By Vic Hargrave

One of the troubles with this mobile computing world of ours is that having our data files by our sides at all times increases the risk of data loss and unwanted exposure. You’ve probably heard about the careless company executive that had his laptop PC stolen and then found out later that sensitive company data was contained on the system, including credit card numbers, financial account, information, company network passwords and so on.

I think many of us – not just this executive who’s probably looking for a new job right about now – keep sensitive files on our laptop PCs, particularly if we don’t use desktop systems anymore. I know I do.

Take Internet account passwords for example. Unless you use one password for everything – a really bad idea – or you have a great memory, you probably put those passwords in a spreadsheet or other kind of file for easy access and reference. Or maybe you are running off to your tax accountant with all sorts receipts that contain your bank account information and credit card numbers. In either case, I’ll show you how to use Trend Micro™ Titanium™ Maximum Security‘s Vault feature to keep the data you store on your computer safe and sound.

Creating a Vault

Creating a Vault is a breeze. Just open your Titanium console using your administrative password. Next click on the Data icon. Then click on the Trend Micro Vault button as shown below.

Titanium will display a screen that indicates what happens when you want to access your vault or what you can do if you lose your computer.  It appears as follows:

This screen will be shown every time you go into the Trend Micro Vault area. You can prevent the display by clicking in the Don’t show this introduction again checkbox.

When you click on the OK button, you’ll be prompted to enter an email address and another password. This one is different than the one you use to open the Titanium console. These are the credentials you’ll use to report that your laptop was stolen, if and when that happens. More on that later. The password you set here will be the one you use to open your vault to access files that are stored there.

 After creating your vault credentials, the Trend Micro Vault screen will be displayed.

Click on the switch under the safe icon to turn on your vault. Then click the OK  button.

You’ll see an icon appear on your windows desktop that says Trend Micro Vault. This is your vault, the folder where you can securely store any files, sensitive or otherwise. To open your vault, double click on the icon, then enter the password you specified when you created your it. While your vault is open, you can drag and drop files to and from the folder. Make sure you close the vault folder when you are done with it, in case anyone tries to access your vault while you are away from your computer.

Reporting and Regaining Control of a Lost System

Before closing Titanium, click on the link under Reporting a Loss and bookmark the web page to where you are sent. If you ever lose your computer, you can go to this web page and enter your Trend Micro Vault account  credentials – the email address and password you entered when you created the vault – to lock the vault. It can’t be opened by anyone, even if that person knows the vault password.

When your lost system is found and back in your possession, go to the Trend Micro Vault screen then click on the unseal the Trend Micro Vault link. You’ll be taken to a page where you enter your vault email address and password to unlock the vault. Then I highly recommend you change your vault password by clicking on the change your password link. Then enter a new password and optionally a new email address for you vault.

Now Your Sensitive Files are Safe and Sound

As you can see, Trend Micro Vault is a very handy and easy-to-use way to secure any files you carry with you on your laptop PCs or to prevent people from prying into your private data at home on your desktop PC, for that matter. Give it a try, you’ll be glad you did.

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Greg Boyle

There has been a lot of talk recently about future technology such as Google Glass and Apple iWatch, wearable tech is fast becoming a reality…it makes me wonder…is it all happening too fast?

I worry about what the world will look like in five years time when my son reaches high school. I was leaving school and starting college when phones started to include cameras. Luckily for me, we didn’t have them at high school and the cameras on phones in those days were too poor to shoot pictures at night or inside.

Much of the knowledge we have as adults centres on the mistakes and “fun” we had as young adults and luckily for most of us these adventures remain purely as legends that old friends bring out when you catch up every few years, and the memories fade and get embellished for good humour.

What we see now is life played out in pictures and videos shared with hundreds (or thousands) of people in a matter of seconds via social media.

Now mistakes can have drastic consequences

There is no forgiveness of time nor sunset, as the quality of cameras  in phones, in-built flashes, and the ubiquitous nature of them now means that children making mistakes can have drastic consequences to self-esteem, friendships, schooling, future careers and families.

The speed of learning that we used to get from making mistakes has been outpaced by the capability of smartphones and social media available to young people. Those capabilities are improving at lightning speed while the wisdom of years doesn’t come any faster (although my three-year-old thinks it does).

Will everything they see be streamed live?

