News of data breaches is all too common. This company apologizes for six million accounts breached. That company acknowledges hackers accessed 35,000 users’ personal identifiable information. But the question that probably matters most: Is your data breached, too?

The company should contact you if your information is in a data leak, but you can’t rely on that. You can also find out if your phone number or email address has been leaked by visiting https://haveibeenpwned.com/.

HaveIBeenPwned has uploaded various breaches and consolidated the information to make searching easy. Enter your address and get a list of breaches that compromised that email. You’ll get a summary paragraph as well as a description of data compromised in each breach.

It is not uplifting reading!

Next, the question is what to do about your breached information.

Steps to Better Security
First, change your passwords for those breached accounts. If you use that same password to access other accounts, change those passwords, as well, even if they are not listed as leaked.

Always avoid reusing passwords. Yes, it can be a hassle to remember many different access credentials, but you risk exposing many accounts if you keep reusing one email address and password combo over and again.

Make using unique passwords for all accounts easier by using a password manager. A manager can store your many passwords in one place and generate strong ones to use. You can often download an app to your mobile device, which gives you the convenience of filling in your credentials when you’re on the go, too.

The next step is to use two-factor authentication (2FA).

Understanding 2FA
This adds a layer of difficulty for hackers trying to access your accounts. Even if they had your username and password, they would need a second way to verify your identity.

Using 2FA requires you to provide one of the following before you can gain access:

• something you know (e.g. the answer to a secret question);
• something you have (e.g. your smartphone);
• something you are (e.g. your fingerprint).

A bad actor would need to have not only your leaked credentials but also your other "something."

A common approach to FA is an SMS text message or voice-based authentication. You enter your credentials, then the site follows up with a text or phone call providing a separate code you must then enter. This is not the best method, however. Scammers can hack the SIM card associated with your device, and then use your number to make and receive calls and texts.

Software tokens for 2FA are a safer solution. You’ll download and install an application on your phone (e.g. Authy or Okta Verify). It can generate a unique verification code that is valid only for 30–60 seconds.

Want to learn more about password management and soft-token 2FA. We’re here to help. Contact us today at (888) 234-WDIT(9348).

With “Googling it” now a common expression, it’s safe to say you do a lot online. To do it all you’re using a Web browser (such as Chrome, Edge, Firefox, etc.). To do it all more efficiently or effectively, you could be using browser extensions, but this article is going to warn you against doing so.

To clarify, browser extensions are code add-ons that you connect to your browser. You can use them to personalize your surfing experience, and they accomplish many different things, including:

• saving time (e.g. Scribe, Evernote, StayFocusd)
• checking your grammar (e.g. Grammarly)
• managing your passwords (e.g. Keeper, LastPass)
• securing your online activity (e.g. DuckDuckGo, Ghostery)
  
  

Even though we’ve just said they can help secure your online activity and manage your passwords, the problem is that they are also risky.

Consider the fact that we said this represents added code. Now, how much coding do you know? Most will say “not a lot.” That means you’re blindly trusting that browser extension.

If you download a malicious one, that code can wreak havoc. Suddenly, your default search engine gets changed, or you get redirected to a start page with malware on it. You might face an onslaught of pop-ups or ads. They can also track your browsing history without you knowing it.

That’s just the beginning
Many browsers today want to keep you safe from malevolent extensions. They’ll have permissions in place before allowing access. Yet you still end up giving that extension a lot of access. For example, an extension modifying google.com needs access to all your Google activity. That means your Gmail, too.
Browser extensions access everything you’re doing online. So, a malicious extension could also function as a keylogger capturing passwords or credit card details.
A browser extension can also be sold to or hijacked by a bad actor. Then, it’s easy enough for them to push out an update that turns your trusted extension into malware.

