Do more children have to die before parents take their online lives seriously?

ESET Ireland survey: Up to 73% of children are left entirely unsupervised online.

The recent Co. Donegal and Co. Leitrim tragedies, where two teenage girls committed suicide because of online bullying and abuse, reminded us in a most dreadful way that the web isn’t just a nice place of Google searches, YouTube videos and friendly Facebook wall posts. Online life, just like regular life, has its shady sides as well. But while we’re taking many measures to stay safe in real life, the online life is considered less important by most. At least until something tragic occurs.

These horrible events prompted us to attempt raising awareness of the issue once again in hope something does change for the better, and remind the Irish public of the survey we had conducted about a year ago. ESET Ireland had a survey done with over a thousand people participating across Ireland, to find out if Irish children are supervised online. The results were shocking as they revealed that up to three quarters of children are left entirely unsupervised online.

We asked if children of different age groups (ranging from 6 to 16) were left unsupervised online, and as it turns out parents seem to supervise less and less as the children age. So the youngest group of 6-7 years of age were only left unsupervised in 27% of the cases, but then supervision drops incrementally to 73% being unsupervised in the 16 years of age group.

Question: Is your child left unsupervised online?
The graph shows how many parents of children of a certain age said YES.

It is hard to imagine that a third of 6-7 year olds and three quarters of 16 year olds receive absolutely no supervision from their parents while online, when it has also been brought forward by other researchers, that just over one in ten will accept any friend request on social media, and nearly half of them have friends they have never met.

At ESET we believe it’s also a parent’s job to help younger children to develop on-line life skills:

  • Know (and discuss) the dangers. With younger children, learning about safety issues could be a family project where parents and children could learn from each other.
  • Just because it isn’t physical, bullying and abuse online is just as traumatic and cruel as elsewhere and should be detected early, blocked in time and the victim treated as seriously as they would be in the case of any other abuse.
  • The web (and especially social media sites) are full of social interaction with people you or your children may never have met, as well as people that may not have good intentions. Keep an eye on who your children are communicating with and what it is about.
  • Think about installing Parental Control software which lets you monitor and limit computer use, as well as block many categories of offending websites and programs.

11 Tips for protecting your data when you travel

Recently FBI issued a warning about a threat involving hotel Internet service overseas and it produced a lot of requests for advice on how to respond to the threat. So researchers at ESET came up with a list of data security tips for travelers. These tips will help you keep your data safe while traveling and should defeat this particular threat (when a pop-up appears as you are signing in to the hotel Internet and asks you to update perform a software which is actually a malware infection).

  1. Make sure your operating system and antivirus software are updated before you go on the road.
  2. Backup your data before you head out (and store the backup in a safe place).
  3. Consider leaving some data behind or move sensitive data from your laptop hard drive to an encrypted USB stick.
  4. Make sure you have password protection and inactivity timeout engaged on all devices including laptops, tablets, and smartphones.
  5. If possible, only use reputable hotel Internet service providers (ask the hotel who their provider is before you book).
  6. If the hotel Internet asks you to update software in order to connect, immediately disconnect and tell the front desk.
  7. If you use hotel Internet to connect to your company network use a VPN.
  8. Do not use WiFi connections that are not encrypted with WPA (avoid WEP encrypted connections which are easily hacked).
  9. Consider getting a 3G or 4G hotspot and using that instead of hotel Internet.
  10. Avoid online banking and shopping while on any hotel or public Internet connection.
  11. Disable pop-ups in your web browser.

WEP/WPA? How to know which encryption scheme an access point offers

If you are using a Windows 7 laptop you can see the encryption type for any available access point when you display the list of access points from the network icon in the Taskbar (typically lower right of the screen). You may have to hover over the point in the list to see the information.Airport encryption

If you are using a MacBook you can Option-Click the Airport icon for a list that will display the encryption type of your current connection and, on hover, other connections, as shown on the right.

Bonus tip #1: If you are on the road and suspect that your Windows laptop has become infected you can get a free online scan from ESET.

Bonus tip #2: Don’t assume your laptop is safe from malware when traveling just because it is a Mac. Consider installing a reputable antivirus product, for example, you could install a free 30-day trial of ESET Cybersecurity for Mac OS X before you head out on your travels.