What will kids be able to do with their phones, watches, and glasses in five years time? Will everything they see be streamed live to their Google+ YouTube channel and immediately be searchable based on things happening in their suburb on a Saturday night?

Kids today have it good – the technology is awesome. I would love to be able to look back every few years at the things I did with friends so that the memories don’t fade too quickly, but unfortunately, in our day the photos were to blurred and grainy. However, I’m not so sure that Saturday night streaming from the local pub is something I would have wanted my friends, family, and employer to have access to.

There is going to need to be a lot of sharing of the wisdom we learned from our mistakes very early on so that technology can be embraced, stories can be embellished, and the only embarrassments faced are played out amongst forgiving friends and not the Internet at large. We (adults and parents alike) have a big job ahead of us.

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Michael Miley

I don’t know about you, but I’m one of those guys who likes the convenience and synergy of Comcast’s XFINITY Triple Play service, because it provides phone, Internet, and TV access all wrapped up in a single package. (If it were cheaper, I’d like it even better!)

Dealing with one company, rather than two or three (particularly when things go wrong), is one advantage. Paying a single bill is another. Cable Internet speeds are also great for Netflix and other smart TV apps, so that’s a third. And the Caller ID-TV combo, (where I can see who’s calling in the middle of my favorite TV show, because the name or phone number pops up on the screen) is definitely a fourth. If I can’t tell who’s calling, I ignore it. (Truth be told, I often ignore it even when I can! Please don’t tell my family or friends.)

In a similar way—and for a lot less money—I like the synergy of the triple play of Trend Micro’s Mobile Security, Privacy Scanner for Facebook, and Mobile Backup and Restore apps. I get protection against malware and viruses with the first app; protection for my privacy with the first and second; and protection for my data and devices with the first and third.

Not only do these apps all work together quite well to provide these benefits (though they can also work alone), I get access to all three from the singularly elegant Mobile Security interface, which includes links to Privacy Scanner for Facebook and Mobile Backup and Restore. It’s a kind of mobile ecosystem—three legs of a security support stool that, together, help to ensure the stability and safety of my Android devices.

It doesn’t hurt that Mobile Security 3.0 is nicely designed. (I wish I’d designed it, so I could brag.) Its console, which you swipe either right or left to see the respective panel, is like two French doors opening onto its functions. It gives me a touchable preview of the state of my security on the left and access to all my tools on the right, where I can perform an operation, tailor the settings, or launch the linked apps.

Mobile Security – Left and Right Panels

Mobile Security protects me from malware and viruses

The linchpin of this triple play is, of course, Mobile Security itself, because it performs those key security functions that I absolutely must have in an insecure world, where Android devices are a primary target of today’s cybercriminals.

Scan Device performs a combo virus and data protection scan; while the virus scanner scans real-time (when downloading apps); from the cloud if I choose, (for the latest protection); and on demand (Scan Now) for the apps and files already on the device. Scanning files is an optional setting, set in the Scan Option popup, because adding files to a scan makes it take longer than just scanning apps. (The longer scan doesn’t need me to watch it, but my OCD compels me to do so.)

Mobile Security Virus Scanner | Scan Option

In fact, all of the options in the security settings screens let me tailor the security functions precisely to my liking, (which is great for a geek). For example, the Safe Surfing feature protects me from malicious URLs (websites) when browsing as aggressively or leniently as I like:

• High blocks sites showing any signs of fraud or malicious software
• Normal provides balanced protection without blocking minor risks
• Low only blocks sites confirmed as fraudulent or dangerous

I opt for Low on my Motorola smartphone, since I don’t browse a lot on its small screen, but I use the Normal default on my Asus tablet, since I do a lot more browsing there.

Mobile Security Safe Surfing & Parental Controls

If I had kids (heaven help me), I’d set up the Parental Controls on the phone as well, tailored for a child, pre-teen, or teen—whatever the kid’s age who has access to the phone. Password protection ensures that my kid can’t change the settings to bypass my controls. Concerned parents should take note.

Mobile Security + Privacy Scanner protect my privacy

The second leg of my triple play is focused on privacy protections, provided by Mobile Security and Privacy Scanner for Facebook working together. First, Mobile Security’s Data Theft Scanner informs me of apps that can potentially steal my private information, using real-time and on-demand scans, so I can delete the bad apps from my system.

