Pirated Apps Target iPhones And The Children Who Use Them

Keeping children safe online can be a challenge. The apps kids download, or sideload (for free) from sites outside of the official app stores can unfortunately put them in danger. Hackers and other nefarious actors look to take advantage of children who are not aware of the personal information an app can request for download. Until now, Apple and its iPhones have managed to stay relatively safe by selling only Apple approved apps in their store. The latest news about pirated apps getting into the Apple Store has Apple and parents worried about the safety of those who might acquire these apps unknowingly, including children.

Reuters has recently found that software pirates hacked Apple technology and some of their favorite apps. Pokémon Go, Angry Birds, and Spotify are just a few of the pirated popular apps. Hackers gained access to Apple’s enterprise developer certificates and presented them as legitimate. The pirated apps are modified versions of the originals, with many of them being popular games geared toward children. These apps also steal revenue from Apple and other genuine app makers. Earlier last month, Apple temporarily banned Facebook Inc. and Alphabet Inc. from using bogus enterprise certificates that distributed data-gathering apps to consumers. Reuters reported that these certificates are gotten in the name of legitimate businesses, although it’s not clear on just how this happens. Apple is working to fix the pirated apps problem. Earlier this week, TechCrunch found that apps for pornography and gambling are also experiencing pirated app problems. Neither of those categories are sold in the Apple Store.

Parents and others responsible for the welfare of children need to be on alert when a child downloads an app. Children of all ages are growing victims of identity theft and other online horrors. Have a talk with kids about cybersecurity basics that keep their identities safe. Always be present when a child downloads an app, making sure it’s from the official app stores for the devices. Go over every step of installing the app, especially when it asks permission for personal data and let them know to never give full or administrator rights to any app, no matter what it is.

Not only could your child be in danger, the friends on their contact list could be as well. You may be surprised at the amount of information apps ask for; but don’t hesitate to say no to these requests. The Internet can be a scary place, so be on high alert for apps that ask to access your location–you don’t want anyone to know where you or your children are located whenever possible. While some may need it, such as for GPS functionality or other tracking, others don’t. Don’t be afraid to see what your children may be getting into online. The real fear is not knowing what they’re up to.

Stickley on Security
Published June 2, 2019

Tips for Securing Your Mobile Devices

Nearly all of us these days have some type of mobile device that is essentially a part of us. It is filled with all kinds of personal information, such as our contacts, our email conversations, and perhaps even our health information. Losing it, having it accessed without permission, or finding out it’s infested with malware can be a really scary moment. Fortunately, there are some things you can do to protect those devices and the information on them.

Keep Your Eye On Them – Of course, don’t let them out of your sight when in public places. If you are in a café, for example, and need to step away for a bit, use a locking tether and attach it to something so someone walking by cannot quickly grab it. However, it really is better to just take it with you, no matter how inconvenient that may be. And make sure all your devices are set to auto-lock after a certain amount of time without use. The lowest amount of time available is recommended.

Don’t Modify Them After Purchase – It’s tempting to “jailbreak” your devices to download apps that are not in the official app stores. But really, just don’t. That puts you at more risk. While there is no guarantee that malicious apps are not in those stores, the likelihood is significantly lower. So, stick to doing some research on the apps you want, read the reviews, and only use the official stores to get those products and you will have a lower chance of getting something nasty that steals your banking login credentials, puts ransomware on the device, or just renders it useless.

Protect With Passwords Or PINs – Always make sure your mobile devices are password or PIN protected. Ok, so biometrics including face recognition are becoming more common and can certainly be quicker and easier than putting in a passcode, but you should have that code enabled too. Research from the Pew Research Center showed that over 30% of those asked didn’t bother to set up a passcode on their smartphones. This just leaves those devices more vulnerable to being stolen and having the data wiped so the devices can be sold. In addition, it can be somewhat easy for a “Nosey Nellie” to intrude, should it be desired.

Stick To Secured Connections – Avoid using public Wi-Fi and Bluetooth, even if they are password protected. For someone “in the know,” it’s not difficult to intercept communication over public Wi-Fi networks. If you must do financial transactions, look at healthcare data, or perform other transactions that may involve sensitive data, use the cellular data connection on the device. It’s safer to just wait until you get to a location such as work or home to perform those tasks.

While you’re at it, shut off the Bluetooth if you don’t need it. Many of us probably don’t need to have it enabled all the time.

Secure It With Software – Most people are on top if it when it comes to installing security software on computers. However, they tend to get a little lax about mobile devices. These need to have this software too. Just make sure you do your due diligence to ensure its legitimate and the right choice for your device. And of course, stick to downloading it from the official app store.

