US-CERT Cyber Security Tip ST11-001 -- Small Office/Home Office Router Security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

                         Cyber Security Tip ST11-001
            Holiday Traveling With Personal Internet-Enabled Devices

   The internet is at our fingertips with the widespread use of
   internet-enabled devices such as smart phones and tablets. When traveling
   and shopping anytime, and especially during the holidays, consider the
   wireless network you are using when you complete transactions on your
   internet-enabled device.

Know the risks

   Your smart phone, tablet, or other internet-enabled device is a full-fledged
   computer. It is susceptible to risks inherent in online transactions. When
   shopping, banking, or sharing personal information online, take the same
   precautions with your smart phone or other internet-enabled device that you
   do with your personal computer â?? and then some. The mobile nature of these
   devices  means  that you should also take precautions for the physical
   security of your device (see Protecting Portable Devices: Physical Security
   for more information) and consider the way you are accessing the internet.

Do not use public Wi-Fi networks

   Avoid using open Wi-Fi networks to conduct personal business, bank, or shop
   online. Open Wi-Fi networks at places such as airports, coffee shops, and
   other public locations present an opportunity for attackers to intercept
   sensitive  information  that  you  would provide to complete an online
   transaction.

   If you simply must check your bank balance or make an online purchase while
   you are traveling, turn off your device's Wi-Fi connection and use your
   mobile device's cellular data internet connection instead of making the
   transaction over an unsecure Wi-Fi network.

Turn off Bluetooth when not in use

   Bluetooth-enabled  accessories  can  be helpful, such as earpieces for
   hands-free talking and external keyboards for ease of typing. When these
   devices are not in use, turn off the Bluetooth setting on your phone. Cyber
   criminals have the capability to pair with your phone's open Bluetooth
   connection when you are not using it and steal personal information.

Be cautious when charging

   Avoid connecting your mobile device to any computer or charging station that
   you do not control, such as a charging station at an airport terminal or a
   shared computer at a library. Connecting a mobile device to a computer using
   a USB cable can allow software running on that computer to interact with the
   phone in ways that a user may not anticipate. As a result, a malicious
   computer could gain access to your sensitive data or install new software.
   Don't Fall Victim to Phishing Scams If you are in the shopping mode, an
   email that appears to be from a legitimate retailer might be difficult to
   resist. If the deal looks too good to be true, or the link in the email or
   attachment to the text seems suspicious, do not click on it!

What to do if your accounts are compromised

   If you notice that one of your online accounts has been hacked, call the
   bank, store, or credit card company that owns your account. Reporting fraud
   in a timely manner helps minimize the impact and lessens your personal
   liability. You should also change your account passwords for any online
   services associated with your mobile device using a different computer that
   you control. If you are the victim of identity theft, additional information
   is available from http://www.idtheft.gov/.

   For  even  more  information  about  keeping  your  devices safe, read
   Cybersecurity for Electronic Devices.
     _________________________________________________________________

   Produced in 2011 by US-CERT, a government organization.

   Terms of use

   http://www.us-cert.gov/legal.html

   This document can also be found at

   http://www.us-cert.gov/cas/tips/ST11-001.html

   For instructions on subscribing to or unsubscribing from this
   mailing list, visit http://www.us-cert.gov/cas/signup.html.





-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBTu9Xmz/GkGVXE7GMAQJKKAf/UcQLo41xzzLRs1TmvhOwNzx0fCguFHdh
W4/6YaDQ7rDxOBBaZLLwu351/Lh1ohMixF3GheLhqNZ9TB1A/cxxUrIa/i38wvpz
aWcrNP9eQ55cs3+ngyZl98ZOnE+pyyFKNDctgZrohM3folJeRXj+Bj3gcxkJ80fi
t7aQ0gJ94y6lkDZChLoVlNACOiErZcGh2/kcIYMgXSpnJU2mC5XLciZAsXxg/n9J
yAar0zNOy/dKUJMkVJcfTaVtmMO8QlWb2iWkoAjC6qmqt8jE92Whntgw2HQ/e01m
snMfLm791S6VBiOJG8+76h9404yFK6sC+mCnpeBtRgr06thtwnZfNA==
=y/DQ
-----END PGP SIGNATURE-----


[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux