After Santa heads back to the North Pole, there will be many new devices in the hands of good girls and boys that will be targeted by criminals. With the enjoyment of these cool devices should come top-notch protection for them, as they can be vulnerable to a number of malicious threats.

Laptop or PC

What should your security software include?

• A two-way firewall: monitors the activity on your devices making sure nothing bad is coming in (like unauthorized access) and nothing good is leaving (like your data).
• Anti-virus software: protects your devices from malicious keyloggers and other badware.
• Anti-phishing software: watches your browser and email for suspicious inbox activity.
• Anti-spyware software: keep your PC spyware free.
• Safe search capacities: McAfees SiteAdvisor plugs into your browser and tells you what websites are good and which are suspicious.

Go further with wireless network protection, anti-spam, anti-theft protection and parental controls.

Free software is not recommended, as it provides only basic protection and you’ll likely end up purchasing more anyways.

Make sure you have a subscription to software that’s automatically renewed every year so that you don’t forget. This is after you figure out whether or not your new device’s protection software is on a trial basis.

Smartphone or tablet

• Be leery of third-party apps you install on your mobile phone, since malicious apps are the main threat.
  • Download apps only from reputable app stores.
  • Read reviews and make sure you know what information the app requests prior to download.
• Use mobile security software that includes:
  • Anti-virus and malware protection
  • Anti-theft
  • App protection
  • Web protection
  • Call and text filtering
• Turn off automatic connections to Bluetooth and Wi-Fi unless you’re using them.
• Apply app and operating system updates.
• Never store account numbers, passwords, etc., on your phone or tablet
  • Do not have your apps set to automatically.
• Apple products are at highest threat; install security software that’s been designed just for the Mac.
• Never leave your phone or tablet unattended.

Gaming or entertainment device

These devices are vulnerable to many of the same attacks that PCs are, since they’re connected to the Internet.

• Create backups of your games.
• Make sure you understand the built-in parental controls.
• Never store personal information on this device.
• Connect it only to a secure Wi-Fi network.
• Use a secure, encrypted USB drive that will muddle up your information to make it unreadable to thieves.
• Purchase security software to protect the portable hard drive; and set a password.
• Employ technologies for protecting your information.
• Never leave the USB drive unattended.

The most important thing to remember is “don’t worry about it” but definitely do something about it. Once you invest in your devices security go play, have fun and be smart about what you do online.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  

What kind of debit card do you have? The two types are direct debit cards and deferred debit cards.

Direct debit

• Use of a PIN (personal identification number), which the bank issues or you choose. Card purchases require entering the PIN, and money is taken out of your checking account on the spot.
• PIN-based transactions cost retailers less to process, and many banks pass the transaction fee onto the cardholder.
• Bank fees range from 25 cents to $1.50 per every PIN direct debit purchase. Not all banks blatantly notify the consumer of this, but this should be visible on the checking account statement.
• Usually safer than the deferred version, as a thief needs to know the PIN to use the card. For obvious reasons, direct debit cards are safer for online use than are deferred debit cards.
• Cannot be overdrafted unless you opt into overdrafting at the time of account creation.

Deferred debit

Think of a fusion between a traditional credit card and a direct debit card. Rather than on the spot of a purchase, money is withdrawn from your checking account within two or three days of the purchase.

• No PIN required; only the signature of the cardholder.
• Has potential for an overdraft, resulting in a fee. The purchase will get cleared even if you don’t have sufficient funds in your account.
• The overdraft fee could be $30 or more.
• Tend not to have any transaction fee.

Both of these cards provide a degree of protection for the consumer. With each it is essential the consumer checks their statements frequently as federal law requires banks to refund stolen funds when reported in less than 3 days and up to 60 days depending on the nature of the card.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Card fraud affects merchants, not just shoppers. The Data Security Standard 3.0, released by the Payment Card Industry (PCI), urges companies to create a data flow diagram. This diagram would reveal all the systems, applications and employees who have access to cardholder data.

“In the majority of compromises we’ve seen over the past few years, the merchant was trying to do the right thing but was unaware that cardholder data existed in a location that was not being protected,” states Troy Leach, PCI’s Security Standards Council chief technology officer, to StorefrontBacktalk.

Data flow diagrams include all types of data pertaining to users, suppliers and customers, and businesses should do a full analysis of their systems to know what’s what.

Businesses should also learn details about security levels at all stages, and figure out whether different data is covered under PCI jurisdiction or the protocols of foreign entities.

Data must be “overlaid with a diagram of servers on- and off-premise, and all mobile devices, including those owned by employees,” reports PaymentsSource.

Merchants should know where all their cardholder data is; how their organization operates; and “how their customer’s cardholder data moves throughout their environment,” says Leach, so they can formulate decisions that will minimize risks and costs.

PaymentsSource recommends mapping the application of data flows, since businesses today are “super-interconnected” to other networks.

