Monthly Archives: April 2015

Simda Botnet Taken Down

canstockphoto23093500You may think you are in control of your computer but are you? Have you ever heard the termin the background?” That is computer terminology meaning your computer is performing a task while you the operator are doing something else.

Most programs that run in the background are harmless and helpful. But your computer may be part of a botnet. A computer that is part of a botnet is known as a zombie.  Now the question for black people remains; what is your computer doing behind your back?

On April 9th, 2015 a joint effort of international law enforcement bodies and private security and technology companies came together to shut down one the largest botnets in history. The Simda botnet is believed to have infected more than 770,000 computers in more than 190 countries around the world including the US, Canada, Russia and United Kingdom.

Last week’s botnet takedown is just the latest international operation to shut down a botnet. Another separate takedown targeted Beebone, an extremely elusive botnet that provided a captive audience of PCs  that were infected with a backdoor. A backdoor is a method that a hacker uses to gain remote unauthorized access to a computer often remaining undetected. This backdoor provides access to criminals who were looking for an easy way to quickly install malware on large numbers of computers and impact huge numbers of people around the world.

The AACR keeps things simple. A botnet is a network of computers that are communicating with one another or a master computer and working together to perform a task. These computers are usually working together to launch denial of service attacks against a target computer or network.  This means that hundreds or thousands of computers that have become enslaved in a botnet are instructed to contact a particular website repeatedly causing the website, computer or network to become overwhelmed and stop working. It happens almost everyday and your computer could be part of the attack and you would never know.

Botnets are also designed to steal personal information including passwords, social security numbers, credit card details, email contacts, addresses and telephone numbers. This data may be used in crimes including identity theft, fraud, spamming, and malware distribution. Now suddenly the question becomes relevant to any black person who owns a computer; What is your computer doing behind your back?

The Simda botnet was known for distributing banking malware, installing backdoors on hundreds of thousands of machines across the world. One of them may have been yours.

To determine if your computer was part of the Simda botnet visit the Kaspersky Labs Simda Botnet Free Scanner.

Breaking It Down

The number of computers affected was put at over 770,000 machines. That number will surely get bigger as law enforcement continues their investigation. By some estimates the number could be as high as 2 million computers. And that is just this botnet. There could be thousands or hundreds of thousands of botnets big and small all over the Internet. You have to know if you are in control of your machine. Practice computer safety and security and use the tools like the Kaspersky scanner to make sure your machine is yours alone. 

Don’t play around with this. Your computer could literally be committing crimes whenever you turn it on. Hackers are clever and have done really sinister things like using other people’s computers to store information in hidden files. And the owner of the computer has no idea. It is very possible that you could be a victim of a hacker and not know it. Be suspicious and ask yourself; what is my computer doing behind my back?

 

 

 

 

How Not to Get Hacked in Six Easy Steps

canstockphoto22219067Getting hacked is so easy that it is almost comical. Black people need to be aware that most hackers take advantage of human kindness, weakness, curiosity and even stupidity to get inside computer networks. Hacking is simple when the victim is willing to give the hacker a helping hand. Understand how easy it is not to get hacked and you’ll feel a lot better and safer online.

Step 1) Don’t take the bait! Phishing is the first simple step to getting hacked. A Verizon Data Breach Investigation Report revealed 23 percent of phishing recipients open malicious messages and 11 percent open attachments. The report showed that it only takes 82 seconds from when a phishing campaign is launched to when people start biting on the phony lures.  One of the the cardinal rules of email security is to not click on any link or download attachment that you are not absolutely certain of what it is and where it came from. If you receive an unexpected email with a link or attachment then call the person who sent it to you if you know who it is. Ask them what they sent you. Avoid any cute pictures, prayers, or jokes. That is how malware gets in your computer along with getting your email on spam lists. If you don’t know who sent it then delete instantly.

Step 2) Don’t fall for the phoney phone call! Much the same as phishing, the simplest way for attackers to gain access to users machines is to just ask for it. The age-old method of social engineering is still reliable.  This is when a hacker talks their victims out of information sometimes without the person even knowing it. On the phone they pretend to be an executive or someone in authority. Sometimes they smooth talk their victim into giving up information using compliments and encouragement. Or they may bully their victim and frighten them into doing or saying something they shouldn’t.