What to do about this issue
Does this mean you should do without browser extensions? There are even browser extensions out there to block other browser extensions, but abstinence from extensions is not your only solution.
Instead, we’d recommend reviewing the safety and credibility of that extension. This means you should:

• Check to see who published the extension.
• Look at the reviews. A high number of positive reviews is a good sign. Thousands of people are unlikely to give five stars to a malicious extension.
• Pay attention to the permissions required. If an extension claims to modify only one website, check that it accesses that site only.
• Protect yourself with a good antivirus solution.
• Keep your antivirus solution and other software updated.

It’s also easier to stay safe by limiting the number of installed extensions you use. If you have browser extensions that you aren’t using, uninstall them. This can cut your exposure to potential threats.

Another way to secure your online activity? Work with our IT experts. We can check permissions and review your extensions. We’ll also ensure your antivirus and software are up to date. Contact us today at (888) 234-WDIT (9348).

​Selecting your home computer was challenging enough. Now, we’re asking you to decide on the right PC browser, too? When will the decisions end? At least we’re making the comparison easier. This article helps you decide if Google Chrome or Microsoft Edge works best for you.

It’s estimated that the average individual spends almost a third of their day online. That means you likely already have a go-to browser. It may be the one that was pre-loaded on your computer when you bought it or the same one you’re using on your mobile devices, but those aren’t the best reasons to select a browser. Keep reading to learn the key features of Google Chrome and Microsoft Edge.

Google Chrome vs. Microsoft Edge: The Basics

Google Chrome is today’s most popular browser worldwide. It has been around since 2008 when it was released to compete with Internet Explorer. At that time, Internet Explorer was the big-shot browser, but within a few years, Google had taken the title. Explorer was replaced with Edge, which Microsoft brought out with Windows 10 in 2015.

Chrome and Edge are available for Windows, macOS, Android, and iOS devices. They are both based on the open-source software, Chromium. Still, Edge has a long way to go before it will reign supreme. In July 2021, Chrome had the lead at 65.27% market share. Safari came in second at 18.34%, and Edge third at 3.4%.

The two are not dramatically different. After all, they are competitors, so any big gap is quickly filled. Still, there are differences. Let’s discuss those next.

User Interface

Both Chrome and Edge allow you to have multiple windows open at the same time. Edge allows you to switch your tabs from horizontal (like Chrome) to vertical. You can group tabs by choosing a name and color for related tabs on both. Your tabs will sync with your mobile devices, but where the tabs appear on the screen will be different in Edge or Chrome mobile.

You can also bookmark (Chrome) or favorite (Edge) your pages. Edge allows you to create Collections of favorites. You can send those to Microsoft Docs, Excel, OneDrive, or Pinterest. Meanwhile, Chrome has a similar feature, and its collections can be shared with other Google account users.

If you want to choose the look of your browser (e.g. a theme or Dark Mode), there’s more flexibility with Chrome. Edge allows you to make choices from 14 themes in its Appearance settings. Otherwise, you’ll have to go to the Microsoft Edge Store.

Both browsers offer private browsing. Your default search engine will depend on your browser choice, though: Chrome uses Google to search (surprise!), whereas Microsoft defaults to Bing.

One standout feature of Edge is its immersive reader. This allows you to look at a page as if you are reading it on an ebook. It’s part of the basic Edge browser tools, but you’d have to add it as an extension if you wanted this in Chrome.

Need for Speed

If performance is important, you’ll want to know that Edge runs faster. There are competing claims, but Avast found Edge runs faster than both Chrome and Firefox. Another source tested the resource consumption of both browsers, and Chrome used more random-access memory (RAM).

Chrome did have the lead on cross-device syncing for a while, but in 2021 Edge added features making it convenient to switch between devices. Note: Chrome sync devices by default, whereas you need to enable it manually in Edge.

Security

Security and privacy are another big areas to consider when picking your browser. Browsers are common malware targets. You’ll want a browser that provides you with security features. Both Chrome and Edge do help you out, but if security is your top priority, look at Firefox, Tor, or Brave instead.

Still, since we’re comparing Chrome and Edge, let's talk about their security tools. Chrome allows you to send “do not track” requests to websites, but Edge allows you to be more selective. Users choose between three tracking-prevention levels and get a blocked tracker list.