January of 2015 is when PCI’s Security Standard 3.0. will be in full effect. In the meantime, retailers should promptly start creating data flow diagrams.

Oregon-based iovation Inc. has created an exclusive network of global brands across the retail industry and others, with thousands of fraud professionals reporting more than 10,000 fraud and abuse attempts each day.

iovation’s shared database contains more than 1.6 billion unique devices including PCs, laptops, iPhones, iPads, Android, Blackberries—practically every Internet-enabled device that exists.

Many big brand retailers use this device reputation service to detect fraud early by not only customizing their own real-time rules to set off triggers, but by leveraging the experiences of other fraud analysts to know if the device touching them at this moment has been involved in chargebacks, identity theft, bust-outs, and any other kind of online abuse you could imagine.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247

Thanks to social media, societal norms have undergone a seismic shift in the past five years. What was once considered private or even taboo is not only fair game, it’s expected. But this can have serious consequences from the ending of friendships to exposure to physical harm.

I’ve talked about the concept of TMI or too much information and how social networking and mobile devices have made sharing so much easier and faster than ever before. But we all need to seriously think about some hard consequences of sharing too much personal information. Thinks about it…is that friend really a friend if you haven’t seen them in 25 years?

McAfee’s Fifty Plus Booms Online study found despite the fact that social networks have a reputation among the younger generation as a hub for drama among friends, this is also the case among other demographics—even in the 50-and-over age group. According to respondents, 16% of those who are active on social networks have had a negative experience, with almost 20% of those resulting in ending a friendship.

Further, the study finds that even though 88% consider themselves tech-savvy, they are still engaging in dangerous online behavior, such as sharing personal information with people they have never met in person. Even though 75% of them believe that social networks can expose them to risks such as fraud and identity theft, 52% have shared their email address, 27% their mobile phone number and 26% their home address. All things that open them up to possible exploitation and even physical harm.

They are also using their mobile devices to share information. Nearly one in four (24%) mobile users have used their device to send personal or intimate text messages, emails or photos to someone and yet over 30% do not have basic password protection on their mobile devices and almost half do not have any security software on their mobile devices.

And because these boomers (and all of us) are spending more time online-with 97% of them going online daily and spending an average of 5 hours a day online- we all must be aware of the concerns that exist with the increased use of mobile devices for everyday tasks and social networking and what information we may be sharing.

Here’s some tips to help us stay protected:

• Remember the Internet is forever—Even if you have the highest privacy settings, it’s good practice to consider anything you do on the Internet as public knowledge, so be careful what you share online or via your mobile device.
• Don’t reveal personal information—Seriously consider why it’s needed before you post your address, phone number, Social Security number, or other personal information online.
• Put a PIN on it—Make sure you have your smartphone and tablet set to auto-lock after a certain time of unused and make sure it requires a PIN or passcode to unlock it. This is especially helpful to protect any information you do not want seen should your device be lost or stolen.
• Manage your privacy settings—At most, only friends you know in real life should be able to see details of your profile.
• Change your passwords frequently—In addition to choosing passwords that are difficult to guess (try to make them at least eight characters long and a combination of letters, numbers, and symbols), remember to regularly change your passwords.
• Turn off the GPS (Global Positioning Service) function on your smartphone camera—If you are going to be sharing your images online, you don’t want people to know the exact location of where you are.
• Use comprehensive security on all your device Enjoy a safe online experience no matter what you do or where you are. McAfee LiveSafe™ service protects all your PCs, Macs, smartphones and tablets and can help you secure your data and keep your identity private with its many different features, including a secure data vault, password manager, and protection from phishing scams and malware.

So…really, please, come on now, can we all just tone it down a notch? And one more thing: Please protect your devices—I mean ALL your devices.

Follow @McAfeeConsumer for live online safety updates and tips and use hashtag #BabyBoomers to join the discussion on Twitter or like McAfee on Facebook.

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!

#1. Whenever possible, configure your Internet connection to always use HTTPS. This is the “https” that appears before the “www” in a Web address, and the https is preceded by a padlock icon.

For Gmail, this works by clicking Settings in the top right; select the General tab, then hit Always use HTTPS, then save this setting. This option is not available for those who access email via Hotmail.

#2. Do not open unfamiliar emails. If you open one you think is from someone you know but realize it’s not, delete immediately. Do not click any links in the message or send the sender personal or banking information. Once you open that link, your computer could become infected by a phishing scam and your information stolen.

#3. Install anti-virus, anti-spyware and firewall on your computer and keep them updated. Automated updates are the ideal choice.

#4. Do not log into your accounts from an untrusted computer (e.g., at the coffee house, library), or one that you don’t maintain (e.g., friends’ and family’s). Even if you trust your friends and family, their computer could be infected from spyware.

#5. Make sure your passwords, plus security questions and answers are strong. Every six months, change your passwords. Never use the same password for different accounts. A strong password has upper and lower case letters plus numbers and punctuation, forming a non-English word.

