Subscribe: US-CERT Cyber Security Tips
Added By: Feedage Forager Feedage Grade B rated
Language: English
access  computer  device  devices  home  information  internet  mobile device  mobile  network  passwords  security  software 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: US-CERT Cyber Security Tips


US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content


ST17-001: Securing the Internet of Things

Thu, 16 Nov 2017 21:52:21 +0000

Original release date: November 16, 2017 | Last revised: November 17, 2017 The Internet of Things refers to any object or device that sends and receives data automatically through the Internet. This rapidly expanding set of “things” includes tags (also known as labels or chips that automatically track objects), sensors, and devices that interact with people and share information machine to machine.Why Should We Care?Cars, appliances, wearables, lighting, healthcare, and home security all contain sensing devices that can talk to other machines and trigger additional actions. Examples include devices that direct your car to an open spot in a parking lot; mechanisms that control energy use in your home; control systems that deliver water and power to your workplace; and other tools that track your eating, sleeping, and exercise habits.This technology provides a level of convenience to our lives, but it requires that we share more information than ever. The security of this information, and the security of these devices, is not always guaranteed.What Are the Risks?Though many security and resilience risks are not new, the scale of interconnectedness created by the Internet of Things increases the consequences of known risks and creates new ones. Attackers take advantage of this scale to infect large segments of devices at a time, allowing them access to the data on those devices or to, as part of a botnet, attack other computers or devices for malicious intent. See Cybersecurity for Electronic Devices, Understanding Hidden Threats: Rootkits and Botnets, and Understanding Denial-of-Service Attacks for more information.How Do I Improve the Security of Internet-Enabled Devices?Without a doubt, the Internet of Things makes our lives easier and has many benefits; but we can only reap these benefits if our Internet-enabled devices are secure and trusted. The following are important steps you should consider to make your Internet of Things more secure.Evaluate your security settings. Most devices offer a variety of features that you can tailor to meet your needs and requirements. Enabling certain features to increase convenience or functionality may leave you more vulnerable to being attacked. It is important to examine the settings, particularly security settings, and select options that meet your needs without putting you at increased risk. If you install a patch or a new version of software, or if you become aware of something that might affect your device, reevaluate your settings to make sure they are still appropriate. See Good Security Habits for more information.Ensure you have up-to-date software. When manufacturers become aware of vulnerabilities in their products, they often issue patches to fix the problem. Patches are software updates that fix a particular issue or vulnerability within your device’s software. Make sure to apply relevant patches as soon as possible to protect your devices. See Understanding Patches for more information.Connect carefully. Once your device is connected to the Internet, it’s also connected to millions of other computers, which could allow attackers access to your device. Consider whether continuous connectivity to the Internet is needed. See Securing Your Home Network for more information.Use strong passwords. Passwords are a common form of authentication and are often the only barrier between you and your personal information. Some Internet-enabled devices are configured with default passwords to simplify setup. These default passwords are easily found online, so they don't provide any protection. Choose strong passwords to help secure your device. See Choosing and Protecting Passwords for more information.Additional InformationThe following organizations offer additional information about this topic:Online Trust Alliance: Web Application Security Project (OWASP): Counc[...]

