The day after you get your shiny new mobile or tablet, chances are you’ll take it right to work and request the IT department to set it up with your work email and allow access to the company network. “Bring your own device” (BYOD) has become widely adopted to refer to workers bringing their personal mobile devices, such as smartphones, tablets and PDAs, into the workplace for use and connectivity.

Many of us need a mobile device for work and personal use and don’t want to carry two separate devices, but this can cause security challenges for the company. If you lose your mobile device while on vacation, let your kid download an app which infects your phone and starts spamming your address book, or someone accesses your company email while you’re using a public Wi-Fi connection, this can have big implications for your company in terms of a data breach, loss of intellectual property, public embarrassment and annoyance.

That’s why mobile security should be a priority for both you and your employer. As an increasing number of companies agree to this, they are also requiring you to agree to their terms as well. So you should expect to have to comply with some things like:

You may required to download and install a security and monitoring app that can’t be removed. This app may have a certificate authenticating you and the device to connect to the company network and run company programs.

The installed app will likely provide your company with the ability to remotely control your mobile at some level. I wouldn’t be concerned about this unless of course you’re not abiding by the agreement you signed.

At a minimum, expect the application to have the ability to locate your mobile via the phone’s GPS if it’s lost or stolen, as well as an autolock functionality requiring you to lock your phone locally after 1-5 minutes of downtime. Also, your employer will likely be able to wipe your mobile of any and all data..

Because your employer is liable for potentially lost data, if you BYOD, plan on giving up some liberties.

Robert Siciliano is an Online Security Evangelist to McAfee. 

Location-based services utilize geo-location information tied to your phones GPS and in some cases your carriers connection and even WiFi

Geo-location or geo-tagging can be used on PCs, but is primarily applicable to mobile phones. The geo-location software usually obtains its data from your device’s Internet protocol (IP) address or your global positioning System (GPS) longitude and latitude. Many of today’s social networking sites are now incorporating location-based services that allow users to broadcast their locations via smartphone.

This technology can be useful to predators, thieves, and other criminals, since it makes it so simple to determine where you are, and where you are not.

The BBC reports in Australia masked men, armed with a knife and a club, struck the home of a 17-year-old girl’s mother hours after a teenager posted a photo on Facebook of a large sum of cash. It is not clear how the robbers found the family address. The Facebook image was at the grandmother’s Sydney house.

Someone who is paying unwanted attention to you can see your exact address each time you post a geo-tagged photo and check in.

Thieves use geo-location to determine whether you are home or not, and then use that data to plan a burglary.

To prevent home burglary and protect yourself from broadcasting your location, you should:

Turn off your location services on your mobile phone or only leave it enabled for applications like maps. Most geo-location services are turned on by default.

Be careful on what images and information you are sharing on social networks and when. For example, it’s best to wait until you are home to upload those vacation photos.

Make sure you check your privacy settings on your social networking sites that you’re sharing information on to make sure you are only sharing information with your friends and not everyone.

Robert Siciliano personal and home security specialist to Home Security Source discussingADT Pulse on Fox News. 

The web and especially the mobile web can be a minefield of malicious links luring you to click, so bad guys can infect your device. Search engines do their best to filter these sites out but nefarious criminals have found ways to get their scammy pages to the top of search through a process called “Blackhat search engine optimization.”

Criminals create fake websites and then use the same techniques as legitimate online businesses regarding search engine optimization, marketing, and online advertising. They use keywords to boost rankings on Internet search engines, causing their spoofed websites to appear alongside legitimate websites.

It is also much harder to tell if a URL is legitimate since due to the limited screen space, mobile browsers often truncate web addresses. Also, if you’re clicking on a link to a site from an email you received, it’s hard to see the full email sender’s email address making it hard for you to know if it’s coming from a fake person or company.

That’s why going it alone in search isn’t a good idea. Just like it is essential to have antivirus, antispyware, antiphishing and a firewall on your PC, it is equally essential to have protection on your mobile. McAfee Mobile Security provides comprehensive mobile security that includes antivirus, anti-theft, app protection, web protection and call and text filtering.

Web protection comes with McAfee Mobile Security and protects you from potential phishing sites, browser exploits, malicious links within text messages, email, social networking sites, and QR codes. WithMcAfee blocking risky links at the places you visit, you now can click, search and surf worry free. These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats. ―

To help yourself stay protected you should:

Always double-check the web address of a site when doing a search on your mobile phone

Never click on a link in an unsolicited email or text message

If you land on a site that contains poor grammar, misspellings, and low-resolution pictures be
very suspicious

Rather than doing a search for your bank’s website, type in the correct address to avoid running
into any phony sites, or use your bank’s official app

Monitor your monthly bills to make sure there are no suspicious charges

Of course, just using common sense and taking the time to closely check the links and messages you receive will go a long way in increasing your mobile security. Remember, if something doesn’t feel right proceed with caution.

Robert Siciliano is an Online Security Evangelist to McAfee. 