Update – As always, keep your mobile devices updated with the latest patches and software updates. It’s easy to ignore the little red indicator, but there is a reason the developers release patches for security vulnerabilities. So make sure to get them applied as soon as possible after they are released. Keep in mind that when they are released is dependent upon the manufacturers of the devices, the operating systems, and often the cellular providers. Sometimes they may be released for the same operating system at different times depending on those providers. Just note the indicator and apply them when they do arrive.

Stickley on Security
Published June 12, 2019

Three Signs You Are Living Beyond Your Means

We all want to have enough money to cover necessary family costs while also being able to buy a few personal “wants” now and then.

For many of us, resisting discretionary purchases can be tough, especially when they seem smaller and less significant. However, if you’re struggling to keep up with your bills, it might be time to make a change to your spending habits.

Here are three signs that you are living beyond your budget, and some tips that may help.

1. You’re stuck in the paycheck-to-paycheck cycle
If payday arrives and your income seems to disappear instantly, it might be time to review your expenses. Start by reducing unnecessary costs such as premium cable subscriptions and daily coffee-shop runs. For loans and bills, find out if your lenders, creditors, and insurance providers will let you space out your due dates throughout the month. This will ease your cash flow.

2. You never complete important projects
You may have been promising to remodel the bathroom or replace the carpet in your home for years, but for some reason, you never get around to it. Even when you receive a bonus or a substantial income tax refund, the money goes towards something else.

Take control of your goals by breaking them into easy steps. Using the carpet example, whenever you receive income, buy a box of carpet tiles. Pretty soon, you’ll have enough to cover an entire room. And once you take the first step, it will become much easier to keep buying additional supplies.

3. You have a lot of stuff, but no money
If you enjoy the finer things but struggle to pay the water bill, it might be time to make some lifestyle adjustments—starting with selling things that you no longer use.

You don’t have to have a yard sale and give away that $300 purse for a quarter. There are plenty of websites where you can sell your gently used clothing and accessories to customers at a reasonable price.

Also, try shopping around at thrift stores. You never know what designer labels are hidden on those racks! You can also find great deals on electronics and toys.

It isn’t going to be an easy road, but learning how to manage your budget and live within your means is the best thing that you can do for yourself, your family, and your financial future.


Life Insurance: Which Type is Right for You?

Are you wondering if you should purchase life insurance?

If there is someone who is dependent on you for financial support, it is a beneficial thing to have. It can ensure that your loved ones are not struggling to pay the bills if you pass away. It can also help them replace the services that you provide. For example, if you are a stay-at-home parent, having life insurance can allow the other parent to pay for daycare.

There are many types of life insurance products available, so before you contact an insurance agent, make sure you have a basic knowledge of the options that are available.

Term Insurance
As the name implies, you buy term insurance for a specific period of time, usually between 1-30 years. If you die within that timeframe, your beneficiary will receive a preset amount of money – the death benefit. If you fail to pay your premiums, cancel the policy, or die after the term ends, neither you nor the beneficiary receive anything.

The major advantage of a term life insurance policy is that if you are young, you generally pay extremely low premiums for a substantial death benefit. However, as you get older, your premiums will increase when you renew or purchase a new policy.

Term insurance is usually the best option for someone who anticipates only needing insurance for a limited period of time (e.g., until the mortgage is paid off or the kids are grown). If you plan to have life insurance for the rest of your life, long term, cash-value insurance may provide a better deal.

If you have life insurance through your employer, it is probably a term policy. The death benefit for employer-provided life insurance policies is often equal to one year’s salary. Having insurance through work does not mean that it is not beneficial to purchase a policy on your own.

While a work policy may be enough to cover funeral costs, it is probably insufficient to cover outstanding debts or support dependent family members. Additionally, you may lose the policy when you leave your job.

Cash-Value Insurance
With a cash-value life insurance policy, part of your premium pays for the life insurance (which, like with term insurance, pays a death benefit if you die), and part of it goes into a savings plan. The insurance is permanent – you can keep it as long as you make the payments. If you decide to cancel the plan early, you get back what is in the savings plan.

The downside of cash-value insurance policies is that the premiums tend to be considerably more expensive than for term plans. Before you buy this type of insurance, think about if your situation justifies paying the extra cost.

There are three basic types of cash-value life insurance:

– Whole Life Insurance. Whole life insurance is the standard cash-value policy. The premiums are fixed for the duration of the policy, and the life insurance company chooses where to invest the funds in your savings plan.