ST16-001: Securing Voter Registration Data

Fri, 16 Sep 2016 00:16:12 +0000

Original release date: September 15, 2016 | Last revised: September 30, 2016 OverviewVoter registration databases (VRDB) are rich targets and may be an attractive target for computer intrusions. This problem is not unique to individual states—it is shared across the nation. The keys to good cybersecurity are awareness and constant vigilance.What are the threats that may place voter data at risk?Malicious actors may use a variety of methods to interfere with voter registration websites and databases. Some methods of attack are listed below and provide guidance that is applicable to VRDBs and many other computer networks.Phishing attempts are forged emails, texts, and other messages used to manipulate users into clicking on malicious links or downloading malicious file attachments. Phishing attacks can lead to credential theft (e.g., passwords) or may act as an entry point for threat actors to spread malware throughout an organization, steal voter information, or disrupt voting operations. For guidance to defend against phishing, see the United States Computer Emergency Readiness Team (US-CERT) Tip on Avoiding Social Engineering and Phishing Attacks.Injection Flaws are broad web application attack technique that attempts to send commands to a browser, database, or other system, allowing for a regular user to control behavior. The most common example is Structured Query Language (SQL) injection, which subverts the relationship between a webpage and its supporting database, typically to obtain information contained inside the voter registration database. Another form is Command Injection, where an untrusted user is able to send commands to an operating systems supporting a web application or database. See US-CERT’s Publication on SQL Injection for more information.Cross-site scripting (XSS) vulnerabilities allow threat actors to insert and execute unauthorized code in web applications. Successful XSS attacks on voter registration websites can provide the attacker unauthorized access to voter information. For prevention and mitigation strategies against XSS, see US-CERT’s Alert on Compromised Web Servers and Web Shells.Denial-of-service (DoS) attacks prevent legitimate users from accessing information or services. A DoS attack can make a voter registration website unavailable or deny access to voter registration data. Contact your Internet service provider (ISP) to discuss ways they can help block DoS attacks targeting your organization. For more information on DoS, see US-CERT’s Tip on Understanding Denial-of-Service Attacks.Server vulnerabilities may be exploited to allow unauthorized access to sensitive information. An attack against a poorly configured server running a voter registration website may allow an adversary access to critical information and to the supporting voter registration database itself. See US-CERT’s Tip on Website Security for additional information.Ransomware is a type of malicious software that infects a computer system and restricts users' access to system resources or data until a ransom is paid to unlock it. Affected organizations are discouraged from paying the ransom, as this does not guarantee access will be restored to a compromised VRDB. For more information on ransomware, see US-CERT’s Publication on Ransomware. What prevention measures should I employ to protect against these threats?DHS encourages election officials and network administrators to implement the recommendations below, which can prevent as many as 85 percent of targeted cyber attacks. These strategies are common sense to many, but DHS continues to see intrusions because organizations fail to use these basic measures.   Patch applications and operating systems – Vulnerable applications and operating systems are the targets of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.Application whitelisting – Whitelisting is one of the best[...]

ST15-003: Before You Connect a New Computer to the Internet

Tue, 15 Dec 2015 23:07:19 +0000

Original release date: December 15, 2015 | Last revised: December 17, 2015 Why Should I Care About Computer Security? Computers help us maintain our financial, social, and professional relationships. We use them for banking and bill paying, online shopping, connecting with our friends and family through email and social networking sites, researching data posted on the Internet, and so much more. We rely heavily on our computers to provide these services, yet we sometimes overlook our need to secure them. Because our computers play such critical roles in our lives, and we input and view so much personally identifiable information (PII) on them, it’s imperative to maintain computer security that ensures the safe processing and storage of our information.How Do I Improve the Security of My Home Computer? Following are important steps you should consider to make your home computer more secure. While no individual step will eliminate your risk, together these defense-in-depth practices will make your home computer’s defense stronger and minimize the threat of malicious exploit. Connect to a Secure Network Once your computer is connected to the Internet, it’s also connected to millions of other computers, which could allow attackers access to your computer. Information flows from the Internet to your home network by first coming into your modem, then into your router and finally into your computer. Although cable modem, digital subscriber line (DSL), and internet service providers (ISP) purport some level of security monitoring, it’s crucial to secure your router—the first securable device that receives information from the Internet. Be sure to secure it before you connect to the Internet to improve your computer’s security. (See Securing Your Home Network for more information.)Enable and Configure a Firewall A firewall is a device that controls the flow of information between your computer and the Internet, similar to a router. Most modern operating systems include a software firewall. In addition to the operating system’s firewall, the majority of home routers have a firewall built in. Refer to your user’s guide for instructions on how to enable your firewall. Once your firewall is enabled, consult the user’s guide to learn how to configure the security settings and set a strong password to protect it against unwanted changes. (See Understanding Firewalls for more information.)Install and Use Antivirus and Antispyware Software Installing an antivirus and antispyware software program and keeping it up to date is a critical step in protecting your computer. Many types of antivirus and antispyware software can detect the possible presence of malware by looking for patterns in the files or memory of your computer. This software uses virus signatures provided by software vendors to look for malware. Antivirus vendors frequently create new signatures to keep their software effective against newly discovered malware. Many antivirus and antispyware programs offer automatic updating. Enable that feature so your software always has the most current signatures. If automatic updates aren’t offered, be sure to install the software from a reputable source, like the vendor’s website or a CD from the vendor. (See Understanding Anti-Virus Software.)Remove Unnecessary Software Intruders can attack your computer by exploiting software vulnerabilities (that is, flaws or weaknesses), so the less software you have installed, the fewer avenues for potential attack. Check the software installed on your computer. If you don’t know what a software program does and don’t use it, research it to determine whether it’s necessary. Remove any software you feel isn’t necessary after confirming it’s safe to remove the software.Back up important files and data before removing unnecessary software in case you accidentally remove software essential to the operating system. If possible, locate the installation media for the s[...]