One of the most popular and effective scams is the IT support scam. A caller contacts the victim posing as IT help and asks for the user’s login and password. Sometime they will tell you things like your computer has a virus and it is spreading to your friends and family. Sometimes they may pretend to be a fellow employee or business partner and ask the employee to open a specific document that is actually something like a remote access Trojan or other malware.

Something to think about is that anti-virus software makers do not make outgoing calls to alert an individual that their computer is spreading viruses. Never, ever, share your user name and password with someone on the phone you do not know. Finally, if they claim to be working in the same company with you make damn sure they are who they say they are. Do not open any attachment or click on any link unless you know for sure that it is your company’s IT department you are dealing with. Most companies suffer hacking attacks as a result of employee actions. And most companies will not hesitate to fire you if you violate computer security rules.

Step 3) Stay up to date! Users are often hacked because their systems are not up-to-date and patched for common attacks. Hackers know what software is vulnerable. They look for computers that are using old outdated software to attack. The simplest way to protect yourself is to make sure your software is up to date. Learn to set your computer to perform automatic updates of all software. And stay up to date on the latest scams. According to Verizon hackers are still finding vulnerabilities in computers that are as much as eight years old.

Step 4) Get a strong a password!  Is your password just stupid? An easy to guess user name and password is simply begging to be hacked. Your user name and password is the key to your computer and all the information contained therein. In addition easy to guess user names and passwords also allow access to your bank and other sensitive online activity.  A good strong password is vital. You may even want to switch to two factor authentication if you conduct sensitive business online.

Step 5) Use caution on free WiFi! Researchers with Cylance recently provided solid evidence why you should consider taking an extra security step when utilizing public WiFi connections.The company strongly suggests using VPN on public WiFi networks.  Cylance discovered 277 hotels, convention centers and data centers in 29 countries used routers  with known vulnerabilities to offer WiFi to guests. Public and free hotspots are wide open for starting man-in-the-middle attacks and other means of establishing footholds in unsuspecting users’ machines. Hackers love to hang out in Starbucks, Panera Bread, public libraries and other places that offers free Internet access. They are waiting and watching you log into your bank account.

Step 6) Don’t put your business in the street!  You talk to much! Social media such as Facebook is another favorite hacker hunting ground.  Hackers do their homework.  The information you share on social media sites is exactly what makes a hacker’s jobs easy.   Sharing the name of your pet, your birthday, place of work and special relationship makes it easier for an attacker to guess passwords or the answer to password reset challenge questions.  For example the question “What city were you born in?” is an easy one to answer just by looking at your Facebook page.

This information can be used against you in order to create an extremely effective spear phishing message. Learn to stop sharing so much information on social media. The more you give away the more that can be taken away.

Now you know

 

App of the Week – Transit App

TransitAppGetting around town, any town, can be a hassle. Using public transportation in a strange city is a test of your will, patience and resourcefulness. No matter what city you are in business travelers and tourists all need to get from A to B and many enjoy the option of public transportation.  Transit App allows you to plan your trip in many cities with numerous transportation options. That’s why Transit App is the App of the Week.

Transit App can display all nearby transport options and departure times instantly. Now anybody who has used public transportation in a unfamiliar city understand how difficult it can be to locate the right bus or train going to the right location. This feature is available in 92 metro areas from Ann Arbor, MI. to Nairobi, Kenya and that number is growing. If your bus or train is running late, it happens all the time on public transportation, Transit App has a remedy for that as well.  The user can quickly plan a new route, request an Uber car, or grab the closest bike share or Car2Go.

Both Car2Go and Uber are fully integrated into the Transit App allowing the user to book a car from either service through the app.

Using the full Uber integration you can;

  • View Real-Time Departures. Compare real-time ETA’s between Uber and nearby transit lines allowing the user to quickly choose the option that suits their needs. If you “star” Uber, it will appear alongside your favorite transit routes atop your Nearby Mode. You will also be able to see how busy Uber is right from the app.
  • Request your Uber car. You can request a ride right from Nearby Mode. You also have the choice to use the trip planner.
  • Compare A-to-B Journeys. Take the guessing out of trip planning. Transit App users can compare how long their trip will take with Uber or public transit, and see approximate Uber fares. They even take into account how long you’ll have to wait for pick up when providing the estimate.