Mobile Security Data Theft Scanner

But Mobile Security also links to Privacy Scanner for Facebook, so I can scan my Facebook privacy settings, identify risky settings that could cause me ”identity leakage” and change them according to its recommendations.

Mobile Security kick-starts my privacy protection by making it easy for me to download and install Privacy Scanner for Facebook from inside the Mobile Security app.

Backup & Restore | Scan Facebook – Before Install

To get started, I simply tapped Scan Facebook at the bottom of the right-hand panel to begin the process of downloading and installing Privacy Scanner for Facebook. Once installed, I linked the app to my Facebook account by signing into it.

Mobile Security Scan Facebook Preview | Privacy Scanner | Privacy Setting

From then on, tapping Scan Facebook in the right-hand Mobile Security panel displays a preview screen. I then click Check Settings in that screen and the Privacy Scanner launches and scans my Facebook settings, listing any privacy concerns.

I just click the items one by one, to make my changes (e.g., Friends instead of Friends of Friends), and I’m good to go. Oh yes, to return to the Mobile Security app, I just tap the Trend Micro Mobile Security button at the bottom of the Privacy Scanner screen. Very nice.

Mobile Backup and Restore + Mobile Security protect my data and my device

Finally, my triple play advantage is completed by another double play, which protects both my data and my device, the first through Trend Micro’s Mobile Backup and Restore application; and the second using Mobile Security’s Lost Device Protection functions.

First, let me show you the data component. Using the same method I used above to install the Privacy Scanner, I simply clicked Backup and Restore in the right-hand panel of the Mobile Security console to download and install the additional app. Once installed, I just linked the Backup and Restore app to my Trend Micro account and presto, it’s ready for use.

Mobile Security  Preview | Mobile Backup and Restore Console | Start Backup

From then on, whenever I tap Backup and Restore from the right-hand panel of Mobile Security, I’m provided with a preview page of my backup status. I simply click View Data Backup to launch Mobile Backup and Restore, and from there, initiate a backup by tapping Back Up Now in the app, choosing my items to back up, and clicking Start Backup to back it all up. (Restoring my data to the original device, or to another device, is just as easy—but I’ll leave that little item for you to explore.)

Finally, last but not least, Mobile Security provides me with Lost Device Protection, which variously lets me Find My Android if it’s lost or stolen by locating it on Google Maps, to lock the device if the SIM Card is changed or removed, to remotely lock the device itself to protect it from being accessed, or to partially or fully wipe the data from it as a last resort—my final protection from data theft when the device has been lost or stolen. Lucky me, this hasn’t happened yet, (I say as I knock on wood).

Lost Device Protection Functions

All these Lost Device Protection functions work in conjunction with the Trend Micro Lost Device Protection Portal (which might be thought of as the fourth leg of my mobile security ecosystem, so I guess that makes it a “quadruple play.”)

Lost Device Protection Portal

Once logged in, I have a measure of remote access to the device, where I can locate it, sound an alarm, lock or unlock it, or partially or fully wipe it, according to the lost device protection settings that I’ve previously chosen.

Lost Device Protection | Locate | Scream | Lock/Unlock | Wipe

Pretty snazzy, wouldn’t you say? There are a bunch of features I haven’t highlighted in this blog, but I’ll leave those to your own exploration as you try out the triple play of Trend Micro Mobile Security, Privacy Scanner for Facebook, and Mobile Backup and Restore for yourself.

Now it’s back to my other triple play. Just don’t try to call me when I’m in the middle of watching Game of Thrones.

I manage Trend Micro’s Technical Product Marketing team for Consumers and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Tom Mason

This message will self-destruct in five seconds. That’s the premise behind SnapChat and is hailed as the new Instagram. The app currently sends over 1,000 pictures every second and here’s how it works:

You take a picture and pick who you want to send it to. You then choose how long that picture will stay on their phone before it “self-destructs.” The app is alleged to even warn senders if recipients attempt to create a screen capture of self-destructing materials.

The first function of the app that comes to mind is that it could be a safe way to “sext.” Dig a little deeper and it’s not that difficult to think of other nefarious ways to use SnapChat. It could be used to distribute answers on a test. Or, you could use to help set up drug deals or to secretly communicate with your mistress. The list could go on forever, but I think you get the picture.

When you use SnapChat to send a picture, does it really disappear?