ST15-002: Securing Your Home Network

Tue, 15 Dec 2015 14:41:57 +0000

Original release date: December 15, 2015 | Last revised: December 16, 2015 How are routers used in your home network?Home routers have become an integral part of our global communications footprint as use of the Internet has grown to include home-based businesses, telework, schoolwork, social networking, entertainment, and personal financial management. Routers facilitate this broadened connectivity. Most of these devices are preconfigured at the factory and are Internet-ready for immediate use. After installing routers, users often connect immediately to the Internet without performing any additional configuration. Users may be unwilling to add configuration safeguards because configuration seems too difficult or users are reluctant to spend the time with advanced configuration settings.Unfortunately, the default configuration of most home routers offers little security and leaves home networks vulnerable to attack. Small businesses and organizations often use these same home routers to connect to the Internet without implementing additional security precautions and expose their organizations to attack.Why secure your home router?Home routers are directly accessible from the Internet, are easily discoverable, are usually continuously powered-on, and are frequently vulnerable because of their default configuration. These characteristics offer an intruder the perfect target to obtain a user’s personal or business data. The wireless features incorporated into many of these devices add another vulnerable target.How can you prevent unauthorized access to your home network?The preventive steps listed below are designed to increase the security of home routers and reduce the vulnerability of the internal network against attacks from external sources.Change the default username and password: These default usernames and passwords are readily available in different publications and are well known to attackers; therefore, they should be immediately changed during the initial router installation. It’s best to use a strong password, consisting of letters, numbers, and special characters totaling at least 14 characters. Manufacturers set default usernames and passwords for these devices at the factory for their troubleshooting convenience. Furthermore, change passwords every 30 to 90 days. See Choosing and Protecting Passwords for more information on creating a strong router password.Change the default SSID: A service set identifier (SSID) is a unique name that identifies a particular wireless local area network (WLAN). All wireless devices on a WLAN must use the same SSID to communicate with each other. Manufacturers set a default SSID at the factory, and this SSID typically identifies the manufacturer or the actual device. An attacker can use the default SSID to identify the device and exploit any of its known vulnerabilities. Users sometimes set the SSID to a name that reveals their organization, their location, or their own name. This information makes it easier for the attacker to identify the specific business or home network based upon an SSID that explicitly displays the organization’s name, organization’s location, or an individual’s own name. For example, an SSID that broadcasts a company name is a more attractive target then an SSID broadcasting “ABC123.” Using default or well-known SSIDs also makes brute force attacks against WPA2 keys easier. When choosing an SSID, make the SSID unique and not tied to your personal or business identity.Don’t stay logged in to the management website for your router: Routers usually provide a website for users to configure and manage the router. Do not stay logged into this website, as a defense against cross-site request forgery (CSRF) attacks. In this context, a CSRF attack would transmit unauthorized commands from an attacker to the router’s management website.Configure Wi-Fi Protected Access 2 (WPA2)-Advanced Encryption Standard (AES) fo[...]