Two thirds of the Irish say their software is legit

New survey reveals 67% of Irish use legitimate software, males are more likely to pirate than females, arrrr, and nearly one in five in Munster just doesn’t know what they use

Why is a security company like ESET interested in the use of pirated software? Because in our experience the vast majority of pirated software comes with a little something extra attached. A cracked version of a known graphical editing program or a popular computer game isn’t made freely available online out of the goodness of someone’s heart, but because they have an interest it gets installed along with some additional malicious payload.

ESET Ireland, through Amárach research, asked over 1000 people across Ireland about the legitimacy of their software and these are the results:

 

Since the survey was anonymous, we presume people answered truthfully and the vast majority being users of legal software is good news. The availability of free open source software also makes things easier for many users. But the combined percentage of people using pirated software is still a concern, as is the high number of people that just don’t know if their software is legit.

The statistical breakdown of the results also offers an interesting picture. The worst offenders with only 51% of legal are in the age group 25-34, while 83% of those over 55 don’t use anything pirated. And while most Dubliners know what they use, with only 10% claiming they don’t, people of Munster seem most clueless and 19% answered they don’t know if their software is pirated. And nearly twice as many males (12%) than females (7%) use pirated software.

Statistically eastern Europe is known for a very high percentage of pirated software in use, and it is no coincidence that they also have by far the highest rates of malware infections (when Conficker worm raged worst, less than one in ten was infected globally, but in Russia and Ukraine it was nearly one in three). Usually the worst hit seem to be the users of pirated operating systems, where malware comes placed in the heart of their system and because they do not get regularly updated and patched, they are vulnerable to most targeted zero day threats. These are then closely followed by those using pirated security software. The wolf guarding the sheep or a thief guarding your valuables and all that, you know…

The lure of temptation can result in risky exposure for Irish women

A new ESET Ireland study reveals some online topics are irresistible to the Irish, and will compel them to click on links they suspect are unsafe.

If it looks too good to be true, it probably is. We’ve been telling the Irish computer users this, with regards to various online offers and spam mails, promising incredible deals. But it seems that the shopping urge is stronger than common sense with one in three Irish females.

Recently ESET Ireland has commissioned a survey, to find out if the Irish will click on a link (on social media, in online ads or in a spam email), for which they suspect or are unsure of, if it’s fake or malicious. As it turns out, nearly half wouldn’t, but the half that would, show interesting preferences in what they find irresistible.

Overall, females will find their inquisitive nature get them in trouble slightly more often than men, as more males answered they’d not click on any of those. But two of them stand out with the stark contrast between male and female computer users.

When it comes to super savings offers, only a quarter of males will click, compared to one in three females. Additional demographic data reveals that Connaught and Ulster residents seem most thrifty with 33% while in Dublin and Leinster only 27% are. It appears shopping is what females find hardest to resist even against their better judgement.

The roles reverse however, when it comes to downloading. There males are far ahead in recklessness, as 20% (even up to 23% in age group 15-24) of males and only 12% of females will engage in downloading music, films or computer games from dodgy websites which could cause malware infection in the process.

Disaster news are equally interesting to females and males, with 25%, but particularly interesting to youths (30% of age group 15-25) from Munster (29%).

On the positive note, it seems the Irish have not yet succumbed to the celebrity obsessions of some other nations, as under 12% will be lured into danger over celebrity photos or gossip.

What to do and how to know what to click on?

  • Act responsible and don’t just click on everything you find appealing. Internet fraudsters are counting on your curiosity to help them spread malware and lure people into financial scams.
  • Do your online shopping on reputable websites and make sure they have the safety certifications for secure payments.
  • Get your world news from known news websites, from your local TV or radio stations’ websites, etc. Many scams are spread through email and social media by pretending to show “yet unseen footage” from some recent disaster.
  • And, as always, think before you click!

Has the web become a nanny for Irish parents?

A new survey by ESET Ireland reveals the majority of children over 13 are left unsupervised by parents when online.

Imagine the Internet is like a large city. Like any large bustling city, with everything fun and useful it offers, the Internet also has its shady streets and underpasses full of criminal and malicious activity. But while most parents are concerned where their children would go alone in a busy city, they seem much less concerned about where they go online.