And that’s the problem, when you use the app to send a picture, does it really disappear? If you read SnapChat’s own privacy policy they state “Although we attempt to delete image data as soon as possible after (a) message is transmitted,” the policy says, “we cannot guarantee that the message contents will be deleted in every case.”

Still not convinced there’s a problem…A simple Google search shows that there are plenty of ways to get around the image destruction and even if it has been deleted, there are companies that will recover the images for a small fee.

Unfortunately, SnapChat creates the illusion that something can disappear and that is where the danger lies. It may seem trivial, but it can have serious consequences when a picture goes in to the public domain. Politicians, celebrities, and sports stars have become victims when a picture or video goes rogue.

So what can we do about it?

I’ve done things that my parents warned me not to do and that I hope my kids won’t do it. However, kids will be kids and sometimes they do things they regret.

Simply banning SnapChat may alienate children from their social network so if they do want to use SnapChat, go through the associated risks with them. It also goes without saying that compromising photos of an underage child can have serious legal consequences, including imprisonment and registration on a sexual offenders database.

Communication is key with any relationship and talking to children about SnapChat and understanding why they want to use it is important. SnapChat can be used for good intentions like sending a funny picture to cheer up a pal and it is yet another way to stay connected to friends.

Stop and think before you send a message

Children also need to stop and think before they send a message as well. I use my trusty “idiot” test to confirm whether or not I send a picture – would I want my friends, family, a future partner, a new boss or the general public to see me in that position or state of undress in a shopping mall? If the answer is no, then I won’t send it because I don’t want to be that idiot everyone talks about.

I love social media and I think that it has a lot of benefits to help us in different ways. We need to remember that social media is not private and it certainly isn’t temporary. Everything we do on social networks is there permanently and is easily searchable. The sooner we all learn and live by that, the better.

‘Til next time…

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Shannon McCarty-Caplan

“Can you hear that?” my mother shouts arm’s length distance from the phone.

“What am I listening for?” I reply.

“A buzzing and whooshing sound, coming from my computer,” she yells again.

This is just an example of the tech support request calls I get regularly from my cute little mama. She only calls about once a month or less for her gadget questions, but I can’t say how many times she’s calling her wireless Internet provider.

According to a recent survey we conducted at Trend Micro to commemorate Mother’s Day, about a quarter of you are in the same boat as me, getting these calls about once a month (the survey dives into perceptions of moms’ technology and device knowledge). My heart goes out to the eight percent of you who said their tech-challenged moms contact them once a day (Mother’s Day Gift Idea: Premium Tech Support Package from Trend Micro and read Mike Miley’s blog). Yikes.

About how often does your mom contact you for IT advice?

Tech support calls aside, my mom is definitely more tech savvy than most, considering one third of you say teaching mom how to use devices is like watching the movie “Clueless.” For my mom, she’s more like the movie, “Easy A” (17% of moms). She’s able to stay connected to her work and personal life using two PC computers (one laptop, one desktop), one netbook, and an iPhone. My mom is active on Facebook, checks-in on FourSquare, and is a frequent mobile SMS texter. She even uses the Roku box I set up for her to watch streaming TV and movies!

Teaching your mom to use her latest device or gadget is like what movie?

Similarly to the moms reviewed in our survey where more than half have been hit by a virus, my mom has fallen prey to online threats like spam (she was recently clickjacked, which happens to the best of us).

We love our moms, and we want to make their lives easier with technology, so we keep buying them new gadgets (see graph below). For a majority of us, that gift includes free tech support for life, 24/7/365.

If you were to buy your mom an electronic device for Mother’s Day what would it most likely be?

Maybe we’re gluttons for punishment, or maybe we just want to be there for mom, like she’s always been there for us. I love you, Mom!
Happy Mother’s Day!

Connie McCarty with her daughter Shannon McCarty-Caplan

For some great tips and activities to help moms and all members of the family improve and safeguard their digital lifestyles, please visit http://www.trendmicrofamilysecurity.com/.

You can read the full survey here. 1,037 respondents completed the online poll, and the sample is representative of the US Census on age, gender and region. The survey, conducted by Cint USA, was sponsored by Trend Micro on April 23-25, 2013.

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Michael Miley

Any day can be Mother’s Day—especially when mom needs help with her computer! The phone will ring and her frustrated voice will be on the line with one or more complaints. Here’s a typical list:

“I can’t get my email.”

“I’m getting an error message when I try to print.”