ST15-001: IRS and US-CERT Caution Users: Prepare for Heightened Phishing Risk This Tax Season

Fri, 30 Jan 2015 05:00:00 +0000

Original release date: January 30, 2015 | Last revised: October 01, 2016 OverviewThroughout the year, scam artists pose as legitimate entities—such as the Internal Revenue Service (IRS), other government agencies, and financial institutions—in an attempt to defraud taxpayers. They employ sophisticated phishing campaigns to lure users to malicious sites or entice them to activate malware in infected email attachments. To protect sensitive data, credentials, and payment information, US-CERT and the IRS recommend taxpayers prepare for heightened risk this tax season and remain vigilant year-round.Remain alertPhishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. In many successful incidents, recipients are fooled into believing the phishing communication is from someone they trust. An actor may take advantage of knowledge gained from research and earlier attempts to masquerade as a legitimate source, including the look and feel of authentic communications. These targeted messages can trick any user into taking action that may compromise enterprise security.Spot common elements of the phishing lifecycleA Lure: enticing email content.Example 1 of actual phishing emailExample 2 of actual phishing emailA Hook: an email-based exploit.Email with embedded malicious content that is executed as a side effect of opening the emailEmail with malicious attachments that are activated as a side effect of opening an attachmentEmail with “clickable” URLs: the body of the email includes a link, which displays as a recognized, legitimate website, though the actual URL redirects the user to malicious contentA Catch: a transaction conducted by an actor following a successful attempt.Unexplainable chargesUnexplainable password changesUnderstand how the IRS communicates electronically with taxpayersThe IRS does not initiate contact with taxpayers by email, text messages or social media channels to request personal or financial information.This includes requests for PIN numbers, passwords or similar access information for credit cards, banks or other financial accounts.The official website of the IRS is action to avoid becoming a victimIf you believe you might have revealed sensitive information about your organization or access credentials, report it to the appropriate contacts within the organization, including network administrators. They can be alert for any suspicious or unusual activity.Watch for any unexplainable charges to your financial accounts. If you believe your accounts may be compromised, contact your financial institution immediately and close those accounts.If you believe you might have revealed sensitive account information, immediately change the passwords you might have revealed. If you used the same password for multiple accounts, make sure to change the password for each account and do not use that password in the future.Report suspicious phishing communicationsEmail: If you read an email claiming to be from the IRS, do not reply or click on attachments and/or links. Forward the email as-is to, then delete the original email.Website: If you find a website that claims to be the IRS and suspect it is fraudulent, send the URL of the suspicious site to with subject line, “Suspicious website”.Text Message: If you receive a suspicious text message, do not reply or click on attachments and/or links. Forward the text as-is to 202-552-1226 (standard text rates apply), and then delete the original message (if you clicked on links in SMS and entered confidential information, visit the IRS’ identity protection page).If you are a victim of any of the above scams involving IRS impersonation, please report to, file a report with the Treasury Inspector General for Tax Administration (TIGTA), the Federal Trade Commission (FTC), and the po[...]

