iPhones, Androids and other smartphones are much more than just a way to call our friends and family and store their phone numbers. Today’s smartphones have become our most personal computer and contain much more than pictures and contacts. They now allow us to access financial data, bank accounts, and medical information from anywhere at any time. And for many people, their mobile device has or is replacing their PC.

With all this convenience and access, comes some risk. Criminal hackers see this as an opportunity for them to access your information and make money. And so as the number of mobile devices has grown, McAfee has seen the amount of mobile malware grow.

The Android platform remains the largest target for both mobile malware and spyware. In fact, we see very few mobile threats that are not directed at Android phones. After a slight decline earlier in the year, Android malware has rebounded and almost doubled this quarter with over 20,000 samples.

The infographic below illustrates some of the ways that cybercriminals use to “infiltrate” your mobile device.

What most of these attacks have in common is that they allow a cybercriminal to take over your mobile device in some way. This is why it is critical to protect your mobile device.

Only buy apps from a well-known reputable app store, such as Google Play

Keep your operating system software updated

Be selective about websites you visit

Avoid clicking links in text messages or emails, especially if they are from people you don’t know

Stay educated on the latest tricks, cons and scams

Use comprehensive mobile security, like McAfee Mobile Security that includes antivirus, anti-theft, and web and app protection or comprehensive device protection like McAfee All Access that protects all your devices including your mobile devices

Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked!  (Disclosures)

The 2012 Global Card Fraud Survey by ACI Worldwide represents the insights and opinions of more than 5200 card holders from 17 countries and focuses exclusively on the impact to the card holder and their state of mind. Residents of Mexico and the United States reported the highest rate of card fraud experience. Some of the survey’s other key findings include:

• Financial Institutions are running the risk of losing customers due to fraud, either directly, or through a decreased use of their cards.
• Consumers report they fear identity theft most and would like to be notified immediately by banks of any potential fraud. They would like to be kept informed of the progress of any fraud disputes.
• While fearing identity theft consumers are also demonstrating continued risky behaviors such as writing down personal identification numbers (PIN), failing to destroy personal documents and sharing credit card data on electronic devices lacking security software.
• Consumers also shared their thoughts regarding what types of transactions they trust most and who they most trust in the event of fraud happening.

Financial Institutions have to comply with additional regulations including recommendation from the Federal Financial Institutions Examination Council (FFIEC). That includes sophisticated methods of identifying devices and knowing their reputation (past and current behavior and other devices they are associated with) the moment they touch the banking website.

Protect yourself from card fraud by paying attention to your statements every month and refute unauthorized charges immediately. I check my charges online once every two weeks. If I’m traveling extensively, especially out of the country, I let the credit card company know ahead of time, so they won’t shut down my card while I’m on the road.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! 

The driver’s license is a document with multiple uses. On the road, it gives its holder the right to drive certain vehicles. Very often, it also serves as an identity document, particularly in countries that do not have a national identity card program.

This is just one more reason why it has to be highly secure. Historically, it has often been not more than a paper-mounted document with little or no security.

Identity is a simple idea that has become a complex problem. It has become complex due to fraud that is  motivated by money, easy credit, and the ease of account takeover. Because identity has yet to be effectively established, anyone can be you.

We have as many as 200 forms of ID circulating from state to state, plus another 14,000 birth certificates and 49 versions of the Social Security card. We use “for profit” third party information brokers and the lowly vital statistics agency that works for each state to manage the data. All of these documents can be compromised by a good scanner and inkjet printer. This is not established identity. This is an antiquated treatment of identity and ID delivery systems.

The international ISO/IEC 18013 standard, which came into force in 2009, outlines the framework for migration towards a secure identity document. The standard stipulates the use of visual security elements comparable to those used on other identity cards and passports.

As with all other secure documents the standard proposes the addition of a chip (microprocessor) to extend the range of possibilities offered by the card. There are many benefits to using a smart card for driver’s licenses, security being the most important one.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked!. 

For more than a decade, we have been at risk of cyber war and cyber terror due to political disputes or hacktivists bent on disruption. Our information, financial systems and critical infrastructures are the main targets. In 2012, cyber security became part of our popular culture due to the elections.

The Obama administration made the most significant advances in 2 ways: moving the discussion forward in creating minimum cyber security standards for all those responsible for critical infrastructure and moving forward in creating trusted identities in cyberspace. The National Strategy for Trusted Identities in Cyberspace (NSTIC) envisions a cyber world – the Identity Ecosystem - that improves upon the passwords currently used to log-in online. It would include a vibrant marketplace that allows people to choose among multiple identity providers – both private and public – that would issue trusted credentials that prove identity.

And of course the Democrats and Republicans do not agree on next steps. The Republicans have stated Obama’s plans cost too much and are ineffective. Both candidates disagreed throughout the campaign.

ABC News reports ”The uncomfortable reality of our world today is that bits and bytes can be as threatening as bullets and bombs,” Gen. Martin Dempsey, the chairman of the Joint Chiefs of Staff, told lawmakers.

Now it is up to this administration to follow through and get citizens properly identified and to properly protect our critical infrastructure.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked!. 