– Universal Life Insurance. Universal life insurance offers payment flexibility. You choose what premium to pay and can increase or decrease your payments anytime. You can also change the death benefit amount. The payment is broken down into three components: the mortality charge for the death benefit, administrative costs, and the savings plan. If your payment is lower than the mortality charge and administrative costs, the shortage is subtracted from your savings plan. If there is not enough in the savings plan to cover it, your policy lapses.

– Variable Life Insurance. The main feature of a variable policy is that you, not the insurance company, choose where to invest the funds in your savings plan. There are two basic forms of variable life insurance – one with fixed premiums, called straight variable life, and the other with flexible premiums, called variable universal life. In either form, this type of policy is risky. If your investments perform well, the cash value portion of your savings does well. If they fail, your savings suffer.

Life insurance protects loved ones who depend on you for financial security and is a sound part of many long-term financial plans. However, as with all purchases, you want to make an informed choice. Most insurance agents make their living through commissions, so look for and resist high-pressure sales techniques.

Before purchasing a policy, check out how the company is rated by a rating agency, such as A.M. Best, Moody’s Investors Service, and Standard & Poor’s, to make sure the life insurance company will be around when you need them to be.


Report Finds Banking Malware On The Rise…Again

Well, if there is one thing we like, it’s consistency. Data collected by Kaspersky Lab has found some of that in a recent report. And what is that news? Though not exactly good news, corporate users are still targeted in roughly 25% of banking Trojan attacks, which has been reasonably the same figure for the past three years. Of course, there is more in this report that collected data from nearly 900,000 of Kaspersky Lab’s solutions during 2018.

Other information found is that banking Trojans are still among the most popular attack vectors and getting banking credentials from corporate users can yield a much higher payoff than “merely” from consumers.

Often, malware of all flavors gets into networks through phishing. And while phishing in email is not the only way these attacks happen (by phone and SMS/text also occurs), it is still the most common. So always know with as much certainty as possible that what you’re clicking or opening is safe. If you don’t know the sender or are not expecting to receive an attachment or link, question it. Contact the sender in a separate email using an address you already know. You can also do things using one of the old fashioned methods of picking up the telephone and calling or walking to the sender’s desk. Yes, it’s crazy! It’s also extremely effective in preventing business email compromise (BEC) and malware attacks.

Other data Kaspersky collected includes some good news. Financial phishing actually declined from 53.8% to 44.7%. Though it still did account for nearly 50% of the detections overall. Mac users made the list too. While MacOS is not targeted by malware as often, the numbers of financial phishing increased a bit to 57.6%.

Android users are not off the hook. Those users were targets of banking malware three times more than the previous year.

Always be sure to care for mobile devices too. Most companies allow some amount of connectivity with personal devices, so when you connect at the office, you’re introducing risk to the entire organization. Always keep anti-virus software loaded on all devices you move around and keep your apps and programs updated as well. This will help lower the chances that anything undesirable ends up worming its way through the corporate network.

Stickley on Security
Published June 3, 2019

Tired Of All Those Passwords? So Is Everyone Else

It’s likely no surprise to you that consumers are getting a bit exhausted with all the passwords for all of their online accounts. Recently, Google announced it would be implementing a change to the Chrome web browser that would allow users to do away with the classic password in order to access their accounts. And that is a great idea because a research firm, Blink, along with Trusona did a survey and discovered that 70% of consumers opted for some “alternative” form of authentication over the password.

The study was structured so that the participants didn’t know the purpose of the study. But they logged into a site at least three times per week with the option of using an “easy” password-free option or the classic login with password combination. Eighty four percent of them chose to use the “easy” way at least one time per week and only 47% chose the classic once a week. Perhaps that’s because of unsuccessful logins? The rate in this study when passwords were used was only 56%. That can be frustrating, for sure!

However, until such time that browsers are using biometrics and other ways to authenticate to your accounts, you are still going to be required to come up with strong passwords and use them.

– Be sure to use a unique password or phrase for every single online site.

– Each password should be at least eight characters and use upper and lowercase letters.

– At least one special character and one number should be in each password.

– They should never be easy to guess or be discovered using brute force password cracking methodologies.

Yes, there are so many passwords to remember. If you need to write them down on a piece of paper, do it. Just store it safely away from your computer. Don’t make an electronic document you leave on your computer. If you just don’t want to do that, consider a password manager. However, keep in mind that if one of those suffers a data breach (both LastPass and OneLogin have), the criminals will have all of your passwords rather than just one of them. You decide what’s best for you.

Stickley on Security

Published June 1, 2019