“How do I create new folders in my email or on my desktop?”

“My browser is acting funny whenever I try to browse the web. Can you fix it?”

“Everything seems really slow. Can you speed up my computer?

“I think I might have a virus. I’m getting a weird popup message saying something about a firewall violation. What should I do?”

Rather than rush across town to fix these or other problems in the midst of my workday (or in the evening when I’m trying to relax), I’ve installed software called LogMeIn on her computer, so I can access and manage it remotely.

Once connected, I can do pretty much anything I need to do to help her out: update Windows; install a new printer driver; fix her email; create and organize folders; run System Mechanic for maintenance; even launch Titanium to scan her computer to check for and eliminate viruses, malware, or spyware.

How to Remotely Access Mom’s Computer

The first step requires a live visit to mom’s computer to install the LogMeIn software on the system. Once you’re there, type www.logmein.com into her browser and hit Enter. The Logmein website appears:

Figure 1. www.logmein.com

Click Try it Free, follow the various windows and prompts to create an account, register with LogMeIn, and install the 30-day trial of LogMeIn Pro software on her computer. Then provide access to it with a name and password (or a LogMeIn computer access code).

After 30 days, if you don’t purchase LogMeIn Pro, it will revert to LogMeIn Free. Don’t worry! Though you’ll lose the advanced features, you’ll retain basic remote access and control of your mom’s computer for as long as you maintain your LogMeIn account.

After you’ve installed the LogMeIn software, leave mom’s computer on, then test out your setup by accessing it from another computer in the house—or simply wait until you get home. The first time you log in to your account to begin a remote session, LogMeIn will install a plug-in for your browser (e.g., an ActiveX plug-in if you’re using Internet Explorer).

Once that’s completed, you’ll see the remote access screen. In my account, I’ve installed LogMeIn on two computers, so both are visible in the remote access screen:

Figure 2. LogMeIn Computer Access Screen

Click the item in the list that represents your mom’s computer, and when the prompt appears, enter the name and password (or the computer access code you created) to log in.

When the remote desktop appears, the command menu on the left-hand side will show all the features of LogMeIn Pro during your 30-day trial:

Figure 3. LogMeIn Pro

After the 30 days, you’ll see the simplified LogMeIn Free menu:

Figure 4. LogMeIn Free

Once you’re in, you can pretty much do anything you need to do to fix or manage your mom’s computer, including rebooting it if you’ve installed new software that requires it. Simply wait a minute or so while the computer reboots, then click Refresh and you can log back in.

Once I’m in, I use System Mechanic, from iolo technologies LLC, to do maintenance on her computer.

Figure 5. Running a System Mechanic Scan

Or I use Trend Micro™  Titanium™  Maximum Security 2013 to check it for malware, viruses, and spyware.

Figure 6. Running a Titanium Quick Scan

With LogMeIn, you get full remote access to everything on her computer, as if you were sitting right there in her office. When you’re done being the helpful son or daughter, simply click Disconnect from her computer in the LogMeIn command bar, then pull down the LogMeIn login menu in the upper right corner to log out and end the remote control session.

Figure 7. Log Out of LogMeIn

“Happy Mother’s Day, Mom! I think that fixed the problem! And the next time I visit, instead of spending an hour doing maintenance on your computer, we can have a nice cup of tea!”

UPDATED MAY 28, 2013:

Addressing LogMeIn Security Concerns:

If you use LogMeIn to remotely access a friend or family member’s computer to fix problems or teach them how to do something, you can take some of the following precautions to help ensure the security of the solution:

1. Set up your LogMeIn account with a strong password, as it’s the linchpin of the solution. I use Trend Micro’s DirectPass password manager (www.directpass.com) to generate hard-to-crack strong passwords. DirectPass remembers it for me and securely logs me into my LogMeIn Internet account when I want to conduct a remote session.
2. Encourage the folks you’re helping to also secure their computers with strong passwords. Since the login screen shows up before the desktop of your OS, you unfortunately can’t use a password manager to log in, so the password should be easy to them to remember, but hard for an outsider to guess. (Don’t use an obvious password like their name or dog’s name, etc.) Note, however, that you can be the “keeper” of their password. To remember it, I’d create a Secure Note in DirectPass and save it there.
3. Set up the computer to go to sleep after 10-15 minutes of inactivity and require the password to be entered again when the computer wakes up.

