ngirimkeun karyawan anu kainféksi PDF anu aranjeunna tiasa aksés kana jaringan perusahaan sareng maok konci anu dianggo pikeun validasi transaksi. Kalayan konci ieu, aranjeunna ngabersihan akun cryptocurrency perusahaan. Karugian éta langkung ti $ 500 juta, nampi ieu gelar kahormatan tina salah sahiji heists crypto pangbadagna dina sajarah.
Salamet tina serangan sapertos kitu moal gampang. Nanging, ningkatkeun kasadaran karyawan anjeun ngeunaan kaamanan inpormasi pasti tiasa ngajantenkeun bédana. Sareng cara anu pangsaéna pikeun ngalakukeun éta nyaéta ngaliwatan pelatihan cybersecurity biasa. Solusi idéal pikeun ieu nyaéta Platform Kasadaran Kaamanan Otomatis Kaspersky.
