Safe and secure online, on holiday – Kaspersky Lab official blog

Hopefully, you’ve read our advice on researching and booking holidays and other travel safely and securely. But have you thought about how to keep yourself protected online while you’re away, whether it’s the annual family holiday or a short break?

Whether you’re basking in the sunshine or enjoying the snowy slopes, it can be easy to forget that your online safety is as important as your sunscreen or goggles. So we’d like to offer some simple advice to help ensure that when it comes to being online, you’re as safe when away as when you’re at home.

Look after your mobile devices

The great thing about smartphones and tablets is that they’re small and portable. The downside to this is that they’re easy to lose, and easy for someone to steal. The consequences of this happening in your own country are bad enough, but if you’re abroad, you face additional inconvenience, expense and, often, upset.

When you’re out and about – especially in city centres – keep your phone or tablet close to you and get it out only when you have to in a safe place, to answer a message or check the map. Don’t leave it unattended in cafes, bars or public transport, and if there isn’t a safe in your hotel room, we recommend you take it with you.

And remember that apartments, villas, ski lodges or caravans all make attractive targets for thieves, so take care here as well.

Wi-Fi hotspots

When you’re on holiday – just like when you’re at home – there’s nothing easier and more convenient than being able to connect to Wi-Fi in your hotel room, the café or a bar. You can keep up with your friends, check the news, catch up on your email (uh oh, you’re meant to be relaxing!) and check your bank account.

But have you considered if that hotspot is secure, and what information you might be revealing inadvertently?

If you’re doing anything private online such as banking, paying for something, logging into a shopping site or confidential email – our advice is: don’t do it using a Wi-Fi hotspot, but use your data (remember, roaming is cheaper these days) or a mobile dongle.

This is because with hotspots, you have no guarantee that the connection is secure, so there’s a chance that it could be eavesdropped on orhijacked. Even if you need a code or your email to log on, it’s not worth the risk.

Social media

When you’re having a great time on holiday, there’s nothing quite like sharing it with posts and photos on your favourite social media platform, right?

Right, but the problem is, you can never be sure who’s going to end up seeing what you’ve posted and these days, social media has become the best friend of both burglars and fraudsters.

Advertise that fact that your home is unoccupied – even if it’s only for a weekend break – and you’re risking having it broken into. This isn’t uncommon, and even high-profile celebs have fallen victim. Insurance companies are now refusing to pay out if they find you’ve posted that you’re away so surely this, combined with the thought that somebody could be going through all your belongings while you’re away, would make you think twice.

We mentioned fraudsters using social media too, and this one affects your workplace. It’s become commonplace for fraudsters to combine the fact that you’re away on holiday with other snippets gained on LinkedIn or a sly phone call to defraud your business. They’ll impersonate a supplier, the bank, HMRC or – if you’re a senior exec, you – to extract money out of an unwitting colleague. You can only begin to imagine the consequences.

In conclusion

We want to you relax and enjoy your break and be able to enjoy your online experience seamlessly and safely while you’re away too. Following this practical holiday advice and the other online safety basics on our website, that shouldn’t be a problem.

Have a great time!

Source: Safe and secure online, on holiday – Kaspersky Lab official blog

Cyber Safe Warwickshire – AA Data Breach Exposes Details Of Over 100,000 Customers

A breach at UK car insurance company, the AA, has exposed information on more than 100,000 customers, including names, email addresses and partial credit card details, according to security researchers.

The company said a ‘server misconfiguration’ was responsible for the information being openly available on the web for a few days in April of this year.

The AA have been criticized for its handling of the incident: After claiming no sensitive information was included in the exposed cache, the company was called to task when security researcher Troy Hunt said he found 117,000 unique email addresses, names and partial credit card info among the details.

The company never notified its affected customers, he added.

Source: Cyber Safe Warwickshire – AA Data Breach Exposes Details Of Over 100,000 Customers

How to stay secure while staying connected on vacation – Help Net Security

The wide availability of Wi-Fi networks can make it difficult to unplug and disconnect on vacation, but if consumers take that extra step and unplug they can experience a more secure trip.

Despite the benefits experienced from unplugging, most individuals still prefer to stay connected when on vacation. But when individuals put convenience over security, by using unsecured Wi-Fi access points that are easily hackable for example, they leave themselves open to the possibility of having their personal information compromised.

Source: How to stay secure while staying connected on vacation – Help Net Security

Five Scams That Won’t Make You Laugh on April Fool’s Day

If there’s one day of the year when everyone has their guard up, it’s April Fool’s Day. After all, who can put their hand up and say that they have never been duped by an April Fool’s trick? Some of the classic April Fool’s stunts have gone down in history, such as the BBC’s news report from 1957 showing the annual spaghetti harvest in Switzerland.

Simpler times, you say? Well, 50 years later the BBC pulled a similar stunt – getting Monty Python’s Terry Jones to star in a short documentary revealing the phenomenon of flying penguins. And, like the spaghetti hanging from the branches of trees in southern Switzerland, some people believed it. They believed it because the BBC is a trusted source of information. If some nutter had sat next to you on the bus and tried to convince you that penguins could fly or that you could send a Gmail by making the motion of licking a stamp you probably wouldn’t believe them.

Source: Five Scams That Won’t Make You Laugh on April Fool’s Day

Beware of Outlook “You Are Violating the Terms And Conditions” Phishing Scam

The email message below with the subject: “You Are Violating the Terms And Conditions,” which claims that due to our recent security updates for the year, all Outlook users are to verify and validate their accounts, is a phishing scam. The email message is being sent by cyber-criminals, whose intentions are to hijack their victims’ email accounts and use them for malicious purposes. So, recipients of the same email message are advised not to follow the instructions in it.

Source: Beware of Outlook “You Are Violating the Terms And Conditions” Phishing Scam

HMRC “Last Fiscal Activity” Tax Refund Phishing Scam – Hoax-Slayer 2G

Email purporting to be from UK tax agency HMRC claims that the agency has recalculated your last fiscal activity and determined that you are eligible to receive a tax refund.

Source: HMRC “Last Fiscal Activity” Tax Refund Phishing Scam – Hoax-Slayer 2G

University Spear-Phishing Warning – Safe In Warwickshire

Fraudsters are sending out a high volume of phishing emails to university email addresses claiming to be from their own HR department. These email addresses are either spoofed, or in some cases usi…

Source: University Spear-Phishing Warning – Safe In Warwickshire

Phishers’ new social engineering trick: PDF attachments with malicious links – Help Net Security

The latest attacks through PDF attachments are geared towards pushing users to enter their email account credentials into well-crafted phishing pages.

Source: Phishers’ new social engineering trick: PDF attachments with malicious links – Help Net Security

Beware This New Gmail Scam That Is Tricking Even Tech-Savvy Users

Here is what you need to know in order to stay safe from a new, sophisticated phishing attack.

The attack works like this: Hackers who have breached someone’s email account look through the emails in it for correspondence containing attachments. They then send emails from the compromised account — impersonating the account’s owner — with each email leveraging similarities to prior correspondence, so as to make the new messages seem legitimate and familiar. For example, the phishing emails may use a subject line that was used in the past.

More: Beware This New Gmail Scam That Is Tricking Even Tech-Savvy Users