Both browsers have built-in anti-malware and phishing protection, but Google is known for updating more regularly, which can keep you safer online. At the same time, though, Google collects more of your data.

Key Takeaway

Microsoft has been steadily closing the gap between its Edge offering and Chrome. For speed and resource consumption, Edge is claiming the lead. Of course, these are only two of the available browsers out there.
​
Want help deciding on the best browser for your home? We can help you set up your computers and answer any questions you may have. Call us today at (888) 234-WDIT(9348)!

You may remember playing Duck, Duck, Goose on the playground when you were young. But have you heard of DuckDuckGo? Many haven’t. So, we thought we’d share an introduction to this privacy-focused search engine.

DuckDuckGo promises to let you “search the Web without being tracked.” The search engine site touts a simple privacy policy: “We don’t collect or share any of your personal information.”

You can use DuckDuckGo on their iOS or Android app or extension by adding a private Web search to your favorite browser or by searching directly at DuckDuckGo.com. The site’s privacy browser extension blocks trackers and offers encryption for every device.

Why use DuckDuckGo?

Google is the obvious heavy hitter in search. The problem? The company keeps your search history forever. Plus, they are tracking everywhere you go online. Their trackers are on millions of websites.

Think about it: Ever looked at a new sweatshirt and decided against it only to find it following you in digital ads for days to come? That’s because of tracking. DuckDuckGo promises there are no trackers on its search engine. It even blocks Google’s and other company’s trackers, as well.

You might think you are achieving anonymity in Incognito Mode. But this doesn’t stop Google from saving your history. Companies, internet service providers, and governments can also continue to track you.

DuckDuckGo does not store IP addresses or other unique identifiers in its search logs. This means that they cannot create a search history or data profile on you or any other individual.

Does DuckDuckGo work?

The big question, of course, is how the private engine’s search results compare to competitors. The company claims it provides “truly private search results without tradeoffs in result quality.” DuckDuckGo says it offers “everything you’ve come to expect in your online search experience” including:

• maps;
• weather forecasts;
• local search;
• news;
• images;
• videos;
• shopping;
• definitions;
• Wikipedia references;
• currency conversions;
• flight information;
• calculator;
• timer;
• sports scores;
• Q&A reference.

Can DuckDuckGo compete?

Since its founding in 2008, DuckDuckGo has steadily gained users. On January 13, 2022, the search engine announced it had surpassed 100 billion all-time searches.

According to public traffic statistics in the same week, the highest daily number of search queries DuckDuckGo had seen was 110,439,133. Just a year ago, on January 11, 2021, the company announced hitting over 100 million searches daily.

Those numbers are impressive, yet as Search Engine Land puts it, “DuckDuckGo remains a very niche competitor.” Google has a huge market share (as much as 87.57 of searches). Bing, the next biggest competitor, accounted for 6.31%, Yahoo 3.25%, and DuckDuckGo 2.5%, according to statcounter.com.

Protecting your privacy online

DuckDuckGo is an attractive and useful option for people who want a higher level of online privacy.
There are many other ways to protect your identity online and secure the data on your residential computers. Contact our IT experts today at (888) 234-WDIT(9348) to learn more about the best solution for your personal needs.
​

Nine out of ten times today when you visit a website you’re asked to sign in. To add convenience, many sites offer the ability to sign in using a Facebook or Google account. Sure, it’s simpler, but this article will share three key reasons why you might want to avoid this easy route.

It’s estimated that we each have an average of 100 passwords. That’s a lot to remember, especially as we need unique logins for every site to lower our risk of cyberattack.

At the same time, every website wants us to set up an account. It helps them get to know their users. This can help them to target marketing and product development efforts. They might also share the information with third parties as another source of income.

Still, the website wants to keep its users coming back, so they allow you to sign in with Google or Facebook accounts to streamline the process. Weigh the value of that added convenience against these three considerations.

#1 You’re giving away more data
​
By using Google or Facebook to sign in on other websites, you are giving the sites greater access to information about you. Now, they not only know what you do on their sites, but you’re also allowing them to build out their picture of you with data insights from the shared sites.