For questions and answers, they don’t have to be true; false information cannot be researched or discovered on your Facebook page, such as the name of “your first pet” when you never had a pet: “Fuzzie-Glow” – who’s ever going to figure that out?

#6. Find out just how secure your passwords are. Some setups indicate strength with a rating of “weak” to “strong.” Always choose “strong.” If there’s no rating, go to How Secure Is My Password to see how fast your account can be hacked.

On the “How Secure” site, don’t type in your actual password if you’re skittish about doing that (even though the site is secure and will never release it anywhere), but type in something similar. So if your password is “catlover,” type in “horselover” and see what happens.

#7. Your password should not be on the list of the most popular passwords. Here is the full list. If yours is there, change it immediately, even if you must give up an easy-to-type sequence.

#8. Enable 2-step verification if you use Google for any activity. The 2-step adds additional security to a Google account. After entering your username and password, you’ll then enter in a code that Google sends out via voicemail or text when you sign in. This will make it harder for someone to guess a password.

#9. Use a password manager. This service eliminates the need to type in a password at log-in; log in with one click. A master password eliminates having to remember all your different passwords.

#10. You may think your password is unique because it’s a jumble of characters, but it may not be very strong simply because it’s not long enough. The longer that uniqueness, the more uncrackable the password will be.

#11.Use a virtual private network software to encrypt any wireless communications. A virtual private network (VPN) is a network set up to communicate privately over a public network. For example: You occasionally want to or need to work from home and your employer knows that if you do, the data that travels between your PC and an office PC needs to be protected.

Another example is when you use public WiFi, knowing your wireless data can be sniffed out by criminals. Using a VPN solves that problem.

Hotspot Shield VPN service is a great option that protects your entire web surfing session, securing your connection on both your home internet network and public internet networks (both wired and wireless). 

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. 

With your cards being used online, over the phone and in person it’s easy to lose track of purchases. The key is keep good records and be diligent about your security. Here are eight great tips that will go a super long way in preventing post holiday account takeover in the form of credit card fraud.

#1. To ensure your best chances of escaping fraudulent activity involving your credit card (which can occur even if the card isn’t stolen), follow these tips:

• Go over every transaction online and account for it. Inquire about unfamiliar purchases with family members who are permitted to use your card.
• Immediately phone the card issuer if you spot a suspicious transaction.

#2. Document order confirmations. Screenshot the final confirmation page of your purchase, and save the confirmation e-mail.

#3. Personal information protection. Before you buy online, review the website’s privacy policy regarding personal information requests and how this will be used. Consider it a red flag if you can’t find this information.

#4. Online purchase security. A secure website will have an icon of a padlock, followed by https:// before the website address in the URL. There are also many toolbars that offer a greet/red color code this is usually a feature in most browsers.

#5. Phishing scams. If any e-mails come your way requesting your personal or financial information, don’t click the malicious link inside; delete immediately. Some scam e-mails try to convince you there’s a problem with your order. Contact directly the site of purchase to verify whether or not there’s an issue with your order. Do not investigate this through the e-mail message. 

#6. Beware of skimming. Carefully observe employees whom you hand your credit card to for purchases. A crooked employee may scan the card to obtain your number.

#7. Always take the credit card receipt, no matter how small the purchase.

#8. If you think your identity has been stolen in regards to new account fraud then you need to step it up.

• If you suspect fraud, contact Equifax, Experian and TransUnion to issue a fraud alert on your credit reports.
• Pull your credit reports from these three bureaus to check for any suspicious accounts in your name. Check your credit reports again in six months.
• Pull your credit reports for inspection (it’s free) every 12 months as a smart measure.
• Get a credit freeze
• Invest in identity theft protection.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

The holidays mean a surge in online purchases done with laptops, cell phones, tablets and desktops.

One way to be scammed is via pop-ups (on legitimate sites, but that are not connected to the site) that ask for a survey. After you complete it, you’re offered what seems like a free product. You then unknowingly set yourself up to be enrolled in a program to purchase more products—after giving your credit card information.

It’s easy to get sidetracked by pop-ups, says iovation’s Jon Karl, VP of Corporate Development in Portland. But he asks: “Who is that business on the other end of the line; do you know them? Because there's lots of opportunities to spend your money with somebody you don't know.” iovation is one of the biggest online fraud protection companies in the world.

“You have to be really careful when you're clicking on offers that are coming to you,” he adds. Shoppers should be skeptical and limit how much personal information they give out. “You really should only have to give them the data that's necessary to get a product to you. So, your name, your address and the information for your credit card.”

Avoid doing business with any retailer that requests your Social Security number or even birthdate.

Another tip from Karl is to online shop only with a credit card (not debit card or electronic check), as this offers protection for purchases gone awry.

More Tips

• Do business only with companies you’re familiar with.
• If you’re not sure about a company, seek out some reviews.
• Ignore pop-up advertisements.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video.