Category Archives: Cybersecurity

How You Can Protect Against W-2 Theft This Tax Season

Protect Against W-2 Theft

 Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Benjamin Franklin once said only two things are certain in life: death and taxes. And practically everyone can agree – taxes are certain. So, it’s only natural that cybercriminals are trying to take advantage of the certainty of taxes by finding ways to steal all the crucial personal data floating around during tax season. From deceptive phishing scams, to physical theft  – we’ve seen the exploitation of W-2s becoming a major trend as tax season is underway.

We saw W-2 phishing scams run rampant last year, and unfortunately this year is no different.

Just this past week, we saw a deceptive phishing attack compromise the personal information of 100 Waldo County employees in Maine. It began with a cybercriminal impersonating a county official and requesting confidential employee information, including W-2 forms and social security numbers. Easily deceived, an employee sent over the data and just like that, Waldo County employees were faced with potential identity theft. And this isn’t the first case we’ve seen in 2018, as earlier in February the City of Pittsburg was hit by a phishing scheme in which an employee was tricked into giving up the W-2 information of both current and former employees.

W-2 theft isn’t just digital either, as there’s a chance that thieves may head to physical mailboxes and open them in the hopes of discovering envelopes containing W-2 forms. In fact, authorities in Minnesota are expecting such thing to occur and have been warning residents to be extra vigilant with their mail.

So, whether the thievery is digital or physical, it’s important we all start taking action to protect against W-2 theft and secure our personal identities this tax season. To do just that, follow these tips:

  • File before cybercriminals do it for you. The easiest defense you can take against tax seasons schemes is to get your hands on your W-2 and file as soon as possible. The more prompt you are to file, the less likely your data will be raked in by a cybercriminal.
  • Obtain a copy of your credit report. FYI – you’re entitled to a free copy of your credit report from each of the major bureaus once a year. So, make it a habit to request a copy of your file every three to four months, each time from a different credit bureau. That way, you can keep better track of and monitor any suspicious activity and act early if something appears fishy.
  • Beware of phishing attempts. It’s clear that phishing is the primary tactic crooks are leveraging this tax season, so it’s crucial you stay vigilant around your inbox. This means if any unfamiliar or remotely suspicious emails come through requesting tax data, double check their legitimacy with a manager or the security department before you respond. Remember: the IRS only contacts people by snail mail, so if you get an email from someone claiming to be from the IRS, stay away.
  • Consider an identity theft protection solution.  If for some reason your personal data does become compromised, be sure to you an identity theft solution such as McAfee Identity Theft Protection, which allows users to take a proactive approach to protecting their identities with personal and financial monitoring and recovery tools to help keep their identities personal and secured.

Source : : Blog

How We Price the McAfee SECURE Certification (The 4 Risk Factors)

McAfee SECURE Certification
Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Not all websites are created equal. Some have thousands of pages and receive millions of hits every day, while others get less traffic but have a slew of intricate components, such as credit card forms. The way we price our McAfee SECURE certification service, therefore, has to account for the enormous variety of websites out there.


To accomplish this (very tricky) task, we created an assessment that looks at four major factors of a website. Based on the risk factors, we derive a score from 1-100, and from that score, we set a price. Higher scores mean higher prices, but a website that scores 16 will pay the exact same price as all the other websites that score 16. It doesn’t matter if your website looks and acts completely different from another website that scored the same—both will always pay the same price for certification.

The 4 Risk Factors Are:


What counts as “engagement?” Everything from loading a page, to clicking on links, to posting comments—all the way up to entering credit card info. Once we assess all of it, it’s simple: the more your website asks from visitors, the higher your engagement score will be.


Pages, pages, pages. And of course, the stuff that’s on them. The more you have, the more content we have to scan and certify. The more time and resources that go to use, the higher your size score.


A heavily trafficked website is that much more likely to attract unwanted attention than a lightly trafficked one, and we price that risk accordingly. So if you have two identical websites and one gets a million hits a day and the other gets a thousand? You guessed it—the popular site costs more to certify.


If you’ve been breached by hackers in the past 24 months, you’re more likely to be hit again. This risk factor also affects the price, and may even require you to undergo a security review with our team of experts before we feel comfortable certifying your website as secure.

Source : : Blog

How McAfee is Adapting to the Mobile Landscape with New Partnerships and Innovation

How McAfee is Adapting to the Mobile Landscape with New Partnerships and Innovation

 Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

Mobile World Congress (MWC) 2018 is finally upon us, and mobile and security providers from around the world are in Barcelona presenting the latest and greatest insight and innovation. At this year’s MWC, McAfee is excited to present our own unique insights and innovations, some of which are supported by our partners. These include: McAfee Secure Home Platform Skill for Amazon Alexa, the 2018 McAfee Mobile Threat Report, and our industry partnerships with Samsung, Telefónica, Türk Telekom, NTT DOCOMO.