Google and Facebook have powerful tools to dig deeper into your online activity, and other websites can also extract data from your Facebook and Google accounts. If you don’t read the privacy policies, you may not know what sensitive data the platforms share.

#2 You could lose access

You may join those who are deciding to quit Facebook or leave Google in favor of another platform. If you do so, and you have used that account to access other sites, you’ll have to create new logins.

Even if you’re not ever going to do away with your Facebook or Google account, you could still lose access. If there’s a major outage at one of those two sites, you won’t be able to log in at any of your connected sites either. The other websites won’t be able to authenticate you until Facebook or Google is back up and running.

#3 Your attack surface gets bigger

If you have one, unique login credential for a website, you risk your data there only if that site gets hacked. However, if you use Facebook or Google login, and bad actors compromise that account, they can access any shared sites.

Think of it like dominos. The Facebook or Google account is the first to fall, but all those other accounts you “conveniently” login to using those credentials will come tumbling down soon after. Don’t think the attacker won’t bother looking for other connected accounts. All they have to do, once they breach one account is go into your settings to see what you have connected.

Social media accounts are also a prime target. Don’t believe us? Bet you’ve seen a post from a Facebook friend (or ten) telling you to ignore strange activity due to a hacked account.

Protect your online identity

Account compromise is a top cause of data breaches worldwide. Protect your online identity by following best practices for cyber hygiene.

Need help with password security? Our IT experts can set you up with a password manager or provide other online security help. Contact us today at (888) 234-WDIT(9348)!

The main advantage of a password manager is obvious to anyone with more than one account online (i.e. everyone). Instead of remembering all 100 usernames and passwords, the password manager autofills them. It’s a boon. But it’s not the only reason to use a password manager. This article shares several more unexpected benefits.

Password manager programs generate, manage, and store many different passwords. You may be concerned about whether a password manager is safe to use. But, the cybersecurity industry consensus is “yes, it is.”

A password manager uses top-notch encryption to protect passwords. Plus, they take a zero-knowledge approach. They can’t actually see the passwords they store and prefill on sites. The password is encrypted before it reaches the manager’s server and can’t be deciphered. This is why you need to be so careful not to forget your master password!

That said, the password manager offers more than a vault for encrypted credentials.

More Benefits of Password Managers

For one thing, many password managers have apps for download onto mobile devices. Then, you can use the password manager to prefill forms on those, too. This gives you the advantage of convenience not only on your desktop computer but also on the go.

Some password managers offer added security benefits, as well. They might:

• warn you of weak password and login credentials;
• remind you to change your passwords;
• notify you if your passwords may have been compromised in a breach;
• advise you against repeating access credentials if you’re about to do so.

Another advantage is that you can conveniently share passwords with others. Maybe you want to give family members shared access to streaming accounts or allow a work colleague access to applications you’re using remotely. A managed password sharing feature can allow them to see selected passwords. You aren’t showing everything: you can pick what you make available. Plus, when you change your credentials, the password will change on their end, too. This doesn’t need to be permanent either. You can easily revoke password sharing.

You can also use a password manager to secure other important information. You might store things such as credit card numbers or other personal identifying information. Keeping that kind of data in an unencrypted note on your desktop or mobile device is unsafe, but you can take advantage of password manager encryption to safely store those precious details.

Secure your passwords with a manager
​
You can’t expect to remember all your unique passwords. Yet the days of writing down passwords on Post-it notes are over. Use cloud-based password management to secure your passwords and do more.

Contact our IT experts today to find out more about password management. We’re happy to suggest the best solution for your needs and set it up, too.

Call us now at (888) 234-WDIT(9348)!

Every time you’re online and a site sends a separate code to check your identity, you’re using two-factor authentication. It’s become the norm. So, of course, hackers have figured out how to get around this, too. This article shows you how they do it and how to stay safe.

With billions of usernames and passwords leaked, access credentials everywhere are at risk, especially if you are reusing your log-in information on more than one site (don’t do it!).