Once you’ve done these things, consider some additional options for your friend or family member’s computer when using LogMeIn:

1. Teach them how to switch LogMeIn on before a session and off after a session using the LogMeIn icon in the System Tray in Windows, or in the main menu at the top of Apple’s Finder (i.e., the Desktop).
2. When you install LogMeIn on their computer (aka “the host”), set the following Preferences in LogMeIn if you wish to increase its security:

a. Select Open LogMeIn using its System Tray / Finder icon. The LogMeIn app loads.
b. Choose the Options tab, then click the Preferences button in Preferences and Security. The General tab is selected by default.
c. As per Arno’s recommendation, below Host side user’s consent, ensure Request consent from host side user is checked, set the Time to wait for user’s consent for 10 seconds or so, and select the Reject request button if the user does not respond.
d. Uncheck the two checkboxes Never wait for user’s consent in these cases:

[ ] Remote user has Full Control access rights to host computer

[ ] Host side user is not present.

e. Select the Security tab, then enter a Personal Password and confirm it to create an extra layer of security for this computer. You will be required to enter a subset of characters from the Personal Password before being granted access to the computer in your remote session. Note that the personal password is stored on the computer and cannot be retrieved by the LogMeIn support staff. Again, I’d create a Secure Note in DirectPass to save it, in case I forget it.
f. Click OK to save all your changes.

If you wish, you can also tweak the IP Address Filtering, Denial of Service Attack blocker, and Authentication attack blocker options, as well as the Advanced functions in Preferences, to further protect the computer from LogMeIn hackers. I won’t go into these here, but you can download the LogMeIn Free guides for more details: http://help.logmein.com/SelfServiceUserGuidesByProd?product=lmifree Among the guides, you’ll find a whitepaper you can download that provides technical details on LogMeIn security.

–Michael

I manage Trend Micro’s Technical Product Marketing team for Consumers and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Richard Medugno

Over the past few months, I have written Fearless Web blogs about the growing problem of stolen and lost smartphones and mobile devices. It was my hope that by shedding some light on these often avoidable incidents that this nonsense would cease.

And yet it hasn’t. In fact, it seems to have gotten worse. It’s like the whole world is not reading my blogs nor taking my advice. Obviously, this annoys me greatly.

If you read today’s New York Times front page story titled Cellphone Thefts Grow, but the Industry Looks the Other Way, you would learn that the “new nationwide database for stolen cellphones, which tracks a phone’s unique identifying number to prevent it from being activated, theoretically discouraging thefts…has not helped stanch the ever-rising numbers of phone thefts, in part because many stolen phones end up overseas, out of the database’s reach, and in part because the identifiers are easily modified.”

Grrrrrr.  And, surprise, surprise, this article suggests that the mobile phone industry isn’t all that concerned nor interested in adding more security features because, if you have to buy a new phone after one is lost or stolen, well, that’s more money in their pockets.

There was more bad news in yesterday’s CNET piece titled Smartphone safety lagging, referencing the annual “State of the Net” offering from Consumer Reports:

• Many users don’t secure their phones. Almost 40 percent don’t take even minimal security measures.
• Malicious software is a real threat. Last year, 5.6 million Americans experienced such problems as sending unauthorized text messages and having accounts accessed without permission.

I fantasy about mobile devices having the ability to self-destruct after say a minute or two in the hands of someone other than the owner…but, clearly, there could be liability issues that would probably outweigh the benefit. Until someone comes up with better ideas, it probably best to employ the suggestions outlined in the Consumer Reports article Keep your phone safe – How to protect yourself from wireless threats. And, oh, yeah, consider some of Trend Micro mobile security solutions.

Ultimately, I think the best prevention against having your smartphone stolen remains common sense. Don’t use your mobile device just anywhere and everywhere. Go some place safe whenever you use it. Then keep track of it like it’s a two-year-old, never letting out of your hand or sight. Password protect it, too (I’m talking to you 40 percenters who don’t even use minimal security measures). After all, it is your digital life…

But, please don’t do this if your cell phone should falls on to train tracks: “Your cell phone or your life? One girl in Brazil almost lost both…”

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb.