That is why we have commissioned a survey from Amárach Research, to find out how Irish parents supervise their kids’ activities online. The results, based on a sample of over a thousand people, surprised us a bit.

Question: Is your child left unsupervised online?
The graph shows how many parents of children of a certain age said YES.

We asked if children of different age groups (ranging from 6 to 16) were left unsupervised online, and it turns out parents seem to supervise less and less as the children age. So the youngest group of 6-7 years of age were only left unsupervised in 27% of the cases, then supervision drops incrementally to 73% being unsupervised in the 16 years age group.

While this seems to make sense in the usual state of affairs of bringing up children and handing over responsibility as they mature, in the case of being online, it is perhaps worth pointing out that the Internet has bad neighbourhoods and shady corners for every age group (adults not excluded).  You have possible paedophiles out there preying on the youngest and most vulnerable, but also illegal music, movies and software downloading and pornographic websites with their malware loads infecting the computers of the older ones. And then if they do online shopping as well and have their credit cards compromised … well you get the picture. Not to mention the older children age groups also probably spend most time online, and should therefore be especially educated about things such as Facebook privacy, safe online shopping and malware threats.

Most parents will probably say “But my child knows much more about computers than I do!”, so how to stay on top of what’s going on? At ESET Ireland we’re aware that online security isn’t just a battle between evil malware and good security software, but that it is instead a complex mix of measures, practices and awareness as well. So here’s what we suggest:

  1. Know the dangers out there and talk about them with your family. Explain to your children which things are dangerous and how to avoid them.
  2. You should know what your children do with the computer. Do they download pirated material and run cracked software and shop online on the same computer? Do they surf dangerous websites?
  3. You should know who they talk to when online. Is it only friends and acquaintances or also unknown people, engaging them in potentially unwanted activities.
  4. Special attention should go to Facebook and other social media privacy. How posting inappropriate content can get one in trouble and how to avoid cyber bullying.
  5. Think about installing Parental Control software which lets you monitor and limit computer use, as well as block many categories of offending websites and programs.

Stay safe online. Think before you click.

10 tips for safer holiday shopping online

The economic situation being what it is, even more holiday shopping is expected to happen online this year than last, due to the possibility of getting good deals online.

That means more scammers will be looking to do some shopping of their own, possibly at your expense. This might involve using your credit card and bank account to fund their gift-buying, or perhaps capturing and selling your personal information so they have some extra holiday cash. Here are the tips that ESET researchers have put together to help savvy cyber-shoppers avoid getting scammed while hunting for the best holiday deals online.