This app is all about making getting around easier.

Transit App is available for Apple and Android devices, Pebble and Apple Smartwatch.

.

ALERT! Phony Calls From VISA Card Services ALERT!

visa-full-colour-reverseCurrently there is a clever fraud scheme that is striking VISA card holders in the midwest. Card holders are receiving calls from criminals claiming to be VISA Security and Fraud Department. The scam works like this .

1) Person calling says – “This is (name) and I’m calling from the Security and Fraud Department at VISA. My Badge number is (xxxxx), your card has been flagged for an unusual purchase pattern, and I’m calling to verify. This would be on your VISA card which was issued by (name of bank).”

2)  They ask; “Did you purchase an Anti-Telemarketing Device for $497.99 from a marketing company based in Arizona?” When you say “No”, the caller continues with, “Then we will be issuing a credit to your account. This is a company we have been watching, and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards.” Before your next statement, the credit will be sent to (gives you your address). Is that correct?’ You say “yes”.

3) The caller continues – “I will be starting a Fraud Investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security. You will need to refer to this Control Number.” The caller then gives you a 6 digit number. “Do you need me to read it again?”

4)  Here’s the IMPORTANT part on how the scam works – The caller then says, “I need to verify you are in possession of your card.” He’ll ask you to “turn your card over and look for some numbers.” There are 7 numbers; the first 4 are part of your card number, the last 3 are the Security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the last 3 numbers to him. After you tell the caller the 3 numbers, he’ll say, “That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?”
After you say no, the caller then thanks you and states, “Don’t hesitate to call back if you do”, and hangs up. You actually say very little, and they never ask for or tell you the card number.

The scammer is after the 3-digit PIN number on the back of the card. For online purchases they need this number to verify they have the card in their possession. If you are a VISA card holder you should understand that VISA has all this information. Consumers need to know that VISA will not call or e-mail cardholders to request their personal account information. Report suspicious calls or emails by calling the number on the back of your payment card or by contacting the FTC’s Complaint Assistant. Cardholders should also know that Visa’s zero liability fraud policy ensures that they are not held responsible for any unauthorized purchases.

If you get a call like this and you suspect something is amiss hang up and call the company back. Never give your credit card information to anyone you are not certain of.

Finally; how did the scammer know your name, address, bank and credit card number? Scammers do their homework on targeted victims or buy stolen or hacked information on black market websites. That information often comes from data breaches.

To learn more about protecting yourself visit the VISA website and test your security IQ. Or call the Visa Global Customer Assistance Center at (800) 847-2911

Black Parenting in the Digital Age

canstockphoto2780627Black parents you need to face it. It ain’t like the old days. This is the age of the Internet, cell phones, social media, text messaging and email. Your children are exposed to technology unlike any Pong game you played as a child.  As a parent you need to understand what this technology can do to your child. 

In the past your influences and experiences were limited to school, your neighborhood, family and of course television with just a few channels.

Today, using the Internet, your child can visit anybody and anyplace in the world. And the really dangerous part is that anyone from anywhere can reach out and contact your child. So as a parent how do you raise a child in the digital age?

Children are playing with electronic toys that absolutely hypnotize them with little or no parental control. That is a serious mistake. Never allow an electronic device to babysit your child.

Too many games kids play have violent content. This violence is linked to more aggressive behavior in teens. In addition to games black children are more likely to be exposed to violence in real life than other groups.

Parents also need to cut back television watching. Research shows more than ten hours of TV a week negatively affects classroom performance. African-American parents should consider the total amount of time your child spends in front of all electronic screens  including TVs, computers, movie screens.

Children who spend too much time on a computer or video game are missing out on fundamental activities that build their physical, social, intellectual, and emotional health. As your child gets older bad habits can become ingrained and are more difficult to change.