By Jamie Haggett

I’m sure you’ve watched the news in the last few months and have seen a ton of high profile hacks on Twitter, including big brands such as Jeep, Burger King, and most recently the Associated Press (AP). I think the average person outside of the computer world is left wondering a few things:

• How and why are these accounts being hacked? I would assume these organizations would have nice long, complex passwords to protect their accounts, wouldn’t you?
• If they can’t keep themselves safe, how am I expected to?
• What is this two-factor authentication thing I keep hearing about and will it keep me safe?

Reasons why Twitter accounts are routinely hacked

There are many reasons why Twitter accounts are routinely hacked. It could be something as simple as someone wanting to spread misinformation for amusement, or it could be something as nefarious as a smear campaign on a particular individual or company. This can be not only damaging to the organization or individual, but, in some cases like the AP account compromise, it actually sends the US stock market into a temporary tail spin. As you can imagine, a temporary dip in the stock market is a huge opportunity for profit.

Twitter hacks highlight a much bigger problem around password security. You could have the longest, most complicated password ever, but if you click on a malicious URL or a web address crafted to mislead you into thinking you are logging into Twitter and then you enter your password, you’ve essentially bypassed  any security that you had around your password – just by simply giving your password to a bad guy.

Common social engineering tactic

This is an incredibly common social engineering tactic used today on Twitter. By sending you a “Direct Message” from an account that may already be compromised by someone you are following, a cybercriminal can hack your account. The message can mask itself by something as simple as: “Hey, I saw this hilarious picture of you!” Then it will have link to a malicious website. This tactic was widely successful with email viruses back in the day and continues to be successful on social media today.

Another common way to capture your password is to compromise a website or service that doesn’t have the same security controls as Twitter. If you have the same password across multiple services, this will quickly be exploited by automated software designed to quickly try the stolen username/password combinations across multiple websites and social media services.

So how can we protect ourselves against this? 

There are multiple ways we can help prevent our social media accounts from being compromised. A simple first step to take is to use a different password on every service you use. You’re probably thinking, “Awesome, but, there is no way I can remember all of these passwords. It’s not realistic!” And I totally agree with you. There is a beautiful technology that solves this problem called a password manager. I am going to a bit biased here – Trend Micro offers a great consumer product called DirectPass to manage your passwords across devices. It is inexpensive and designed to manage your passwords so that you don’t have to.

There are multiple high-quality password managers that are on the market today that are both easy to use and understand, and are very affordable. Investing in one is the probably the second best security investment you can make on your computer outside of a well known, trusted Internet security product.

Two-factor authentication

The other solution big social media outlets are rolling out right now is something called two-factor authentication. While the security nerds out there are well versed in this technology, the average computer user has likely heard of it, but has no clue how it works or how to set it up. I’m going to attempt to clear the muddy waters here…

Two-factor authentication (also known as multi-factor authentication) is a method in which you need to provide two or more known things to log into a service. The most common implementation we see of this today is where you would have to provide both your password and perhaps answer a question or two that should only be known to you, such as, your first grade teacher’s name.

While this seems great in theory, any half decent social engineer could learn this information about you and circumvent it. Another implementation of two-factor authentication and, in my opinion the easiest, is using something you have on you at all times to send you a unique number. A good example of something most of us have on us at all times these days is a trusty mobile phone!

It works like this…

When you log into your account, you would type your username and password, but a second password would then be sent to you via a text message that you would have to enter as well. This is uniquely generated each time you log in from a new browser, device, or PC. Unless you have both your password and this unique #, you will not be able to log in. The beauty is that even if your password is stolen, the bad guys still can’t log in unless they have your mobile phone!

This is a security technology that Google and Facebook have both rolled out that I highly recommend you setup. Following quite a few high profile hacks on Twitter, they have also announced that they will be rolling out two-factor authentication very soon.

Final advice

Be skeptical online. If it seems too good to be true, it likely is. If you get a direct message from someone that is vague and unexpected, put on your skeptic hat and maybe give the person a call to see if they actually sent you a bizarre link pointing to a photo of you.

Keep safe out there.

I work for Trend Micro and the opinions expressed here are my own.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb

When traveling you need to raise your personal cyber threat alert on your digital life to stage orange or even red, because the places you’re going to visit are probably not as safe as your comfy home or secure office.

Below are a few Do’s and Don’ts for travelers who want to remain safe online no matter where they go in the world.

For more tips and advice regarding Internet, mobile security and more, just “Like” Trend Micro Fearless Web Internet Security on Facebook at http://www.facebook.com/fearlessweb