Profile cover photo
Profile photo
SmartCOP Total Security
The Complete Anti-Virus for the Internet Era
The Complete Anti-Virus for the Internet Era

SmartCOP Total Security's posts

Using Caution with USB Drives
One option is for attackers to use your USB drive to infect other computers. An attacker might infect a computer with malicious code, or malware, that can detect when a USB drive is plugged into a computer. The malware then downloads malicious code onto the drive. When the USB drive is plugged into another computer, the malware infects that computer.

How can you protect your data?
There are steps you can take to protect the data on your USB drive and on any computer that you might plug the drive into:
Take advantage of security features - Use passwords and encryption on your USB drive to protect your data, and make sure that you have the information backed up in case your drive is lost (see Protecting Portable Devices: Data Security for more information).
Keep personal and business USB drives separate - Do not use personal USB drives on computers owned by your organization, and do not plug USB drives containing corporate information into your personal computer.
Use and maintain security software, and keep all software up to date - Use a firewall, anti-virus software, and anti-spyware software to make your computer less vulnerable to attacks, and make sure to keep the virus definitions current (see Understanding Firewalls, Understanding Anti-Virus Software, and Recognizing and Avoiding Spyware for more information). Also, keep the software on your computer up to date by applying any necessary patches (see Understanding Patches for more information).
Do not plug an unknown USB drive into your computer - If you find a USB drive, give it to the appropriate authorities (a location's security personnel, your organization's IT department, etc.). Do not plug it into your computer to view the contents or to try to identify the owner.
Disable Autorun - The Autorun feature causes removable media such as CDs, DVDs, and USB drives to open automatically when they are inserted into a drive. By disabling Autorun, you can prevent malicious code on an infected USB drive from opening automatically. In How to disable the Autorun functionality in Windows (link is external), Microsoft has provided a wizard to disable Autorun. 

Recognizing Fake Antiviruses

Fake antivirus is malicious software (malware) designed to steal information from unsuspecting users by mimicking legitimate security software. It's important to protect your computer from fake antivirus infection and to be able to recognize when an infection has occurred.
What is fake antivirus?
Fake antivirus is malicious software (malware) designed to steal information from unsuspecting users by mimicking legitimate security software. The malware makes numerous system modifications making it extremely difficult to terminate unauthorized activities and remove the program. It also causes realistic, interactive security warnings to be displayed to the computer user.
How can my computer become infected with fake antivirus?
Criminals distribute this type of malware using search engines, emails, social networking sites, internet advertisements and other malware. They leverage advanced social engineering methodologies and popular technologies to maximize number of infected computers.
How will I know if I am infected?
The presence of pop-ups displaying unusual security warnings and asking for credit card or personal information is the most obvious method of identifying a fake antivirus infection.
What can I do to protect myself?
Be cautious when visiting web links or opening attachments from unknown senders. See Using Caution with Email Attachments for more information.
Keep software patched and updated. See Understanding Patches for more information on the importance of software patching.

Mozilla Launches Website Security Testing Tool

Mozilla has released a free tool that allows website developers and administrators to determine if they are using all available security technologies at their full potential.

The tool, named “Observatory,” was developed by Mozilla Information Security Engineer April King in an effort to help the organization test its own domains. Observatory has now been made available to everyone along with its source code.

Observatory performs nearly a dozen tests, including Content Security Policy (CSP), Contribute.json, cookies, cross-origin resource sharing (CORS), HTTP Public Key Pinning (HPKP), HTTP Strict Transport Security (HSTS), redirections, subresource integrity, and X-Content-Type-Options, X-Frame-Options and X-XSS-Protection headers.

“You may not have heard of many of them, and that’s because their documentation is spread across thousands of articles, hundreds of websites, and dozens of specifications,” King explained.

After they run a scan, users are provided a score for each test. This score shows how well each standard is implemented and provides recommendations for improvements. The application also provides an overall score and grades the verified website.

Cyber Security Basics
General computing practices and tips that apply to most people who use a computer.

1.Protect Information when using the Internet and email
2.Google Privacy and Security Tips
3.Beware of Scams
4.Mobile Devices and Wireless
5.Prevent Identity Theft
6.Don't Download Unknown or Unsolicited Programs or Files
7.Back Up Important Files
8.Secure Your Web Browsers
9.Bots, Botnets, and Zombies
10.Home Computer Security
11.Travel Securely

Don't Login on Untrusted Computers
A password is only as secure as the computer or network it is used on. As such, never log in to a sensitive account from a public computer, such as computers in a cyber cafe, hotel lobby or conference hall. Bad guys target public computers such as these and infect them on purpose. The moment you type your password on an infected computer, these cyber criminals can harvest your passwords. If you have no choice but to use a public computer, change your password at the next available opportunity you have access to a trusted computer.

Go With Passphrases
Passphrases are the strongest type of passwords and the easiest to remember. Simply use an entire sentence for your password, such as "What time is coffee?" By using spaces and punctuation, you create a long password that is hard to guess but easy to remember.

One of the most effective steps you can take to protect your cloud account is to make sure you are using two-step verification. In addition, always be sure you know exactly whom you are sharing files with. It is very easy to accidentally share your files with the entire Internet when you think you are only sharing them with specific individuals.

If You Are a Victim of Identity Theft
Report any identity theft immediately by following these Step1: Contact the three major credit bureaus and have them place a fraud alert on your credit report.
Step2: If a credit card was involved, contact the credit card company and have a new credit card with a new number issued.
Step3: Contact your local law enforcement agency and file a report.File a complaint with the Federal Trade Commission.
Document all conversations so you know whom you spoke to and when.

Two-Step Verification

Two-step verification is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. Examples of services that support two-step verification include Gmail, Dropbox and Twitter.

Post has attachment
Phishing refers to an attack that uses email or a messaging service (like those on social media sites) that tricks or fools
you into taking an action, such as clicking on a link or opening an attachment. By falling victim to such an attack, you risk
having your highly sensitive information stolen and/or your computer infected. Attackers work hard to make their phishing
emails convincing.
Types of Phishing
1. The email requests highly sensitive information, such as your credit card number or password •
2. The email says it comes from an official organization, but has poor grammar or spelling, or uses a personal email eg: address like, or
3. The link looks odd or not official. One tip is to hover your mouse cursor over the link until a pop-up shows you •where that link really takes you. If the link in the email doesn’t match the pop-up destination, don’t click it. On mobile devices, holding down your finger on a link gets the same pop-up. An even safer step is to copy and then paste the.URL from the email into your browser or type the correct link.
4. You receive a message from someone you know, but the tone or wording just does not sound like him or her. If you are suspicious, call the sender to verify they sent it. It is easy for a cyber attacker to create an email that appears to be from a friend or coworker.

If you believe an email or message is a phishing attack, simply delete it. Ultimately, common sense is your best defense.
Wait while more posts are being loaded