Adapting to Alexa

As we know, the growing type and number of connected devices has changed the way security operates – which is why our team created McAfee Secure Home Platform in the first place. But now, we’re excited to announce the planned launch of the new McAfee Secure Home Platform skill for Amazon Alexa, one of the most popular connected devices out there today. Customers with a McAfee Secure Home Platform enabled router can easily manage their connected home’s network security using their voice. And it’s already gaining traction with MWC attendees, as McAfee just won “Best of MWC 2018” from PC Mag for the Alexa skill!

Insight on the changing mobile landscape

Your phone is not just a phone. It is a rich computing environment that contains the keys to your connected life. And as the 2018 McAfee Mobile Threat Report reveals, cybercriminals know that, and are tailoring their strategy to our dependency on our mobile devices. The report aims to provide insight on the explosion of mobile malware and dramatic changes to the mobile landscape. The report also tells us that there have been over 16 million infestations detected in the third quarter of 2017 alone – nearly double the number from last year.

Partnerships that strengthen our customers’ security

The ever-changing mobile landscape is precisely why we’re working with our partners to find new ways to secure our customers’ mobile devices and digital lives. McAfee is today announcing key partnerships to ensure security is built-in across devices and networks. It’s more important than ever that the entire ecosystem works together to protect consumers around the world from these attacks and deliver them peace of mind. So, how exactly are we doing this? For starters, our partnership with Samsung has expanded to safeguard all Galaxy S9 smartphones, the Galaxy Note8, along with Samsung smart TVs, PCs and notebooks. We also announced a partnership with Telefónica, which will help protect Telefónica customers, and provide always on protection for every connected device in the home. We also announced a strategic partnership with Türk Telekom to deliver cross-device security protection. What’s more – NTT DOCOMO and McAfee now have an extended partnership in order to deliver Wi-Fi protection and security to NTT DOCOMO mobile users.

We’re excited to see what’s to come for the rest of MWC, and how these announcements will help improve our customers’ lives. With these new innovations, we hope our 400 million customers can live their digital lives with confidence and comfort.

Source : : Blog

What do cybersecurity and the board game Battleship have in common?


 Tags :- | | activate | McAfee com activate | activate McAfee | McAfee Activate | McAfee Retail Card.

A long day of encouraging a customer to reconsider their lack of desire to develop a plan, build a security architecture that included automation and orchestration –  with the ability to measure value vs. just adding tools as needed – led to a very late-night drive home. I was encouraged the customer invited me back to prove my case, but it was one of those days that left me shaking my head. In reflecting on the day and all the discussions, I kept thinking back to how many times both sides used the words “cybersecurity strategy.”

Clearly, strategy is one of those words that takes on different meaning depending on the context. A thought that came to mind on my drive home was that cybersecurity is very much like the board game Battleship. Both involve strategy, and operate in a “static model”.  In the game Battleship, as you may recall, the game play is simple: each player arranges five ships—an aircraft carrier, battleship, cruiser, submarine, and destroyer—on a ten-by-ten grid of squares and attempts to “sink” his opponent’s ships by calling out the squares where he believes his enemy’s ships are hiding. Most players approach the game as essentially one of chance, targeting squares at random and hoping for a “hit.” In the Battleship game, once the player positions and arranges their ships they cannot move them so in turn they become static targets. One could say the same holds true for our classic cyber security defenses. Once we position all our defensive sensors across our environments they remain static.

But is there a better strategy? In Cybersecurity we tend to deploy strategy in a similar fashion. We establish a perimeter, network and internal protections with Firewalls, Security Gateways, IPS’s, Endpoint Security etc., and wait for the adversary to guess where to attack us. They then refine their method until they achieve their objective. Clearly it is time for a change in cybersecurity game theory.

One concept that has not been yet fully explored is that of the Moving Target Defense (MTD). Not a new concept by any means, early research dates back to prior to 2011, however it is one I believe requires much more attention by the industry. The Department of Homeland Security (DHS) defines MTD as the concept of controlling change across multiple system dimensions in order to increase uncertainty and apparent complexity for attackers, reduce their window of opportunity and increase the costs of their probing and attack efforts. DHS believes in this concept so much they have invested Research & Development money to advance the idea past the concept stage.

MTD assumes that perfect security is unattainable. Given that starting point, and the assumption that all systems are compromised, research in MTD focuses on enabling the continued safe operation in a compromised environment and to have systems that are defensible rather than perfectly secure.

MTD will enable us to create, analyze, evaluate and deploy mechanisms and strategies that are diverse and that continually shift and change over time to increase complexity and cost for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency.

In an ideal case, I envision a scenario where an administrator would have the ability to set via policy variable time intervals to “move or shift” an entire network environment, or enclave including applications along with changing privileged account credentials, and leave a ghost network (think honeynet) in its place to capture forensics data for further review and analysis. There are several new innovative cybersecurity companies out there that have developed unique and forward-thinking deception technologies. I look forward to seeing what the art of the possible is in this space in the near future!

Good luck and good hunting…. Here is to you never having to say, “you sunk my battleship!”C

Source : : Blog