ST14-001: Sochi 2014 Olympic Games

Tue, 04 Feb 2014 15:20:38 +0000

Original release date: February 04, 2014 | Last revised: October 01, 2016 OverviewWhether traveling to Sochi, Russia for the XXII Olympic Winter Games, or viewing the games from locations abroad, there are several cyber-related risks to consider. As with many international level media events, hacktivists may attempt to take advantage of the large audience to spread their own message. Additionally, cyber criminals may use the games as a lure in spam, phishing or drive-by-download campaigns to gain personally identifiable information or harvest credentials for financial gain. Lastly, those physically attending the games should be cognizant that their communications will likely be monitored.HacktivistsA number of hacktivist campaigns may attach themselves to the upcoming Olympics simply to take advantage of the on-looking audience. For example, the hacktivist group, Anonymous Caucasus, has launched what appears to be a threat against any company that finances or supports the winter games. This group states the Sochi games infrastructure was built on the graves of 1 million innocent Caucasians who were murdered by the Russians in 1864. According to Trusted Third Party analysis, the group has been linked to distributed denial of service (DDoS) attacks on Russian banks in October 2013. Therefore, the group is likely capable of waging similar attacks on the websites of organizations they believe financed Olympic related activities; however, no specific threat or target has been identified at the time of this report. Olympic coverageWhether viewing live coverage, event replays, or checking medal statistics online, it’s important to visit only trusted websites. Events which gain significant public interest and media coverage are often used as lures for spam or spearphishing campaigns. Malicious actors may also create fake websites and domains that appear to be official Olympic news or coverage that can be used to deliver malware to an end user upon visiting the site (also known as drive-by downloads or wateringholes).NBCUniversal offers exclusive coverage of the games for viewers via NBC, NBCSN, MSNBC, USA Network, and corresponding Twitter, Facebook and Instagram accounts. Viewers should be wary of any other source claiming to provide live coverage. As always, it is best to visit trusted resources directly rather than clicking on emailed links or opening attachments. Purchasing tickets or merchandise at the GamesAccording to the official Winter Olympics website:, Visa will be the only card accepted for all purchases including tickets and merchandise at the Games. Tickets may only be purchased through Authorized Ticket Resellers (ATR). Individuals can validate the authenticity of an ATR offering tickets by using the “Website Checker” tool available on the official Sochi website. The designated ATR in the United States is CoSport, and at the time of this report, individuals purchasing tickets through CoSport may only pick up their tickets at CoSport’s Host City Collection Center in Sochi, Russia. Any ticket offer from a site not recognized as an ATR or accepting payment methods outside of VISA are likely fraudulent and should be met with skepticism.Traveling to SochiWhen traveling abroad it’s important to know your host countries laws and policies, particularly when it comes to privacy. Russia has a national system of lawful interception of all electronic communications. The System of Operative-Investigative Measures, or SORM, legally allows the Russian FSB to monitor, intercept, and block any communication sent electronically (i.e. cell phone or landline calls, internet traffic, etc.). SORM-1 captures telephone and mobile phone communications, SORM-2 intercepts internet traffic, and SORM-3 collects information from all forms of communication, providing long-term storage of all information and [...]

ST13-003: Handling Destructive Malware

Mon, 04 Nov 2013 17:58:25 +0000

Original release date: November 04, 2013 | Last revised: October 01, 2016 Overview Destructive malware presents a direct threat to an organization’s daily operations, directly impacting the availability of critical assets and data. Organizations should increase vigilance and evaluate their capabilities encompassing planning, preparation, detection, and response for such an event. This publication is focused on the threat of enterprise-scale distributed propagation methods for malware and provides recommended guidance and considerations for an organization to address as part of their network architecture, security baseline, continuous monitoring, and Incident Response practices.While specific indicators and modules related to destructive malware may evolve over time, it is critical that an organization assess their capability to actively prepare for and respond to such an event.Potential Distribution VectorsDestructive malware has the capability to target a large scope of systems, and can potentially execute across multiple systems throughout a network. As a result, it is important for an organization to assess their environment for atypical channels for potential  malware delivery and/or propagation throughout their systems. Systems to assess include:Enterprise Applications – particularly those which have the capability to directly interface with and impact multiple hosts and endpoints. Common examples includePatch Management Systems,Asset Management Systems,Remote Assistance software (typically utilized by the corporate Help Desk),Anti-Virus,Systems assigned to system and network administrative personnel,Centralized Backup Servers, andCentralized File Shares.While not applicable to malware specifically, threat actors could compromise additional resources to impact the availability of critical data and applications.  Common examples include:Centralized storage devicesPotential Risk – direct access to partitions and data warehouses;Network devicesPotential Risk – capability to inject false routes within the routing table, delete specific routes from the  routing table, or remove/modify configuration attributes - which could isolate or degrade availability of critical network resources.Best Practices and Planning StrategiesCommon strategies can be followed to strengthen an organization’s resilience against destructive malware.  Targeted assessment and enforcement of best practices should be employed for enterprise components susceptible to destructive malware.Communication FlowEnsure proper network segmentation.Ensure that network-based access-control lists (ACLs) are configured to permit server-to-host and host-to-host connectivity via the minimum scope of ports and protocols – and that directional flows for connectivity are represented appropriately.Communication flow paths should be fully defined, documented, and authorized.Increase awareness of systems which can be utilized as a gateway to pivot (lateral movement) or directly connect to additional endpoints throughout the enterprise.Ensure that these systems are contained within restrictive VLANs, with additional segmentation and network access-controls.Ensure that centralized network and storage devices’ management interfaces are resident on restrictive VLANs.Layered access-control, andDevice-level access-control enforcement – restricting access from only pre-defined VLANs and trusted IP ranges.Access ControlFor Enterprise systems which can directly interface with multiple endpoints:Require two factor authentication for interactive logons.Ensure that authorized users are mapped to a specific subset of enterprise personnel. If possible, the “Everyone” , “Domain Users”  or the “Authenticated Users” groups should not be permitted the capability to directly access or authenticate to these systems.Ensure that unique domain acco[...]