There is clear evidence that Internet and game addiction is real and as powerful as any drug. There are clear warning signs that parent need to be aware of. These include;

  • Craving more time on the computer and Internet.
  • Neglecting or disconnecting completely from friends and family.
  • Feeling restless, agitated, even angry when not engaged in computer activity.
  • Exhibiting emotional difficulty, depression, moodiness when not online.
  • Computer use interfering with school performance.
  • Being dishonest with you about computer use and online activities.
  • Withdrawing from other activities they previously enjoyed.
  • Playing or surfing online for extended hours and changes in sleep habits.
  • Poor personal hygiene, weight gain or loss.
  • Using the Internet to avoid dealing with problems or to withdraw.

Does your teen have an Internet addiction?

If you have a child or teenager that is showing these signs you have a problem as serious as any street drug. There are some things you can do:

  • Cut back on the time spent online. Unlimited access to the Internet makes stopping an addiction is nearly impossible. Set limits on the amount of time your teen is allowed to go online. If necessary keep the password a secret and budget their time online.
  • Place the computer in a family area. Many teens have  their own computer usually in their bedroom. Move the computer to a shared room so  you can keep track of how much time they spend online and supervise their online activity.
  • Talk about it. Teens are good at hiding things from parents.  Especially African-American teens. Your teen may deny having an Internet addiction. And they truly may not even be aware they have one. Talk to them. Determine why they are going online so much and what their Internet habits are to help determine if there is an addiction to be broken.
  • Get help. Like any other addiction, Internet and game addiction requires professional treatment. Therapy can help you and your teen address the addiction. If outpatient therapy is not enough you may want to consider help from a residential treatment center or therapeutic boarding school. These facilities  offer teens a supportive atmosphere where they can focus on breaking their addiction and learn healthy coping mechanisms.

We know teens are growing and exploring their world. This includes sex. Sexting has far reaching and dangerous consequences for teens that can last a lifetime. For some teens sexting seems to have  become a game that for some has had horrible consequences. AACR rule #7; “Images on the Internet are no longer yours.” And for your information black teens sext as much as whites.

Make sure your teen understands that once that image is sent or shared it can show up anywhere! Anywhere! You may not believe your teen is sexting. Think again!  Research indicates that 24 percent of high-school age teens ages 14 to 17 and 33 percent of college-age students ages 18 to 24 have sexted.  Few of them realize there are laws against sexting including serious child pornography laws.

The situation can get much worse. Thirteen percent of sexting teens attempted suicide in 2012.  The sexting suicides are not actually related to the the picture or video shared by the teen. Its what happens after the picture is shared. The resulting scandal and embarrassment can be too much for fragile teen emotions. Photos shared with a boyfriend or girlfriend can suddenly find its way into the hands of other unwanted people. The result is often taunting, harassment, bullying and extreme shame. Within the last 5 years there have been far too many cases of teens completing suicide due to a sexting incident that went very  wrong.

Now you know

 

 

 

App of the Week – USDA FoodKeeper

foodkeeper-logoIf you don’t know by now most expiration dates on food is inaccurate and misleads you into spending more money by throwing out perfectly good food. That’s why USDA FoodKeeper is the App of the Week.

The USDA has decided to do something about this problem by making it easier to research the real expiration date for food. The government FoodKeeper app allows you research food expiration dates based on how they’re stored not who sold it to you. The food item can be researched directly or you can check general categories. The app also gives you general cooking information and send you reminders when food goes bad.

For many people this app can save big money at the grocery store. The Natural Resources Defense Council issued a report saying that Americans are prematurely throwing out food, largely because of confusion over what expiration dates actually mean.

Experts suggest consumers need to re-educate themselves to exactly what food dating mean by understanding the definitions. Here is what you need to know.

  • Use by and Best by – These dates are intended for consumer. They are typically the date the manufacturer deems the product reaches peak freshness. It’s not a date to indicate spoilage, nor does it necessarily signal that the food is no longer safe to eat.
  • Sell by –This date was never intended to be used by the consumer. It is only intended to help manufacturers and retailers. It’s a stocking and marketing tool provided by food makers to ensure proper turnover of the products in the store so they still have a long shelf life after consumers buy them. Consumers, however, are misinterpreting it as a date to guide their buying decisions. The report authors say that “sell by” dates should be made invisible to the consumer.

Many consumers believe expiration dates on food indicate how safe the food is to consume. That’s not true. The dates found on packages aren’t actually related to the risk of food poisoning or foodborne illness.