In a war like event thousands of players avatars dropped dead for no apparent reason. Hackers, or players using some form of exploit hacked the game and something went wrong. World of WarCraft is a massive multiplayer online game (MMO)where people from all over the world can ply online.

In a forum post a Community Manager wrote “Earlier today, certain realms were affected by an in-game exploit, resulting in the deaths of player characters and non-player characters in some of the major cities. This exploit has already been hotfixed, so it should not be repeatable. It’s safe to continue playing and adventuring in major cities and elsewhere in Azeroth. As with any exploit, we are taking this disruptive action very seriously and conducting a thorough investigation. If you have information relating to this incident, please email This email address is being protected from spambots. You need JavaScript enabled to view it.. We apologize for the inconvenience some of you experienced as a result of this and appreciate your understanding.”

iovation’s ReputationManager 360 is a proven service that helps protect MMOs against chargebacks, virtual asset theft, gold farming, code hacking, and account takeovers. The service identifies devices being used to play and examines their history and reputation as they are interacting with the game – setting off alerts that could relate to velocity triggers, geolocation, device anomalies, past gold farming abuse, financial fraud, chat abuse, and more.

For years, leading game publishers have prevented game abuse and ensured a safe and fun experience for players with the help of iovation’s device reputation service. These publishers (along with iovation’s network of more than 2,000 fraud analysts from other online businesses) share information, trends, and best practices with iovation and with each other in order to stay one step ahead of cheaters and criminals.

Robert Siciliano, personal security and identity theft expert contributor to iovation. 

Almost all of us know someone who has lost or had their mobile device stolen. Thieves are becoming more sophisticated every day. They are after your personal information.

But what about losing your laptop computer?  Petty thieves used to steal a laptop for its quick resale value. But as laptop prices have come down and their computing power goes up, it is the data contained on them where the money is for a criminal.

With readily available IT tools, they can access your hard disk and extract all your personal information. The results can be much more serious than leaving your wallet or purse at the coffee shop. According to the FBI, a laptop is stolen every 53 seconds and 97% of stolen laptops never recovered, so it’s more important than ever for all of us to protect our digital assets.

McAfee is helping protect you with the new release of McAfee Anti-Theft, security software designed for Ultrabooks to protect your property and personal information. This latest product is a collaborative effort with Intel that leverages Intel Anti-Theft Technology to provide device and data protection for consumers in today’s connected world.

This smart security tool combines hardware with software to detect potential theft, help you track your lost or stolen Ultrabook, and lock it down remotely so your personal files stay that way. Once your PC is returned, getting back to normal is as easy as typing in your personal password. And with the provided Intel Anti-Theft stickers, thieves may think twice about stealing a laptop that’s so well protected.

McAfee Anti-Theft is available on Ultrabook devices. It’s just one more way McAfee helps you keep your personal information protected for a more worry-free digital life.

Robert Siciliano is an Online Security Evangelist to McAfee. 

Over the past 5 years a scam known as electronic funds transfers at the point of sale (EFTPOS ) skimming. People commonly swipe both credit and debit cards through the in-store machines to pay for goods and services and hackers have figured out how to skim customer cards.

In Australia, Fast-food, convenience and specialist clothing stores are bearing the brunt of the crime. McDonald’s is among the outlets whose EFTPOS machines have been targeted for card skimming.

Officials say the problem is so bad they urged people to change credit and debit card pin numbers weekly to avoid the possibility of having their account balances wiped out, as it was likely more cases would be identified.

In the United States a similar card skimming scam was pulled off at the Stop and Shop Supermarket chain.

The most recent large card data breach was from Barnes & Noble.   “Barnes & Noble has detected tampering with PIN pad devices used in 63 of its stores. Upon detecting evidence of tampering, which was limited to one compromised PIN pad in each of the affected stores, Barnes & Noble discontinued use of all PIN pads in its nearly 700 stores nationwide. The company also notified federal law enforcement authorities, and has been supporting a federal government investigation into the matter. Barnes & Noble has completed an internal investigation that involved the inspection and validation of every PIN pad in every store.  The tampering, which affected fewer than 1% of PIN pads in Barnes & Noble stores, was a sophisticated criminal effort to steal credit card information, debit card information, and debit card PIN numbers from customers who swiped their cards through PIN pads when they made purchases.  This situation involved only purchases in which a customer swiped a credit or debit card in a store using one of the compromised PIN pads.”

When the use of these stolen credit cards go online, iovation’s ReputationManager 360 helps banks and online merchants avoid fraud losses by detecting high-risk behavior and stopping cybercriminals in their tracks. iovation’s device identification and device reputation technology assesses risk on activities taking place at various points within an online site such as account creation, logging in, updating account information, attempting a purchase, or transferring funds. These checks can be customized and fine-tuned to suit the needs of a particular business, detecting fraudulent and risky behavior in order to identify and block cybercriminals for good.

Consumers must pay close attention to their statements and refute unauthorized charges within 60 days. I recommend going online at least weekly and looking closely at all your charges no matter how small they are.