From the Global Information Security Team

EDUCATE. MITIGATE. SECURE.

Early March 2017

Here's why you should remove your birthday from Facebook.

It's one of five ways to protect your privacy that we'll cover in our quiz. 

Click to read.

Americans and Our Privacy

86%: rely on our memory for our passwords 

81%: suffered a personal data breach

41%: fraudulent credit card charges made

41%: shared passwords with someone

39%: use the same passwords over and over

16%: their personal email account hijacked

14%: someone apply for a loan in their name

6%: had fraudulent tax returns filed

— Pew Research 2017

How parents can teach kids about privacy (:52)

Click to listen.

What can parents do to make sure their kids are aware that privacy on the web is important?

 

Intel's Director of Privacy and Security, Bruce Snell, says success is all in your approach. 

Emails from scammers often include logos of familiar companies.
Sometimes, you can tell the email is a fake because the logo isn't quite right.

CloudPets, the popular stuffed animals that allow parents and kids to send audio messages to each other through the toy, has been hacked and over 500,000 audio files put online. Stop using this toy's audio capabilities. ... Because of a sophisticated hack, you should log in and change your passwords if you use Uber, Fitbit, Yelp, OK Cupid, Reddit, Medium or Glassdoor. ... Oscar-winner John Legend's Twitter account was hacked and vulgar messages were posted in his name. #1 way to avoid being hacked on social media: set up your account so you're notified by text if your password gets changed. 

One last thing...

In every attack of a cybercriminal, you and I are the targets. Waterholing is no different.  Waterholing is a term few know but it is becoming a popular tactic of cybercriminals since it is difficult to detect. Also known as a watering hole attack, the attacker first profiles its targets to determine the types of websites they frequent. The attacker then looks for vulnerabilities in the websites and injects malicious Javascript or HTML code that redirects the target to a separate site where the malware (malicious software) is hosted. This compromised website is now ready to infect the target with the injected malware whenever the target visits the site.

 

The name watering hole attack is inspired by predators in the natural world who lurk near watering holes, looking for opportunities to attack desired prey. Cybercriminals lurk around popular websites looking for opportunities to infect the websites with malware via sensational advertisements that will make the target vulnerable.

 

As we focus on Internet Privacy and Waterholing this month, keep in mind that it is a good practice to avoid entering personal information on websites or social networking sites. The goal always is to make it as difficult as possible for cybercriminals to obtain any information about you. Every bit they can piece together soon becomes a profile which they can then use to harm you.

 

Information Security is our shared responsibility to our shareholders, our customers, and to each other. You are the key to our success and we are here to support you.


We EDUCATE. So you can MITIGATE. Which helps keep us all SECURE.

SVP, Global Chief Information Security Officer, Nashira W. Layade

Original content and design © 2017 Aware Force LLC

 

Aware Force name and trademark © 2017 Aware Force LLC

Photo elements © 2017 — stock.adobe.com