  1. Tune your shopping machine: Like the tune-up your car might be getting before a long drive to deliver holiday gifts to relatives, your laptop may need a little attention before going online for some power shopping. Give it some love, and improved protection, by updating and patching your browser, operating system, and anti-malware suite. Patching will help you avoid malware infections and scams, and keep you running smooth throughout the season, and it’s free.
  2. Stick with familiar faces: Buy from websites that have established a reputation for doing what they say, providing accurate descriptions of merchandise and delivering it in good shape and on time. When you’re getting down to the wire with shipping deadlines, the last thing you need is friends and relatives getting the wrong gifts, which could be worse than no gifts at all.
  3. Be wary of FANTASTIC deals: If it looks too good to be true, it probably is, particularly if it’s an amazing offer on one of the hottest products of the season. Such deals can be very tempting, but it really is safer to avoid following links that offer goods, services, or gift cards at impossibly cheap prices, they are just too risky. Not all discount vendors are scammers, but ask yourself if the promised savings are worth the gamble (or Google the offer and/or vendor to see what others are saying).
  4. Insist on secure transactions: When you are in the ordering process on a website check to make sure it is using SSL, the standard in secure transactions that shows up in several ways. You should be able to see https or shttp in front of the web address instead of http. There may also be a lock or key symbol in the browser window as well. Using SSL encrypts the exchange of information, such as your credit card, so eavesdroppers cannot read it. When in doubt, a quick search in Google for the word “scam” or “fraud” along with the site name should tell you if that site has a history of problems.
  5. Think before you act: Watch out for URGENT deals that arrive in unsolicited email or purport to be from friends on social networking sites. Exercise extra caution if the message uses broken English or if it doesn’t seem quite right for some reason. If you think the deal is real, open a browser and type the name of the website directly into the address bar. This will keep you from getting swept away by scam links to fake websites built by cyber crooks that harvest your information and spirit it off to the underworld (the black market for stolen identity data).
  6. Don’t shop at a leaky hotspot: If you need to do any shopping over WiFi, at home or at a hotspot, make sure it is secure (look for the lock symbol in the WiFi connection dialog). The last thing you want is someone snatching your personal details out of thin air as you transmit them from your laptop (or smartphone or tablet).
  7. Use a credit card: If you get scammed and try to get your money back you may have better luck with credit card transactions versus debit cards. Many vendors, whether in shops or online, prefer debit cards because the transaction is cheaper for them. Avoid this when holiday shopping. Credit cards can put an extra layer of protection in between you and the bad guys.
  8. Question detailed info requests: Some malware is able to add questions to forms you use online, so if a shopping website is asking for too much information relative to your purchase, like wanting your PPSN to complete a simple order for flowers, abandon the transaction and run an anti-malware scan right away.
  9. Don’t expect money for answering questions: There are legitimate website satisfaction surveys, but when a window pops up promising you cash or gift cards just for answering a question like “Coke or Pepsi?” close it and move on (and do NOT enter your mobile number, unless you are prepared to pay for premium services you never ordered).
  10. Stay awake after the holidays: When New Year lull sets in, there’s a tendency to avoid looking at the credit card statements arriving by mail (or email). Maybe you’re hoping you didn’t spend as much as you THINK you may have. But if you got scammed, that statement may be the first sign, so at least skim the statement to see if there are any transactions you don’t recognise. For example, if you have never been to Brazil and don’t know anyone who lives on the outskirts of Rio, it’s a safe bet that any transfers to the region are fraudulent, and the sooner you act, the more likely you are to recover your money.

Follow these simple tips and you should sleep a little better during the holiday shopping season. Remember, as in life, there are things on your computer that can seem too good to be true, and holiday shopping on the internet is no different. Caution may sound boring, but it can pay off. After all, if you feel you don’t have enough time to get your shopping done, you certainly don’t have time (nor probably the means) to start shopping all over if you do get scammed.

Please feel free to share these tips with any friends and family who are planning to shop online this season.

Breaking up online is hard to do … for the Irish

Fifty ways to leave your lover? Although a tiny 1% would post hostile remarks on their ex’s social media, and 8% would remove them as contact, but letting go is not easy for 1 in 4 Irish people. Over 25% stay friends and follow each other’s profiles even after breakup.

The networked world’s social habits are changing. As email revolutionised business communication, so social networking has profoundly changed how people interact privately, and even how they start and end relationships.

Due to our expert interest in the ways online keeps getting abused and exploited in negative ways, social media and the multitude of interactions combined with blurred privacy awareness it entails, is a constant target of analysis and study. Technically any unlawful activity that uses computers is considered cybercrime and therefore under our magnifying glass. In recent times cyber-bullying, online threats and insults and similar phenomena are growing in frequency, causing increased concern and prompting taking steps, such as the proposed “panic buttons” for those being threatened.

That’s why ESET Ireland has commissioned a survey carried out by Amárach Research on 850 people, to reveal how Irish people react online and on social media after an emotionally stressful event of a relationship breakup.

The results are rather encouraging in that only 1% showed hostile or offensive behaviour (that could potentially result in legal action). Some 8% would hold a grudge and delete their ex’s contact, while 11% would remain friends even online, with another 15% regularly or occasionally checking their ex-partner’s profile. If we combine the last two, we can come to a conclusion that letting go is not easy for 1 in 4 Irish people. Do they jealously stalk their ex’s profile to see if they’re interacting with someone new? Do they dread spotting a new “in a relationship” status? Or are they indifferent and just keep contact out of courtesy?

Some interesting characteristics were revealed by the demographic breakdown of the survey. For instance, the people of Munster hold the biggest grudges, as 11% of them deleted an ex immediately, while in Connaught and Ulster they seem to be the most forgiving with only 4%. Age is also a big factor. The youngest age group 15-24 is most active and dynamic online and did all of the above in percentages up to 26%, while the oldest were very passive and no more that 6% of 55+ did anything above.