According research words like “use by” and “sell by” are used so inconsistently that they contribute to widespread misinterpretation, and waste, by consumers. Ninety percent of Americans throw out food prematurely and 40 percent of the U.S. food supply is thrown out every year because of food dating. Food dating was never about public health.

Currently there is no federal regulation that governs food dating except for infant baby formula because its nutrients lose their potency over time. Although, technically, the Food and Drug Administration and the U.S. Department of Agriculture  do have regulatory power over the mis-branding of products.

FoodKeeper is available for Apple and Android devices.

 

 

 

 

Obama; Foreign Hackers Face Sanctions

Obama-cybersecurity-e1421228350182President Obama is weilding yet another sword in his fight against foreign hackers and cyber attacks. Using his presidential powers the president has issued an Executive Order authorizing the federal government to levy sanctions against suspected hackers.

The Executive Order authorizes the Secretary of Treasury to freeze assets of those who engage in “malicious cyber-enabled activity” anywhere in the world if that cyber activity endangers the national security, foreign policy or economic stability of America.

The Executive Order does not currently target anyone for cyber-related sanctions, but in a telephone conference administration officials said they felt it was important to have the framework in place.

President Obama acted after several high-profile cyber-attacks against Target, J.P. Morgan Chase and entertainment giant Sony. The Sony hack created worldwide headlines because it was believed to have been the work of North Korea. The nation was extremely angry after the movie studio released a comedic movie about the assassination of its leader.

The hacking of  Sony Entertainment led to the first U.S. government imposed sanctions related to a cyber attack. Prior to that event White House officials never had the authority to punish individuals based on the malicious cyber activity only the region or country responsible.

“What we’re trying to do is enable us to have a new way of both deterring [action] and imposing new costs against cyber actors wherever they may be,” said Michael Daniel, a special assistant to the President and cyber-security coordinator.

White House officials were clear to point out that the new sanctions are not meant to replace  existing weapons the Obama administration has in place to confront cyber threats. Instead this order is intended to “fill in the gaps.” The order authorizes government officials to target businesses that illegally use data, trade secrets or information stolen or obtained to gain an unfair edge, and individuals and companies that give or attempt to give serious hackers a financial boost.

But professional hackers are not yet convinced of President Obama’s and the government’s promise to protect security researchers. Known as  ‘White Hat’ hackers these professional hackers expressed their concern that “cyber” sanctions announced today by the US administration could punish those trying to protect the country. They’re also doubtful of the need to call it a “national emergency” as a result of digital attacks on the nation.

The White House simply has not gained the confidence of security professionals and human rights advocates. Security researchers are trying to expose vulnerabilities in the nation’s computer networks so they can be repaired or patched. These White Hat hackers could be punished as a result of the national emergency powers without due process.

To the contrary President Obama said the powers would not be used to “target the legitimate research community or professionals who help companies improve their cyber security. And unlike some other countries, we will never try to silence free expression online or curb Internet freedom.”

“This executive order is another salvo on President Obama’s war on hackers,” said Robert Graham of Errata Security. Graham has previously criticised the US government’s attempts to counter online crime. He claims the proposed cyber laws could be used against legitimate hackers attempting to secure the Internet.

“On one hand, it’s reasonable. Chinese hackers steal trade secrets, and this makes it easier to retaliate. The recent China attack against GitHub is an excellent example of something that deserves a response from the U.S. government,” he added.

“On the other hand, it allows the suspension of due process against hacking suspects. I write tools likemasscan’, which I know the Chinese use. This order enables the government to arbitrarily seize all my assets.

Graham labeled the Executive order as “broad and unneeded.” He went on to say, “The President already has the power to deal directly with the threat of Chinese hackers, and should do so.”

Breaking It Down

Black people should be very proud of President Obama. Not only is he the first black president but he is also the first president to have to deal with the issue of cyber security as a national security issue. Every president has a legacy and cyber security is quickly shaping up to be a big part of his. The fact that we, as a nation, are in deep, dangerous and unchartered cyber waters means that our leader must take action and he has. President Obama has taken action again and again to fight this cyber war. And the fact that he has used his executive power is simply an indicator of two things. First we must address this urgent issue now! Cyber espionage, both economic and military is rampant. Strong action is needed. The threat to the economy is extreme and yes we are vulnerable. Second, we are stuck with a new Republican controlled “do nothing” Congress. They are dragging their feet confirming a new attorney general and seem wary and afraid of doing anything to make a black man look like he’s acting in the best interest of the nation.