Business websites want to offer a secure user experience, so two-factor authentication (2FA) has become the norm. It’s meant to help stop automated attacks in which bad actors use the leaked usernames and passwords.

Still, if the site you’re visiting uses short message service (SMS) to send a one-time code to your phone, you could still be at risk.

Hackers, using information they have from a data leak, can call your telephone company. They use your name, date of birth, and other identifiers available on the Dark Web, to impersonate you. Then, say you’ve lost your phone, they transfer your phone number to a device with a different SIM card.

That means when the one-time SMS code gets sent your phone number, the message will instead go to their device.

Android Users Also Beware
On Android devices, hackers have an easier time getting access to text messages. If they have access to your leaked Google credentials, they can log into your Google Play account. From there, it’s simply a matter of installing a message-mirroring app on your smartphone.

The app synchronizes notifications across your different devices. It’s for when you really need to be connected, and you’ll be able to see your phone’s SMS alerts on your tablet!

The app won’t work unless you give it permission when prompted to do so, but too many people don’t stop to read alerts from their own accounts: they assume it’s another necessary update and go on with their day. Otherwise, the hacker might call you in a social engineering ploy pretending to be a legit service provider. They’ll be familiar to you, so you’re more likely to listen when they ask you to give permission.

Again, when the one-time SMS code gets sent to your phone, because of the message-mirroring app, the hacker's device will also receive the code.

What Can You Do to Protect Yourself?
It starts with using unique passwords for all sites you visit. Worried you’ll forget them? A password manager can keep all your access credentials in one secure place for you.

You should also confirm that your credentials haven’t been compromised. If you use Google’s password service, you can head to the password manager site and tap “check passwords” to see if there are any issues. On Firefox, head to the Firefox Monitor page and “Check for Breaches.” On Safari, click on Preferences, and then on Passwords to see what recommendations they have for your security.
Change any passwords that have been involved in a leak!

To avoid the SMS concern specifically, avoid using one-time SMS codes to verify your identity. Instead, you can use a non-SMS authentication tool such as Google authenticator, which provides two-step verification services within the app itself.
​
Need help learning if your credentials have been leaked? Or want assistance setting up more security for your online activity? We can help. Contact our IT experts today at (888) 234-WDIT(9348).

Huntington Volvo? Rowe Subaru? What will your hilarious quiz results be when you enter your fourth-grade teacher’s name and first model of car? You may think it’s silly entertainment … until it isn’t. Many fun social media questionnaires are set up by hackers to steal your identity.

It seems like a harmless collection of random facts from your past. These quizzes might ask for details such as:

• What was your first job?
• What was the name of your first-grade teacher?
• What car did you learn to drive in?
• What was your first concert?

These popular quizzes promise to tell your “rock star” name or your “silent film villain” name. You know it’s as reliable as the Magic Eight ball, but you play along anyway. We all need a laugh, right?

Except that the people really laughing are hackers. Many of the questions posed are also security prompts used to verify your identity online.

Cybersecurity experts agree: don’t take these quizzes. It’s not as if there is any real value in filling out the social questionnaire. You’re simply taking the bait and risking having your personal data stolen.

Avoiding Social Media Scams

Here are some tips to help keep you safe from social media hackers:

• Don’t get hooked by clicking on that post that seems too good to be true, especially shocking, or scandalous.
• Be wary of any quiz that asks for information that could be relevant to your online password.
• If you must quiz, fill out questionnaires on reputable websites only.
• Avoid quizzes that ask you to provide your email address.
• Contact companies through trusted channels only.
• Make sure that you are dealing with the proper entity’s real website and not a look-alike site created by a scammer.

Also, think twice about apps that change your face into a cartoon character or a painting. Facial recognition is a more common security tool. Be cautious about letting unknown apps collect your photos and facial details.

What to Do If Your Online Accounts Are Hacked

Cry. Curse. Panic. Any of these may seem like a reasonable response in the moment. Still, there are better things to do for long-term recovery.

