We know WiFi is insecure. When logging onto any open (often public and free) unencrypted WiFi, your data is there for all the snoopy snoopers to see and download for their own personal gain.

But now researchers have found a whole new hack for you to protect yourself from. When iPhone users launch an application, the app sometimes has all its data right there on the device. But more often, the app is talking to its home server, meaning it’s calling home, and will download what you need on demand. An example would be a weather application that is definitely getting all its data from the app’s home server, while a game might have everything it needs on the device.

Still, even in the case of the game, there still may be ads on the game, and those would be streamed to the app. Researchers discovered that there seems to be an issue within iOS that allows for hackers to manipulate the server address the app calls out to in a way that allows the attacker to change the URL address to one that serves up malicious links that would download to the iOS device.

Currently, it is not known if criminal hackers are using this exploit; there are no known reports. The hopes are that Apple will make a quick fix and patch this vulnerability before attackers latch onto it.

Meanwhile, you should only download applications from trusted sources such as Google Play or iTunes—and only use a secure wired or wireless connection when going online. A VPN such as Hotspot Shield VPN will protect users data from the snoopy snoopers…but until Apples fixes this issue, all users are vulnerable. 

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Have you ever received an email like this…I did: “Robert, last night I was at a concert and I must have dropped my phone because I lost it. But then something awful happened. My friends knew I was with my other friend, and she got a call wondering if I was OK. Apparently whoever found or stole my mobile posted all my naked pictures to Facebook. I’ve finally got access to Facebook and I’ve deleted most of them, but it’s been a harrowing experience.”

There are just so many things wrong with this. It’s amazing to me how lazy some people can be with their mobile security—especially if their devices have, ahem, “private” information on them.

1. Passwords: Mobiles need to be password protected and automatically locked after one minute. A four- to six-letter/number password is sufficient.
2. Erase on too many password attempts: Enable the option for when someone tries to enter a password in excess of 10 tries, the device erases the data. If you have kids, you may not want to activate the erase option.
3. Lock/locate/wipe software: Many devices have a feature that allows users to locate the device in the event it’s lost or stolen. And added bonus is it allows you to lock it down (it should already be locked after one minute!) and erases the data remotely.
4. Security software: Know that mobiles are targeted by virus writers in the same way PCs are. While there are millions of viruses targeting PCs, there still tens of thousands targeting mobiles.
5. Wireless security: The 3/4G connection on your devices is relatively secure—but the WiFi is definitely not, especially on a public WiFi network. Hotspot Shield VPN is an excellent option to protect your data on an unsecured network.
6. Update your operating system: Whenever you get a notification that an updated version of your OS is available, it’s often because there was a security vulnerability discovered. Download the update ASAP.
7. Beware of SMiShing: Whenever you receive text messages to access an account, update your OS or offering cheap goods, be suspect. Really, if you aren’t expecting the text, hit delete.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Yup, the holidays are here. And I don’t know about y’all, but the last thing I plan on doing is walking into any store to buy anything. Other than to get food, most of my shopping is generally done online.

People always ask me, “Aren’t you concerned your identity will be stolen? Don’t you worry about always giving out your credit card over the internet?” And I say nope. Not worried. Don’t care. Never have been. And neither should you. Seriously.

BUT! You still have to do something first to make sure that, to a certain degree, you will not end up a victim of fraud. And there are things you should do after you hand over your account information to monitor your accounts.

But no, you shouldn’t worry. Just do this:

Secure your devices: No matter what device or operating system you use, your data is only as secure as its hardware and software. That means updating everything and locking everything up, too.

Operating system: Each device’s manufacturer provides frequent software updates with critical security patches designed to patch any vulnerabilities that were discovered by researchers or criminal hackers. Set critical security patches to update automatically.

Browser: Your browser needs to be updated to its latest version for the same reason an operating system does. Only enter credit card numbers in sites that have HTTPS in the address bar. That means there’s encryption on that page.

Wireless: Always use an encrypted wireless connection using, at a minimum, WPA or WPA2 encryption. Otherwise, use a virtual private network software like one from Hotspot Shield VPN.

Websites: Only buy from legitimate websites that you already use for shopping—sites like Amazon and eBay that you know are relatively safe. Once you stray too far off the ranch, you risk your device being infected, plus orders you place may never arrive and your credit card numbers risk being used without your authorization.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. 

Whether you are an individual who games, a work-at-home employee, a family of four that shops online, a road warrior or even a small business, chances are you have data to protect—and so this all pertains to you.

Fundamentals:

Antivirus isn’t enough: A free antivirus package is good, but it might not update automatically—and you need your antivirus to be today’s version. Spend a couple bucks and get your antiphishing, antispyware and firewall protection.

Updated browsers: An old, outdated browser is a nightmare that is often riddled with holes for criminals to slither a bug through. Install the latest update ASAP, automatically or both.

Updated operating systems: Set your OS to automatically update, as manual updates are often forgotten and missed.

Disk encryption: Your device may come equipped with the ability to encrypt individual files, folders or the entire disk. There are many free third-party encryption programs that are excellent.

Backing up: You should have at least two local backups of all your data in case a device fails. I use external drives and GoodSync to keep it all backed up every hour. Also, invest in cloud-based storage that has encryption as well—all for under $100 annually.

Password management: It’s not OK to have one password for 30 accounts. You need 30 different passwords, and this can only be accomplished with a password manager.

Wireless WiFi protection: Having open WiFi so your neighbor can piggyback on your connection is a bad idea. Use WPA2 encryptions that are built into the router. Whenever using public free WiFi, use a virtual private network software such as Hotspot Shield VPN to encrypt all your data.

Mobile device security: Mobiles are small computers that store our data or have access to our cloud-based accounts. Mobiles need to be password protected and have antivirus protection, just like PCs do. Keep in mind that WiFi on a mobile is no different than on a laptop, so use a VPN on your mobile too.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Near field communications (NFC) is the exchange of information between two devices via wireless signal. For example, a wireless signal emitting from your cell phone can act as a credit card when making a purchase. In the case of a mobile wallet application, those devices would be a mobile phone and a point-of-sale device at a checkout counter.

And NFC does so much more on Androids. A program called Trigger, which is available in Google Play, allows you to create customized automation tasks for numerous everyday things we do.

Bored of putting your phone on silent every time you get into the office? Tired of turning off Bluetooth to conserve battery every time juice gets low? This app interacts with your surroundings to configure settings on your phone automatically. Combine triggers and actions to create tasks, then activate the tasks that you create with conditions that you set!

Here are examples of what you can do:

In your car: Use Bluetooth as a trigger to open GPS and launch your favorite music app.

On your nightstand: Program an NFC tag to set your ringer to vibrate, dim your display and set an alarm.

In your home: Configure mobile data to turn off when your phone detects your own WiFi signal.

The current triggers are as follows:

• NFC
• Bluetooth
• WiFi
• Battery level
• Location
• Time triggers

And here are a few examples of the actions that you can perform:

• Change WiFi, Bluetooth, mobile hotspot, airplane mode, auto-sync, GPS (root users) and mobile data settings.
• Change your volume or notification tones.
• Change your display brightness, timeout, auto-rotation or notification light settings.
• Check in on social media like Foursquare or Google Places.
• Send messages using Twitter, SMS, email or Glympse.
• Start or stop applications (root required for stopping applications), dock modes, open URLs, speak text or navigate to an address.
• Set alarms or create calendar events.

There’s even more, but suffice to say this app allows you to easily program your device to do the actions you manually do regularly.

So go ahead and create your own combinations to automate your life. The only limit is what you can come up with!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

WiFi connects us everywhere, such as in parks, subways, airplanes, coffee shops and public WiFi hotspots. The WiFi Alliance says there are more than a million hotspots worldwide, and a report by market research company Informa Telecoms and Media (Informa.com) reports that Wifi hotspot numbers are set to grow to 5.8 million globally in the next four years.

While all this wonderful WiFi is everywhere, there are issues with seamless connectivity and security that can be alleviated with cooperation from the larger ISPs and device manufacturers. Right now, public WiFi is wide open and vulnerable to wireless sniffers. Without a virtual private network like Hotspot Shield VPN, the data on your wireless devices are vulnerable to criminals.

According to the Wi-Fi Alliance, Wi-Fi CERTIFIED Passpoint™ will transform the way users connect to WiFi hotspot networks by making the process of finding and getting access to the right network seamless. It also provides user connections with WPA2™ security protection, enabling you to feel confident that your data is safe. Mobile devices that are certified for Passpoint, such as handsets and tablets, can still be used in existing hotspots. However, when you are in a Passpoint-enabled hotspot, you’ll discover a newly smooth connectivity experience.

An added benefit to seamless WiFi means less data usage on a carrier’s 3/4G network. With carriers pretty much nixing unlimited data use, consumers are finding they have to upgrade their data plans so they don’t go over their limit. With Passpoint, data usage will go down when WiFi connections happen effortlessly.

This is all great news for millions of people now using their wireless digital devices exclusively. But always keep in mind that no matter what you are using—a laptop, tablet, reader or mobile phone—wireless is inherently insecure and until Passpoint becomes as ubiquitous, a VPN such as Hotspot Shield VPN is as an essential layer of defense for your wireless devices.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

When it comes to making us fall for their scams, cybercriminals have a number of tricks up their sleeves. One of these tricks is to scare us into thinking that our computers or smartphones have become infected with malware to get us to purchase a fake application. The programs and unethical advertising practices hackers use to frighten users into purchasing rogue applications are called scareware.

In a typical scareware scam, you might see an alarming popup message while browsing the Web that says “Warning: Your computer is infected!” or “You have a virus!” You would typically see these messages if you accidentally clicked on a dangerous banner ad or link, or by visited a compromised website. The cybercriminals are hoping that you click on the link in the popup message to “run a free scan” and then purchase their phony antivirus software to get rid of the nonexistent problems.

Since these scams are based on fear mongering, you could see repeated popup warnings until you finally agree to download the rogue software that they say will fix the issue. But, instead of real antivirus software, you wind up downloading a malicious program. These programs can even disable the legitimate security software on your device, which can make scareware very difficult to remove.

These scams are one of the most persistent threats on the Internet today. They play on our fear of losing data, time, and money and leverage the urgency of popup messages and repeated warnings to get us to act.

Here’s some tips to protect you and your loved ones from scareware:

Only purchase security software from a reputable company via their official website or in a retail store, and keep your security software up-to-date.

Never click on a link in a popup—simply close the message by clicking on “X” in the upper corner and navigate away from the site that generated it.

If you are concerned that your device may be infected, run a scan using the security software you have installed on your device.

If you don’t already have security protection on all your devices, then try out McAfee LiveSafe™ service, which protects all your PCs Macs, tablets, and smartphones from online threats as well as safeguarding your data and identity.

Don’t let the bad guys scare you into taking actions that could do you and your devices harm. Stay safe online.

Robert Siciliano is an Online Security Expert to McAfee.