13-002: International Mobile Safety Tips

Tue, 29 Oct 2013 17:32:47 +0000

Original release date: October 29, 2013 | Last revised: October 01, 2016 October 29, 2013 marks the 4th Annual Asia Pacific Economic Cooperation Cyber Security Awareness Day. To recognize this occasion and in observance of the 10th year of National Cyber Security Awareness Month in the United States, US-CERT, along with its international partners from Asia and Europe, is promoting a set of International Mobile Safety Tips that were developed by the National Cyber Security Alliance, InfollutionZero, the Cyber Security Awareness Alliance in Singapore, and the iZ HERO Project.The goal of the campaign is to use harmonized messaging to reach out to children, families, and schools across the world, and to provide them with core principles and simple tips that can help people of all ages enjoy safer and more secure use of digital devices and the Internet.US-CERT encourages users and administrators to view the International Mobile Safety Tips at the following link and share them with their respective communities. The guidelines below provide core principles and recommendations for more secure use of digital devices and the Internet.Keep software updated. Running the most recent versions of your mobile operating system, security software, apps and Web browsers is among the best defenses against malware, viruses and other online threats.Keep your device secure by using a strong password to lock your smartphone or tablet.Enable two-step authentication when offered, and change passwords to any accounts you accessed while connected to an unfamiliar network. Before downloading an application (app), make sure you understand what information (i.e., location, your contacts, social networking profiles, etc.) the app would access and share before you download it. Download apps from trusted sources.Back up your contacts, photos, videos and other mobile device data with another device or cloud service on a weekly basis.When using a public or unsecured wireless connection, avoid using sites and apps that require personal information like log-ins.Automatically connecting to networks can create vulnerabilities exploitable by hackers and others. Switch off your Wi-Fi and Bluetooth connections when not in use.Delete any online communications (i.e., texts, emails, social media posts) that look suspicious, even if you think you know the source.  When banking or shopping online, use only trusted apps or websites that begin with https://.The Golden Rule. Be respectful on your device. Treat others as you would like to be treated when texting, calling or using social networks.Share with care. Be a true friend when taking and sharing photos and videos with your smartphone. Get permission from friends before you share them via text or social networks.Be Web wise. Stay informed of the latest updates to your device and apps. Know what to do if something goes wrong. Related Topics:Safety and Security for the Business Professional Traveling Abroad Cybersecurity for Electronic Devices Protecting Physical Devices: Physical Security   References International Mobile Safety Tips - Stop Think Connect Author: US-CERT This product is provided subject to this Notification and this Privacy & Use policy. [...]

ST04-017: Protecting Portable Devices: Physical Security

Mon, 19 Dec 2011 18:01:34 +0000

Original release date: December 19, 2011 | Last revised: October 01, 2016 Many computer users, especially those who travel for business, rely on laptops and personal internet-enabled devices like smartphones and tablets because they are small and easily transported. But while these characteristics make them popular and convenient, they also make them an ideal target for thieves. Make sure to secure your mobile devices to protect both the machine and the information they contain. What is at risk?Only you can determine what is actually at risk. If a thief steals your laptop or mobile device, the most obvious loss is the machine itself. However, if the thief is able to access the information on the computer or mobile device, all of the information stored on the device is at risk, as well as any additional information that could be accessed as a result of the data stored on the device itself.Sensitive corporate information or customer account information should not be accessed by unauthorized people. You've probably heard news stories about organizations panicking because laptops with confidential information on them have been lost or stolen. But even if there isn't any sensitive corporate information on your laptop or mobile device, think of the other information at risk: information about appointments, passwords, email addresses and other contact information, personal information for online accounts, etc.How can you protect your laptop or internet-enabled device?Password-protect your computer - Make sure that you have to enter a password to log in to your computer or mobile device (see Choosing and Protecting Passwords for more information).Keep your valuables with you at all times - When traveling, keep your device with you. Meal times are optimum times for thieves to check hotel rooms for unattended laptops. If you are attending a conference or trade show, be especially wary—these venues offer thieves a wider selection of devices that are likely to contain sensitive information, and the conference sessions offer more opportunities for thieves to access guest rooms.Downplay your laptop or mobile device - There is no need to advertise to thieves that you have a laptop or mobile device. Avoid using your device in public areas, and consider non-traditional bags for carrying your laptop.Be aware of your surroundings - If you do use your laptop or mobile device in a public area, pay attention to people around you. Take precautions to shield yourself from "shoulder surfers"—make sure that no one can see you type your passwords or see any sensitive information on your screen.Consider an alarm or lock - Many companies sell alarms or locks that you can use to protect or secure your laptop. If you travel often or will be in a heavily populated area, you may want to consider investing in an alarm for your laptop bag or a lock to secure your laptop to a piece of furniture.Back up your files - If your mobile device is stolen, it's bad enough that someone else may be able to access your information. To avoid losing all of the information, make backups of important information and store the backups in a separate location (see Good Security Habits for more information). Not only will you still be able to access the information, but you'll be able to identify and report exactly what information is at risk.What can you do if your laptop or mobile device is lost or stolen?Report the loss or theft to the appropriate authorities. These parties may include representatives from law enforcement agencies, as well as hotel or conference staff. If your device contained sensitive corporate or customer account information, immediately report the loss or theft to your organization so that they can act quickly.  Author: Mindi McDowell This product is provided subje[...]

ST11-001: Holiday Traveling with Personal Internet-Enabled Devices

Mon, 19 Dec 2011 17:42:27 +0000

Original release date: December 19, 2011 | Last revised: June 08, 2017 The Internet is at our fingertips with the widespread use of Internet-enabled devices such as smart phones and tablets. When traveling and shopping anytime, and especially during the holidays, consider the wireless network you are using when you complete transactions on your device. Know the risksYour smart phone, tablet, or other device is a full-fledged computer. It is susceptible to risks inherent in online transactions. When shopping, banking, or sharing personal information online, take the same precautions with your smart phone or other device that you do with your personal computer — and then some. The mobile nature of these devices means that you should also take precautions for the physical security of your device (see Protecting Portable Devices: Physical Security for more information) and consider the way you are accessing the Internet.Do not use public Wi-Fi networksAvoid using open Wi-Fi networks to conduct personal business, bank, or shop online. Open Wi-Fi networks at places such as airports, coffee shops, and other public locations present an opportunity for attackers to intercept sensitive information that you would provide to complete an online transaction.If you simply must check your bank balance or make an online purchase while you are traveling, turn off your device's Wi-Fi connection and use your mobile device's cellular data Internet connection instead of making the transaction over an unsecure Wi-Fi network.Turn off Bluetooth when not in useBluetooth-enabled accessories can be helpful, such as earpieces for hands-free talking and external keyboards for ease of typing. When these devices are not in use, turn off the Bluetooth setting on your phone. Cyber criminals have the capability to pair with your phone's open Bluetooth connection when you are not using it and steal personal information.Be cautious when chargingAvoid connecting your mobile device to any computer or charging station that you do not control, such as a charging station at an airport terminal or a shared computer at a library. Connecting a mobile device to a computer using a USB cable can allow software running on that computer to interact with the phone in ways that a user may not anticipate. As a result, a malicious computer could gain access to your sensitive data or install new software.Don't fall victim to phishing scamsIf you are in the shopping mode, an email that appears to be from a legitimate retailer might be difficult to resist. If the deal looks too good to be true, or the link in the email or attachment to the text seems suspicious, do not click on it!What to do if your accounts are compromisedIf you notice that one of your online accounts has been hacked, call the bank, store, or credit card company that owns your account. Reporting fraud in a timely manner helps minimize the impact and lessens your personal liability. You should also change your account passwords for any online services associated with your mobile device using a different computer that you control. If you are the victim of identity theft, additional information is available from even more information about keeping your devices safe, read Cybersecurity for Electronic Devices. Author: US-CERT Publications This product is provided subject to this Notification and this Privacy & Use policy. [...]