To understand why EMV credit cards—or “chip and PIN” cards—are safer, first we must understand standard magnetic stripe cards. The familiar magnetic stripe, which can be seen on all credit cards carried in the United States, has been around for more than four decades.

The security technology behind the magnetic stripe has been compromised, since the availability of card reading and writing tools makes it easy to decipher the data stored on the magnetic stripe. Criminals use these tools to create skimming devices and other hacking methods.

EMV, on the other hand, is a relatively new technology with plenty of built-in encryption. According to the Smartcard Alliance, “[EMV] transactions require an authentic card validated either online by the issuer using a dynamic cryptogram or offline with the terminal using Static Data Authentication (SDA), Dynamic Data Authentication (DDA) or Combined DDA with application cryptogram generation (CDA). EMV transactions also create unique transaction data, so that any captured data cannot be used to execute new transactions.”

In simple terms, the data is thoroughly scrambled.

The cardholder verification process is another factor enhancing EMV card security, by ensuring that the person attempting to make the transaction is, in fact, the legal cardholder. EMV supports four cardholder verification methods: offline PIN, online PIN, signature, or no cardholder verification. With a regular magstripe credit card, the only possible verification option is to check the ID of the person presenting the card, which cashiers only sometimes do, and may even create a false sense of security. The primary verification method for online purchases is to request the CVV or credit verification value, which is visibly printed right on the card itself.

So get ready, because “chip and PIN” is coming, and it’s more secure than the cards in your wallet, not to mention the most ubiquitous card outside the United States.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. 

Device reputation authority iovation published a report revealing that the number of fraudulent transactions originating from Europe has risen dramatically over the past two years. From April 2011 to April 2012, iovation prevented approximately 15 million fraudulent online transactions in Europe. That’s an increase of 60% over the previous year. The rate of European fraud attempts jumped from 1.3% of total transactions in the first quarter of 2011 to 2.1% in the first quarter of 2012, and has risen steadily throughout the past two years.

iovation stops fraud attempts with their ReputationManager 360 solution, which has the unique ability to determine which online transactions are less trustworthy via patented reputation capabilities. By examining the established reputation of mobile phones, tablets, and computers, and uncovering other device relationships, iovation helps businesses find out ahead of time which online transactions are safe and trustworthy.

Consumers should really be checking their credit card statements monthly, at a minimum. Checking online statements once a week is preferred and setting up alerts such as, “Send me a text or email every time a charge over $100 takes place on my credit card” doesn’t hurt either.

While cybercriminals are everywhere, the countries within Europe where iovation has seen more “denied transactions” as compared to all of the transactions from a particular country include Romania, Lithuania and Croatia. The type of fraud being uncovered includes eCommerce fraud such as the use of stolen credentials or card-not-present (CNP) fraud, financial fraud and bonus abuse on gambling sites, and a plethora of online scams and solicitations being detected in social networks and dating sites.

Scammers who spend their days targeting consumers in the developed world are often blocked by businesses that are using layered fraud prevention technologies. iovation’s real-time device reputation technology detects computers and other Internet-enabled devices that have been involved with financial fraud and other abuses and lets businesses know when those devices are interacting with their websites.

iovation’s network of associations among 950 million devices provides businesses with the ability to know when devices are related to one another, so they can quickly and efficiently shut down sophisticated fraud rings and fraudulent accounts.

Robert Siciliano, personal security and identity theft expert contributor to iovation, discusses identity theft for the National Speakers Association.

One of the best and worst parts of traveling overseas is being immersed in a different language. My wife and I once got lost in Naples, Italy. When we pulled over and asked a stranger for directions, he answered in rapid Italian, which we don’t speak. We had no idea what he was saying, but were mesmerized just watching him talk. After two minutes he stopped, so we said “Grazie!” and kept moving. Now imagine if you had to deal with credit card fraud in a foreign country, and couldn’t find any English-speakers to assist you.

Fortunately, you only have to deal with your own credit card company, rather than any overseas officials. Victims of fraudulent credit card charges only wind up paying the unauthorized charges if they fail to detect and report the credit card fraud within 60 days. A 60-day window covers two billing cycles, which should be enough for most account-conscious consumers who keep an eye on their spending. During that time, you are covered by a “zero liability policy,” which was invented by credit card companies to reduce fears of fraud no matter where in the world you travel. Under this policy, the cardholder may be responsible for up to $50 in charges, but most banks extend the coverage to include charges under $50.

You can effectively stop fraud in its tracks by checking your statements online every day. If you only check every week or month, you will have to dispute that many more charges if and when your account is eventually compromised. If you fail to recognize and dispute unauthorized transactions on your credit card statements, you take responsibility for the fraudulent charges.

So, to prevent credit card scams, take the time to watch your statements. This extra layer of protection requires special attention. If you check your email daily, you ought to be able to check your credit card statements daily, too, right? Once a week is sufficient, and even once every two weeks is acceptable. Just be sure to refute any unauthorized withdrawals or transactions within the time limit stipulated by your bank. For most credit cards, it’s 60 days, and for debit cards the limit can be 30 days or less.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto.