How To Protect Your Mobile Devices From Malware

Using cell phoneMobile malware is on the rise, but few people maintain the same precautions on their tablets and phones that they do on their computers. Here’s what you need to do to stay protected.

Mobile devices need antivirus software just like any other computer, but watch for malware masquerading as antivirus. In general the same security rules we use for computers also apply to phones and tablets:

  • Use the latest version of your device’s software
  • Install all software updates
  • Back up your data
  • Install only well-known apps from known developers
  • Be wary of malware disguised as legitimate apps
  • When in doubt, don’t click

It’s a good idea to configure a passcode for your mobile device. You should also enable any “Find My Device” features your phone or tablet may have. You can configure most devices to erase any data after a certain number of incorrect login attempts, which will keep your information safe should your device become lost or stolen.

Remember that some threats are universal. A fake website that attempts to harvest your username and password can affect you whether you are viewing it on Windows, Mac, or any mobile device. You also need to use strong, secure passwords that are unique for every site, and enable two-factor authentication where possible.

Here are links to antivirus for mobile devices and more.

iOS Antivirus (iPad / iPhone)

iOS Security Tips (iPad / iPhone)

Android Antivirus

Android Security Tips

Tech Tips Articles

How To Create Strong Passwords (2016 Edition)

How To Configure Security Settings For Windows, Mac, iOS, and Android

How To Back Up Your Computer (For Windows And Mac)

backuprestoreWhen was the last time you backed up your computer? If you have automatic backups set, do you check them on a regular basis? Have you ever tested your backups by trying to restore some of your files?

It’s not enough to set your backups and forget them. You would not believe the number of times I’ve encountered backups that were “definitely” good, only to discover they were blank or missing or had never run in the first place. Don’t wait for an emergency to find out your backups don’t work!

I recommend that you make extra backup copies to keep in a secure offsite location. If you use a cloud-based backup, you should also keep a current local copy of your data in case of emergencies. The following resources will help you configure and maintain your backups.

Get computer help straight to your inbox! Sign up to receive Tech Tips by email, and follow Tech Tips on Facebook for more tech support advice for Windows and Mac.

What You Need To Know About Windows 10

win10Many people have asked me about Windows 10. They want to know if they should upgrade, and how they can reconfigure the settings to avoid Win10’s notorious privacy issues.

Windows 10’s default security settings are not conducive to consumer privacy, to put it mildly. (Microsoft isn’t alone in this; it’s become an increasing problem with modern operating systems.) You should research Win10 thoroughly before you upgrade and make your privacy configuration changes as soon as possible after installation. And, of course, always use good antivirus software and strong unique passwords, keep your software updated, and follow basic Internet security guidelines.

Unfortunately, as I have discussed before, Microsoft is forcing Windows 10 onto unsuspecting Win7 and Win8 users via Windows Update. Do NOT turn off Windows Update to solve this! Set it to notify but not download or install without your permission (instructions for Win7, instructions for Win8.1). Then make sure you install the rest of your security updates manually until you are ready to upgrade to Win10.

I have real problems with Microsoft’s aggressive auto-upgrading to Win10. It goes against longstanding IT procedures to do, not to mention alienating your customers. Believe me, after 25 years of tech support I can tell you that one thing users do NOT like is an unexpected system upgrade. It’s easier for technology companies to ignore security in favor of pushing out products, but the customer is the one who pays the price.

Here’s more information on Windows 10’s privacy problems.

Here’s some info on Microsoft’s aggressive auto-upgrading to Win10.

Don’t forget to sign up to receive Tech Tips by email and get the latest computer news straight to your inbox. You can also follow Tech Tips on Facebook for more computer help for Windows and Mac.

How To Create Strong Passwords (2016 Edition)

Computer SecurityTime once again for my updated guidelines on creating passwords. The short version: use passphrases that are at least 12 characters long and different on every site, plus two-factor authentication where possible. And for pity’s sake, stop using weak passwords!

Many people say to me, “I don’t need a secure password. I don’t have anything sensitive on my computer, so I don’t care if a hacker gets in.” You, my friends, are a hacker’s dream. Because it’s not necessarily your personal information they want, although they’ll happily steal your credit card info if they can. No, what they really want is control of your computer, your email address, your Facebook page… anything and everything that will let them do their dirty work from behind a smokescreen.

Strong passwords must be:

  • Not in use on any other system
    This is perhaps the biggest no-no in the password rulebook. When hackers nab passwords, they try the same account/password combinations on popular sites like Google, Facebook, Twitter. If you’re using the same password you just let them in. Do not ever, ever, ever use the same password anywhere. Before you despair, keep reading. There are tools to make it easier.
  • Changed regularly
    Yes, you have to change your passwords. And yes, they still have to be different everywhere. In fact this is one of the best things you can do to secure your passwords. Use a password management tool if you need help keeping track of everything (see below).
  • 12 characters or longer
    Think passphrase rather than password. The longer and more complex a password is, the less likely it can be cracked.
  • A mix of upper- and lowercase letters, numbers, and symbols
    Some systems won’t allow you to use a range of characters in your password, in which case I suggest you reconsider using that site. Do you really trust someone who isn’t going to allow you to secure your account properly? Makes you wonder how secure everything else on the site is.
  • Not common words or proper nouns found in a dictionary
    Here’s a list of the 25 worst passwords of 2015. If your passwords sound like these, change them now.
  • Not the names of your spouse, kids, pets, or other personally identifying information
    Don’t create passwords out of information that can be gleaned about you, and don’t share information that can be used to guess security questions. For example, if you have pictures of your dog Fido on Facebook, and you also answer your bank’s security question “What’s your dog’s name?” with “Fido,” guess what? You have just given a hacker potential access to your bank account.

Examples of good and bad passwords

Good passwords (but don’t use these!)

AP@ssw0rdIJustMADE!UP!4U
Here’sAnOtHeR1FOR$You

Bad passwords

password
password1
password!
123456
<blank>
mypassword
spouse’s name
pet’s name

Password Don’ts…

  • Don’t rotate between the same two or three passwords. It’s just as bad as using the same password everywhere.
  • Don’t send passwords via sites like email, Facebook, Twitter. Use another means like text message, which goes directly to the recipient. Or even better, a phone call.
  • Don’t stick passwords on Post-It notes. Whether it’s under the keyboard or on a bulletin board, it’s exposed. Be like Gandalf: Keep it secret, keep it safe.
  • Don’t share passwords and accounts. This is especially prevalent in small businesses. Don’t create one account then share the password; create multiple accounts for each person who needs access. More time consuming? Sure. More secure? You bet.

Tools to manage your secure passwords

With a password management tool such as 1PasswordLastPass, or KeePass, all you have to remember is one master password and the software takes care of the rest. You can use the same password management tool on your computer and on your mobile devices.

But there’s a catch. Unfortunately any company can be breached by hackers and password management firms are no exception, as was demonstrated by a recent LastPass breach. In other words, passwords stored in management tools can be swept up in data breaches just like any other kind of data.

The good news is that most password managers encrypt your data, so even if hackers get hold of it, they will hopefully be hard-pressed to recover your actual passwords. That being said, you need to safeguard your master password with more vigilance than any other password you use. Please do NOT re-use your master password anywhere else! And be sure to keep another copy of your passwords somewhere safe in case you lose access to your password management tool.

Two-factor authentication

Two-factor authentication (2FA) uses a password plus another unique identifier, like a passcode messaged to your phone. This is much safer than a password alone because the second identifier is constantly changing, making it much harder to break into an account. If a site offers 2FA, you should consider using it.

However, 2FA does not make a weak password safe. Your best bet is 2FA plus an excellent password. As with a password manager’s master password, you need to make absolutely sure you have copies of your 2FA backup codes, because that’s what’s going to get you into your account if you have trouble.

Password harvesting scams

Password harvesters are everywhere. For example, you might get a spam email saying you need to update your account. This message contains links to a page that looks like the real login, but it’s really just a fake designed to steal your credentials. Similarly, password-harvesting scams can be distributed via Facebook, Twitter, and other social media sites. When in doubt, type the address for the site into your Web browser manually rather than clicking on a link.

Why not take this opportunity to change your passwords? It’s the best thing you can do to protect yourself against identity theft and cybercrime.

[Originally posted in 2010 as How To Create Secure Passwords. This version has been updated with the latest advice on secure passwords.]

Security Basics For Mac Users

appleIf you’re not protecting your Mac from Internet threats, your computer can easily be overcome by viruses and malware. But running antivirus isn’t enough. Mac users also need to be just as aware of scams, fake apps, and other Internet dangers as their Windows counterparts. Here are some resources to get you started.

If you’d like to know more about Mac security, stay tuned to Tech Tips via Facebook, Twitter, and RSS, or subscribe by email.

Mac Antivirus Programs

Mac Security Help

Tech Tips – Recommended Advice For Mac Users

A Parent’s Guide To Protecting Your Kids Online

kidsIt’s hard to protect kids online, because parents and educators often have a hard time finding resources that can help them understand the latest risks and recommendations. I’ve gathered a variety of information in one place so you can learn about antivirus, parental controls, and protecting your kids while using mobile devices and video games.

Kids’ computers are among the most vulnerable to security threats. That’s not to say your kids are doing anything wrong. On the contrary, they’re the victims. Not only do virus-writers like to booby-trap kids with malicious web sites, they also like to infiltrate legitimate ones. Kids are also at much at risk of identity theft as any Internet user. More so, because cyberbullying has become such a deadly and devastating menace.

These are resources every parent needs to know about how computer viruses and Internet threats work. If you have questions, please feel free to comment. You can also subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Antivirus And Security

Mobile Devices

Video Games

Cyberbullying And Harassment

 

Six Things Every PC User Needs To Know About Windows 8.1

Windows81The new Windows 8.1 affects you, even if you’re still using previous versions of Windows. Here’s what you need to know about the upgrade.

First Rule of Windows 8.1: There Is No Start Menu
Microsoft’s been shouting it from the rooftops: “The Start button’s back! The Start button’s back!” Except that doesn’t mean what you think it means.

What Windows 8.1 does is stick a Start button in the lower left corner, which brings up the new Start screen – not to be confused with the old Start menu you’re probably looking for. Dizzy yet? To make matters worse, not all applications will support the returned Start button, meaning it’s less of a fix than a kludge. A Start button that isn’t always present is as confusing as a Start button that’s missing entirely, if not more so.

Second Rule Of Windows 8.1: The New Look Is Here To Stay
Regardless of what they’ve done with the Start buttonmenuscreen, the Windows 8 interface (which I would call “Metro” except Microsoft says we’re not supposed to call it that anymore) is the future of Windows. So don’t expect Windows 8.1, or any other update, to restore your computer to yesteryear. The new look and feel is here to stay, and it’s time to get used to it if you intend to stay in the Microsoft world.

Third Rule Of Windows 8.1: Say Goodbye To Your Keyboard And Mouse
Windows 8 is made for tablets. In fact, many of us are still trying to figure out why Microsoft thinks a tablet interface is a good idea in a PC environment. If you don’t have a touch interface, it’s klunky to use – in other words if you’re one of the 99.99999% who still have a keyboard and mouse, which is SO 2012, PEOPLE.

Fourth Rule Of Windows 8.1: You Need It, Unless You Like Viruses
If history is any indication, expect Windows 8.1 to become the only acceptable version of Windows as far as being able to fix problems or install updates. Doesn’t matter if you want it or not, eventually you’ll have to install it or your computer is guaranteed to become a writhing infestation of identity-stealing viruses and malware.

This means you, Windows XP people – you need to upgrade. Now. I don’t care if you go Win7 or Win8, either is better than what you’re using now. Don’t wait until your computer is unusable, your financial data stolen, your accounts hacked, and your personal information spread across the Internet.

Fifth Rule Of Windows 8.1: It’s Not That Bad And In Some Ways Good
If it weren’t for the klunky interface and the lack of training for the average consumer (you know, the people for whom it’s purportedly designed), I would like Windows 8.

It’s fast. It’s powerful. It doesn’t take up a ton of memory (looking at YOU, WinME), doesn’t throttle your processor (Windows Vista), doesn’t cause incompatibilities with every single piece of hardware you own (Windows 95).

So, yes, it’s a technically superior operating system. So was OS/2 Warp, only it wasn’t widely used because it was hamstrung by a lack of apps and a failure to educate people on how to use it. Ironic that Microsoft may be following the same road to ruin decades later.

Sixth Rule Of Windows 8.1: You’re On Your Own Learning It (But I’ll Help!)
Microsoft has information online, but you have to hunt for it – using an unfamiliar touch-swipe interface, unless you happen to have another device handy, and doesn’t that eliminate the point? It’s no wonder many businesses have decided to hold off on upgrading. I don’t know why Microsoft has such blinders on when it comes to understanding that your average, everyday person needs to be able to use this without spending the entire morning trying to figure out how to accomplish a task.

To that end, here are some resources to get you started with Windows 8:

And don’t forget to follow Tech Tips for the latest on Windows 8, Mac, and more:

Once again we come to the age-old dilemma: Do you put up with the new features for the sake of security? If I were you, I would either a) get on Windows 7 ASAP, b) get on Windows 8 ASAP, or c) pick another platform (Mac? tablet? phablet?) because the Windows 8 train has left the station and anybody who didn’t jump on board is going to get run over eventually by viruses, malware, and other Internet scum.

What do you think about Windows 8? Love it? Hate it? Cowering in a corner hugging your Timex-Sinclair and dreaming of punchcards? Share in the comments!

 

How To Backup And Restore Files On Your PC Or Mac

backuprestoreEveryone knows you’re supposed to make backups, but choosing a method can be confusing. Here’s a rundown of your choices for Windows and Mac.

Built-In Backups
All modern computers come with utilities which you can use to back up to an external hard drive. The hard drives themselves often come with user-friendly utilities as well.

Third-Party Backups
If you don’t like the built-in options you can choose a third party backup – but watch out for lookalike viruses that pretend to be backup or “computer cleaner” programs. Your best bet is a solution from a reliable software vendor.

Cloud-Based Backups
Cloud backups are convenient because all you have to do is let the utility lurk in the background. Your backups are always current because the software is always running, always backing up changed files.

The danger with cloud backups is that you don’t know who has access to them behind the scenes, or whether the backups will remain available to you if the service goes down or bankrupt. If you’re going to store backups on the Internet, make sure you keep a copy on a local hard drive.

Encrypting Backups
The best way to secure your data when using cloud backups is to encrypt it. Mac users, there’s an easy trick you can pull with Disk Utility: creating a protected disk image.

Windows users, you’ll have to find a third party utility like TrueCrypt. But bear in mind, most encryption utilities were developed for tech professionals so they’re not always the most user-friendly. Also, any utility that works with files at a fundamental level runs the risk of damaging those files. Run your encryption on copies, not originals. I also recommend against encrypting your entire hard drive unless you really know what you’re doing.

Testing And Restoring Backups
Backups don’t do much good if you can’t restore the data on them. You should periodically run a test restore, to make sure you can before an emergency strikes. You should also maintain multiple backups in case one backup device fails.

Another way you can back up your files is with a drive imaging program that takes a snapshot of your entire disk. I’ll post about that in a separate article. Want a head’s up? Subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Image courtesy of Stuart Miles / FreeDigitalPhotos.net

 

Hands-On With The BlackBerry Z10

z10I recently spent some quality time with the new BlackBerry Z10. The Z10 is a lightweight, keyboardless smart phone… wait, a keyboardless BlackBerry? How does that work? Let’s find out.

The Z10 has a 1.5GHz dual-core Qualcomm processor with 2GB of RAM and a 4.2-inch 1,280-by-768 LCD display at 356 pixels per inch. It’s sized about the same as an iPhone, 5.1 by 2.6 by .35 inches, weighing 4.8 ounces.

Related article: Review: Will the new Z10 save BlackBerry? by Triona Guidry (The Northwest Herald)

The Unboxing

First, we have to install the battery. Fortunately the Z10’s case is a snap to open, no finger-mashing required. Once that’s done the unit launches into a setup wizard that talks you through a brief configuration process. It also gives you the basics of the Z10’s swipes and gestures.

I like to evaluate new products from the perspective of a brand-new user. How do you figure out how it works? What resources are available to help? In the case of the Z10, the learning curve is short and sweet. Swipe to the Hub for notifications, swipe to your apps to launch them. The Z10 reminds you with helpful glowing arrows if, for example, you forget you have to swipe from the bottom up to unlock your phone.

The Z10’s Software Keyboard

Instead of physical keyboard, the Z10 comes with a software keyboard which is responsive enough that you might forget it’s not physical. Predictive completion learns as you type, so your phone quickly becomes customized to your preferences. In other words, it’s still a BlackBerry even with a software keyboard. Weird but true.

BlackBerry 10

The Z10 runs BlackBerry’s signature BlackBerry 10 software, which has received rare accolades from the tech industry. It’s not hard to see why. BB10 is sleek and intuitive, giving you a no-frills environment that lets you get the job done with minimal interference. However, that easy of use comes at the cost of customization. This isn’t Android; you can’t just arrange your icons any old way you like. But die-hard BlackBerry fans will be pleased.

Features, Functions, And Apps

Unfortunately you’re not going to find as many apps for BlackBerry as for iOS and Android. BlackBerry’s app store simply hasn’t been around long enough yet, so you might find yourself waiting (and wondering) if your favorite apps will be released for it.

The Z10’s Help section rocks. It’s well-organized and helps you find everything you need to know, which is vital considering that this phone is brand new to the market. I especially liked the prominent Passwords & Security section which can help you protect your phone.

Related article: Tools To Protect Your Smart Phone From Malware

Conclusions

The Z10 is a decent entry into the smart phone arena, but BlackBerry has a steep climb ahead as it struggles to catch up to its competitors.

What do you think? Can BlackBerry woo its CrackBerry addicts back into the fold or has the company lost too much momentum? Share in the comments, and don’t forget to  subscribe to Tech Tips by email and follow on Facebook. You can also follow @trionaguidry on Twitter.

Cyber Attacks Spell Trouble For Consumers

padlock-phoneDo you know what to do if your account is swept up in a cyber attack? In the last year many popular sites, including LinkedIn, Twitter, and Evernote, have been attacked and consumer information stolen. What can you do to protect yourself?

As I said in my tech column in this month’s The Northwest Herald:

Cybercriminals attack big companies for the big prize: user account information. With email addresses and passwords in hand, they go on an account-cracking spree across the Internet, hoping that some of the users in their massive heist are using the same weak passwords on multiple sites. Itʼs likely some of your accounts have already been swept up in data breaches like this.

There are a number of things you can do to reduce the possibility of being hacked. Here are my recommendations plus related Tech Tips articles to help you with each step.

If your account has been hacked, you need to reset it. Here is information on account security and resetting hijacked accounts for some of the major sites:

And here is information on the recent breaches I mentioned:

For the latest news on data breaches (something a little more reliable than mass media articles), try these IT security sites.

Do you have questions about cyber attacks and hijacked accounts? Ask in the comments!

Image courtesy of Stuart Miles / FreeDigitalPhotos.net