The majority of over 70% of people surveyed has either never broken up, doesn’t use social networking or last broke up before social networking was a factor. We do however want to offer some advice for the unfortunate victims of that 1% of less stable ex-partners.

Most social media offer an option to block anyone from contacting you. That should be your first choice if unwanted behaviour occurs. Most social media also offer a report option, where an offender can be reported to the social media administrators and if they’re found to be regular offenders they may be banned from using that social media service. In the extreme case of receiving direct threats, blackmails or other hostile behaviour, it is best to contact your local Garda station, as they do also deal with online crime and they will offer you advice or take appropriate action.

Urban Schrott
IT Security & Cybercrime Analyst
ESET Ireland

Do the Irish think they’re safe online?

Time and again we’ve discussed how, no matter what sort of antivirus protection people use, they themselves are still the weakest link in cyber-security. Clicking on things, running programs or visiting links they shouldn’t, exposing themselves to risks constantly.

At ESET Ireland we’re trying to find out why that is the case. And one way we went about it is by trying to establish what Irish computer users even perceive as an online threat and how likely they think it is that something will happen to them.

We conducted a survey, carried out on our behalf by Amárach research, which presented 852 people of all ages and from all parts of Ireland with the following six statements:

1.     My computer can be crashed or caused to malfunction by viruses or malware.
2.     Computer viruses or other malware can infect my computer/ steal data/ cause damage.
3.     Someone could hack into my email or social media and contact my friends pretending to be me.
4.     I could be cheated by scam emails or fraudulent social media messages.
5.     My private information/ credit cards/ identify could be stolen or misused online.
6.     Someone could access my computer online to steal my data/ turn my computer into a malware or spam dispatching bot.

Then we asked them to rate each of the statements with whether this has already happened or how likely it is to happen and the results were quite surprising.

As it turns out 1 in 4 Irish computer users has already had their computer crashed or otherwise damaged by viruses or malware. 1 in 5 has had their computer infected or data stolen. 14% were hacked or had their social media accounts hijacked. And nearly every tenth person was cheated, had their credit cards or private info abused or their system was used to unknowingly dispatch spam.

What is even more interesting is that over 40% of people believe any of that could easily happen to them. This could mean several things. Either they mistrust their antivirus protection or are aware that their security practices are not adequate compared to the sorts of threats they’re facing. On the other hand less than 4% believe none of those could ever happen to them, while about a third believe it’s either not easy or very unlikely that they’d become a victim.

Some more interesting details come from demographics of the surveyed. While males and females were targeted indiscriminately and in equal proportions, it was the younger population (age group 15-24) that experienced most computer crashes, virus infections and online and social media personality theft, while the older population (age group 45-54) had the most experience of having data stolen or credit cards abused. This can possibly be explained by speculating on how each of these groups use computers. For the young it’s mainly gaming, entertainment and social media: thus pirated games, music and movies infect them with malware, while social interactions make them victims of identity theft. Adults, however, tend to shop and bank online more, thus potentially exposing their financial details to abuse.

What conclusions to make from all this? Well, these questions only revealed the attitude people have towards threats and do not really reflect what actions they take to try to prevent them. But one thing is certain. Awareness of online threats has finally reached a point where even if they’re fortunate enough not to have been a victim yet, the majority know that a great variety of threats exist out there and that everyone is targeted and could come under attack.

Irish holidaymakers expose themselves to dangers

One third of the Irish enjoy holiday gloating while another third prefer secret holiday destinations

With the holiday season nearly over we wanted to know how much of their holiday plans or activities do Irish reveal on social media. This security issue goes beyond announcing your house will be empty in a certain period and inviting burglary this way. Lately cybercriminals often contact social media friends of their target with some sort of financial scam that involves the holiday destination.

Urban Schrott, ESET Ireland’s cybercrime analyst comments: “Say someone posted on his Facebook profile that they’re looking forward to their holiday in Lanzarote. Well, cybercriminals often check for such info on visible Facebook accounts and then they can easily fake an email seemingly from them and target some of their friends saying something like ‘I was mugged in Lanzarote, please send me €500 to sort things out and get home,’ with a request to transfer funds through untraceable Western Union. Scams like this appear credible, and are occurring all the time. With the location of the holiday made known, many people fall for it and send ‘friend in distress’ money, then are shocked to find the friend was never mugged and knows nothing about it.”