#1 Have your devices inspected by trusted IT experts. This is one more area to be wary. Scam artists will set up sites that appear to be affiliated to the manufacturer or phone numbers that appear to go to technical support specialists. It’s best to take your devices to a physical repair shop with a real human doing the work.

#2 Change your passwords. When your account is hacked, you’ll want to change that password immediately. Plus, as annoying as it is, change passwords for all accounts accessed on the compromised device. The hackers may have installed a malware that tracked all data transmitted on the device.

#3 Set up credit monitoring. Notify any financial institutions or credit card companies if those accounts are hacked. You’ll likely need to have them issue you new cards with fresh account numbers. You can also ask them to monitor your accounts for fraudulent transactions. You might also set up credit monitoring with your region’s credit reporting agencies.

Keep in mind that criminals can be patient and may not use your information right away. So, don’t think you’re in the clear because nothing happens in the first month.
​
Need help protecting your devices and online accounts? Contact our IT experts today at (888) 234-WDIT(9348). We can also review your security setup at home to help prevent you being victim of a cyberattack.

Unless you’re a reality television star, you probably don't like the idea of being watched at all times. So, why would you want your technology to know all about you? With digital technology today, it’s far too easy for our devices to turn creepy. Here are some suggestions to stop the stalker-like tendencies of the technology you rely upon.

Today’s marketing and online communications are all about customization and personalization. If you like a friend’s picture of an Art Deco door in Belgium, you see many more posts featuring similar designs. Or if you view an area rug on a website, you’re suddenly bombarded with ads for rug stores when you next go online.

This can add convenience, but it is also unsettling. What companies online know about you could be more detailed than what your friends know. Take the following steps to regain control of what your computer, phone, and apps know about you.

Review your privacy settings

Whether going online from a phone, laptop, desktop, or tablet, get to know the device’s privacy settings. Some important settings to review include:

• email tracking – this can let people know if you opened their message or not;
• location tracking – personalizes recommendations but also tells search engines where you are;
• voice recordings – manufacturers use these to train virtual assistants, but pause this to keep your conversations to yourself;
• purchase history – this helps feed the machine so that businesses know how to target you in the future.

Opt out or block ads

Opting out of ads limits the information collected from your browser or device. The site or business still receives basic information about you, but you will no longer receive targeted, interest-based ads any longer. Apple’s iOS 14 allows app blocking, and you can also express your choice on Android devices.

Otherwise, use browser ad blockers, such as AdBlock Plus, or JavaScript blockers, such Ghostery, to limit ad tracking. Also known as content blockers, these software programs prevent ads from showing on websites you visit. You can find ad blockers for Chrome, Firefox, Opera, Safari, and Internet Explorer.

Check your permissions

Watch the permissions you give apps. We have already talked about checking device settings, but you can also limit the permissions you give to apps. For example, social media accounts have privacy settings that allow you to control what's logged about you.

Plus, check permissions for other apps. Clash of Clans doesn’t need location services, for instance. Or you might not want to give Slack access to your microphone and video recordings.

Use webcam covers

Covering your webcam stops someone from potentially seeing and recording you. If you think you’d see the light come on to show the webcam is in use, know that hackers can disable that. A simple sliding webcam cover closes the webcam when you are not using it to avoid a cybercriminal having access.

Covering your webcam can also come in handy in all those online meetings you’re having. A covered camera means you don’t run the risk of your colleagues catching you unprepared.

Limit information you provide

Social media has created a culture of oversharing. There are probably many things you’ve seen about friends online that you would rather not know. You’re also sharing more than you need to with the companies that you interact with online.

If you’re filling out a form for a download, you might fill out only the required fields. When you add an app, be stingy with your personal details. Think about it from a need-to-know perspective. For instance, that home design game you love to play doesn’t need to know where you went to high school or with whom you bank.

Need help keeping the privacy-busting algorithms at bay? We can help. Our IT experts can configure device settings to limit information gathered about you online. Contact us today at (888) 234-WDIT(9348)!