Tax Season Safety

IRS_LogoAs tax season gets into full swing here is something you are going to want to be aware of before something bad happens. First off, there is a procedure that the IRS uses to confirm your identity. You need to be aware of this because I guarantee criminals are and they are robbing people everyday.

Tax refund fraud will cost people over $21 billion dollars this year.

In the event the IRS needs to verify your identity you will receive a 5071C letter. You will need to have your prior year’s tax return and current year’s tax return, W-2, 1099, and Schedule A and C ready before you take steps to verify your identity. Verification takes place in two ways.

  1. Call the number at the top of  5071C letter to speak to someone at the agency.
  2. You will be asked to answer a series of questions at idverify.irs.gov. These questions will be related to your contact information and information from last year’s tax return like your adjusted gross income.

This process can be a frightening experience especially if you, or the IRS, suspect identity fraud. Now, as I said earlier, you need to be careful not to fall victim to any scams. You will know it’s the IRS reaching out to you because you’ll get the official 5071C letter in the mail. The IRS never initiates contact with you by phone or email. Should you receive an unsolicited email that appears to be from the IRS, report it by sending it to phishing@irs.gov. Don’t click on any links or open any attachments.

But the real problem is that scammers know how the IRS operates and have found the weaknesses.

A prime example was found on Krebsonsecurity.com. The article describes the efforts of a man who had to fight for his identity and tax refund when it was stolen…from the IRS! How? According to the article the scammers managed to get his information by copying all of the data from his previous year’s W2. The victim believes the scammers obtained that W2 data directly from the IRS. Apparently they created an account at the IRS.gov portal, idverify.irs.govin his name then used a different email address and requested his tax transcript. As I said the crooks know the system and how to work it. The point being you need to register with the IRS before some crook does it for you. Don’t fall for any IRS information requests via text messages or social media either.

This situation is really terrifying because not even the IRS systems are as safe as you may think. It is a well known fact that the IRS systems are outdated and the agency is under-staffed and poorly trained.

Sadly the IRS is not the only government agency whose identification methods leave Americans vulnerable. Believe it or not the same process used to obtain a tax transcript at IRS.gov will also work to obtain a free credit report from annualcreditreport.com a government mandated website.

Americans who have not already created an account at the Social Security Administration under their Social Security number are also vulnerable to crooks hijacking Social Security benefits.

Here are a few other things you need to know. IRS.com is different than IRS.gov. Don’t get them confused. There are plenty of fake IRS websites you’d better be looking for.

Here is some more helpful information for taxpayers to help keep you safe.

A YouTube Video of Tax Scam Artist on the phone.

YouTube videos on identity theft from the IRS.

Searchable directory of preferred tax professionals.

Now you know.

 

App of the Week – Out to Eat with Kids

Mobile_ImageGoing out to dinner with the family can be expensive. But it can also be a great family bonding experience. Many restaurants focus on familes and provide great deals, discounts and even free meals for family outings.  That’s why Out to Eat with Kids is the App of the Week.

This mobile app allows you to search by zip code or city and shows you locations with maps, and contact information. Out to Eat with Kids provides dining options that welcome and even reward families with kids. Out to Eat with Kids gives the days and times of kid-focused specials, and any restrictions or details on those specials.

Out to Eat with Kids goes a step further by ensuring your kids eat healthy meals when dining. The app searches and features restaurants that participate in the National Restaurant Association’s Kids LiveWell program. These restaurants offer healthy menu choices for children. Out to Eat with Kids makes it easy to load up the family in the minivan, eat great food, and save some money.

Out to Eat with Kids is free and available online on  Apple and Android mobile devices.

Home Internet Security; Have You Been Hacked?

ID-100310547Far too many African-Americans ignore their Internet security. When we do this we are gambling with our lives. Our financial life, our professional life, our identity, our children’s identity or the identity of our husbands or wives, are all endangered if we ignore basic cyber security.  Let’s look at it this way; do you drive without a seat belt? Then why would you use the Internet without being safety and security conscious?

One of the first things you should be aware of when using the Internet is if you are browsing safely and if your browser is secure. Regardless of the browser you use, be it Internet Explorer, Google Chrome, FireFox or Opera, you have to ask, is it secure.

The reality is that it’s hard to know which browser is the safest or most secure. Why? Because there is no set standard for browser security. That makes you responsible for setting up your browser and home network to be as secure as possible. But there is a little good news. Experts at Skybox Security have looked at all the browsers mentioned above and evaluated them based on exposed vulnerabilities, most published and patched vulnerabilities, and the shortest time between security patches.

Surprise! The winner is the browser you are probably not using; Opera.  Opera is pretty much an unknown browser.  It’s market share is around one percent so there’s probably not a lot of interest in finding Opera’s vulnerabilities.  Keep in mind hackers are looking for the greatest numbers to have the greatest impact when they attack. But Opera did have the least number of vulnerabilities.

Even if Opera has the fewest vulnerabilities we have to look at how often the other browsers find and fix their own vulnerabilities. In this category Chrome wins. Chrome finds flaws and issues updates every fifteen days compared to Opera’s every 48 days. Internet Explorer and Firefox update about once a month. But again there more to it than that. Keep in mind that all these browsers are vulnerable to what is known as Zero Day Exploits. That is a flaw that the hackers finds and attack with no warning to the browser makers. It happens all the time. As for Firefox; just last year Extremetech.com named it the least secure browser.

So finally let me answer your question. Which is the safest and most secure browser? My answer would have to be Chrome. AACR does not make product endorsement. But, when looking at the overall measures we have decided that having defenses that update regularly and frequently is the best way to go. We hope that answers your question. Read more about the Best Browsers of 2015 here.

Lets take the next step in your home Internet security. Is your home router secure? Or has it been hijacked? My guess is you really don’t know. I have always said, make damn sure you have solid password protections on all your devices including your home router. Ask yourself  “Is my password stupid?” If your home router is compromised then your life is compromised. Every Internet device in your house uses the router. Think about this, your cellphones connect to your router, all your computers, laptops, tablets, game consoles, television, telephone, printers, home security system, your thermostat and any other smart appliances you have in your home all go through your router. Think long and hard about that.

So how do you now if your router is hijacked? A company named F-Secure just launched their Router Checker tool. It’s a quick, simple and free way to determine whether or not your DNS is working the way it should. OK; so you’re asking what the heck is DNS. DNS stands for Domain Name Servers. This is the the Internet address book.  If your DNS is corrupted or poisoned then you could end up on some pretty dangerous websites and not even know it.

The best thing about the Router Checker Tool is that there’s no app to download and install. It’s a website that you visit with any modern, standards-compliant browser. Any of the browsers we have talked about, Internet Explorer, Firefox, Chrome, Safari, and Opera, will work. I would suggest you check your browser immediately and then bookmark the site and do the test regularly. You can also use the tool when you’re connecting to less trustworthy access points like the airport, a coffee shop, library, or anyplace offering free WiFi. Before you do anything in these places you should fire up F-Secure’s tool and find out what it thinks about your connection.

Now let me ask you another question. Have you been pwned? First a quick definition of the word is clearly needed. Pwned comes from video-game culture. It refers to someone who’s been beaten. Pwned accounts are email addresses and user accounts that have been compromised. A hacker may have illegally obtained the data from a vulnerable system. Perhaps a breached home router? Pay attention people!

Now if your pwned account is made public it becomes a pasted account. That means it has been pasted to public sites that share information while remaining anonymous. Such a site is Pastebin.com

Now there is a site you can use to discover if you have pwned or pasted. Have I Been Pwned?  is a website built by Troy Hunt author of web security courses for PluralsightIt’s simple and free to use. You just enter your email address or account name in a text search box and the site lets you know if it’s been pwned or pasted. Do it!

Paying attention to your digital life is as important as paying attention when you drive. The slightest lapse in focus could get you killed. You know that. It’s the very same with using the Internet. I suggest to black people that you pay attention to what can happen if you lose focus. The Internet may not kill you but if something goes wrong online you may want to kill yourself.