Now ESET Ireland asked Irish computer users how much info they reveal on social media. One third of Irish adult internet users never post their travel plans on a social media website. Just under 1 in 10 always post, while another 1 in 10 only allow certain friends to see the information. If we say the worst security offenders are those that tell all, well, there’s only about 9% of those. But add to that another 13% that sometimes post, and 8% that only tell some friends, then nearly a third does reveal some info, therefore putting themselves and their friends at risk.

The full results of the survey are as follows:

Another interesting detail is that 11% of Irish males but only 7% of Irish females post before travelling, while only 9% of males and 16% of females post after they’ve returned home. And the people of Leinster, who scored highest in never posting and lowest in always posting of all regions, seem to be wisest in telling everyone it’s nobody’s business where they spend their holidays.

ESET Ireland recommends you behave safely online and try to filter information you disclose about yourselves so the chance of them being abused in any way is minimised.

ESET Advises: Use Caution When Connecting to Public Wi-Fi

There are tens of millions of free or paid Wi-Fi hotspots around the world. The unsuspecting business or adventure travelers will use Wi-Fi wherever they find themselves. Airports often have free Wi-Fi and as vacation season is in full swing, Wi-Fi access is a necessity. That is why ESET’s researcher Cameron Camp has prepared some advice for users of the wireless internet spots.

Along this helpful insight, ESET Smart Security 5 offers useful feature for “out of home networks” that alerts user whenever connecting to public Wi-Fi, offering the necessary protection. The latest, fifth generation of ESET’s flagship product offers this ever-so important level of security,  Release Candidate version is  available for free download. ESET Smart Security 5 is currently in the Release Candidate phase of testing and may not contain all the functionality envisioned in the product’s final version slated for release mid September.

According to the findings of the Online Security Brand Tracker, a global research project commissioned by ESET – carried out by InSites Consulting (April-May 2011), and analysis conducted by United Consultants, almost half of the users worldwide are connecting to the Internet using portable devices as the primary connection device, notebook being the most popular (41%), followed by netbooks (3%), smartphones (2%) and tablets (1%).

“Sitting in an airport you rarely frequent, you grab your laptop and snap out a couple e-mails to send, and look, there’s a free Wi-Fi hotspot. Bang, you connect and send, and are off on your way. What you don’t know is the free Wi-Fi may come with a price: your login credentials and network traffic being sniffed and captured before sending them along to the real Wi-Fi hotspot, and your information stolen en route, undetected,” says ESET researcher Cameron Camp.

What raises the flag of awareness is when there is a hotspot with a name you don’t recognize or one that closely resembles the name of the official one. Be especially wary of “unsecured” hotspots, ones where you don’t need to enter a password to gain access. “The magic happens through a proxy technology, which intercepts your Wi-Fi communication, captures and stores a copy locally on the scammer’s laptop, then sending your information on to a “real” Wi-Fi hotspot. This will slow down your traffic a little, but with congested networks, it is often hard to tell if your traffic’s being snooped, or if there are just many users logging in  at the same time,” adds Cameron Camp.

Whenever you log in to check your bank balance, buy something for your wife or catch up on e-mails, your computer has to send the login information across the network, which is a goldmine scammers look for. Normally, if you login to a bank website, you’ll see the bank address beginning with “https” rather than “http” which means the traffic is encrypted. If the scammers succeed in capturing your encrypted credentials, they can still run a program later in an attempt to get to your credentials. So, if the bad guys get their hands on the information, they have all the time in the world to work on decrypting it, and you may notice fraudulent account activity days or even weeks later. So keep in mind – expediency is not a good policy when dealing with public hotspots – use caution and pay attention to details.

Security threats whilst using free Wi-Fi:

  • Evil twin login interception: networks set up by hackers to resemble legitimate Wi-Fi hot spots.
  • 0-day OS/app attack attempts: an attack through previously unknown exploit.
  • Sniffing: computer software or hardware that can intercept and log traffic passing over a network.
  • Data leakage (man-in-the-middle attack): Cyber-criminal can modify network traffic and let you think you are dealing with your bank while, in reality, you are sending him all your credentials.
Follow

Get every new post delivered to your Inbox.

Join 72 other followers