The IT Nerd

Many people use their browser’s incognito, or private, mode to browse the internet privately. However, this mode doesn’t actually make them as invisible as they think. All the browsing data can still be tracked with the help of users’ IP addresses.

“Private browsing mode makes sure your computer is not storing browsing data locally. This way, your searches, logins, or visited pages can’t be retrieved later. Yet that’s far from completely private,” explains Daniel Markuson, the digital privacy expert at NordVPN. “All your browsing data can still be tracked by your ISP, employer, websites you visit, or any other third party that can access your IP address.”

For example, if a user logs into their Amazon, Facebook, or any other online account, the private mode will not conceal their browsing data from these sites. “Chrome will start recording your cookies and history again if you sign into one of Google’s apps, making the whole incognito thing useless. Google, Apple, and Mozilla, developers of the most popular browsers worldwide with the private mode, are completely upfront about this in their privacy policies,” says Daniel Markuson, digital privacy expert at NordVPN.

However, browsing incognito can be useful as well. It is especially handy if you plan to book flight tickets or hotel rooms. As a private browser window does not save cookies, travel websites cannot see that you have been interested in the specific dates before and hike up the prices accordingly. It is also a good tool if you share the same device with other people or when you are on a public computer.

How to browse privately

• Choose another browser. Using one of the major browsers may seem like the most convenient choice for everyday online activities. While it is entirely possible to tweak Google Chrome, Safari or even Microsoft IE with plugins and advanced settings for security and privacy, these are far from their key features. You can choose a less known browser that provides more privacy online.
• Choose a private search engine. There are a few search engines that respect your privacy. The most popular one, perhaps, is DuckDuckGo. It doesn’t use cookies, doesn’t store any personal identifiable information, and discards IP addresses from it server logs.
• Use Tor for browsing. It’s a powerful privacy tool. It routes your traffic through a series of different nodes before connecting you to your online destination. This way, it becomes difficult to determine where you originally came from. However, Tor may slow down you internet speed considerably.
• Start using a virtual private network. It replaces your IP address with that of a remote VPN server, so any online monitoring based on tracking your IP address fails. VPN also encrypts your traffic, hiding your browsing habits from your ISP, hackers, and other third parties. NordVPN is one of the most popular options.

The EU is close to passing a copyright reform law to update its copyright legislation for the digital age. The final vote on the Copyright Directive is expected to take place in the European Parliament plenary between 25 and 28 March.

“In many respects, the reforms are necessary to protect the rights of content creators and artists. However, two poorly formulated articles are threatening to have a damaging effect on the freedom of expression online. Article 13 is the key piece for concerns in the proposal. Most importantly, the effect of the new Copyright Directive will not be limited to the EU, which is large enough to affect many websites around the world,” says Ruby Gonzalez, Head of Communication at NordVPN.

As the decision day in the EU Parliament is approaching, NordVPN joins millions of Europeans in opposing the new law. Since memes are one of the most popular forms of expression, which Article 13 puts at risk, NordVPN invites all internet users to express their opposition through memes. NordVPN promises to award the authors of the most popular entries with free 3-year subscriptions to its service.

“The EU Parliament will vote on laws that have the potential to chill free speech and creativity on the internet around the world. This is the last chance for the public to express how important the free and open internet is to us,” says Ruby Gonzalez, Head of Communication at NordVPN. “We support online freedom of speech and expression, and we oppose online censorship. The law should protect the rights of authors, but that should be accomplished without damaging free speech.”

How to oppose Article 13 with memes:

• Create a meme about Article 13, expressing how it might affect your life or why you’re opposed to it;
• Upload it to Twitter or Reddit. On Twitter, use the hashtag #NotMyEUdirective and tag @NordVPN. On Reddit, upload it to the sticky thread on the NordVPN subreddit.
• On March 26th 12:00 PM GMT, 20 best meme authors (10 from Reddit and Twitter each) will be awarded free 3-year NordVPN subscriptions.

Find out more about the competition, as well as Article 13 and Article 11 from the Copyright Directive: https://nordvpn.com/blog/article-13-nordvpn-meme-contest/.

Public outcry around Article 13 reached a historical peak with almost 5 million Europeans signing a petition against it. Thousands have called, tweeted, and emailed their Members of the European Parliament (MEPs). Additionally, several websites are planning to shut down on 21 March – the Internet blackout day. On 23 March, protests will be held all around Europe, with thousands expected to join.

According to Statista, there are approximately 26.66 billion connected devices today, and this number is growing every day. However, almost all smart home appliances, such as a smart TV, fridge, or thermostat, can become an easy target for cybercriminals. Internet Security Threat Report showed a 600% increase in the number of IoT (internet of things) attacks between 2016 and 2017.

“Smart devices are becoming more and more common in many homes. Technically, it can be any device that has a sensor and can transmit data through the internet,” explains Daniel Markuson, digital privacy expert at NordVPN. “Smart home devices include light bulbs, thermostats (like Nest), door locks, refrigerators, ovens, baby monitors, and other.”

However, according to NordVPN’s Daniel Markuson, IT professionals know very well that anything connected to the internet can be hacked. Sadly, the rush to get smart home appliances into the market makes security one of the weakest parts of this technology. There are a few examples already of internet-enabled TVs and even baby monitors being hacked.

“The good news is that you can use encryption to better protect all connected devices you have at home,” says Daniel Markuson, digital privacy expert at NordVPN. “Setting up a virtual private network on your router will secure all network traffic, including IoT devices.”

A VPN connection on your router means protection against man-in-the-middle attacks and hackers trying to compromise your Wi-Fi network. VPN can also prevent home devices from participating in botnet attacks.

The downside is that setting up a VPN service on a router manually may be complicated and confusing. However, you can get a special app for that, like FlashRouters Privacy App, which works with NordVPN – one of the most advanced VPN services in the world.

With the FlashRouters Privacy App, a user can easily manage the VPN connection on their router remotely from desktop or mobile phone. “That means you can forget manual switching and worries about security once and for all. The Kill Switch technology will disconnect all your devices in case the VPN connection drops. This way, you can be sure that your sensitive data will not be exposed, not even for a brief moment,” says NordVPN’s digital privacy expert.

The application can be installed on any router running the latest DD-WRT firmware.

NordVPN has expanded its payment options to include Boleto Bancário. This marks a strategic decision to strengthen market presence in Brazil.

VPN stands for “virtual private network” – a service that encrypts a user’s internet traffic and redirects it through a remote VPN server. It also replaces their IP address, keeping their location private. VPNs are used worldwide both for security and entertainment reasons. In a study of VPN usage around the world, GlobalWebIndex found that 25% of internet users had used a VPN in the past month, and that 42% of these used a VPN daily.

NordVPN is a trusted online privacy and security solution, used by over 8 million internet users worldwide. It offers military-grade encryption with advanced privacy solutions and is recognized by the most influential tech sites and IT security specialists. NordVPN holds a  significant market share in the United States, Australia, the United Kingdom, and many other European states.

Boleto Bancário, usually referred to as Boleto, is a popular cash-based payment method used in Brazil, with 15% market share. It is also the only payment method available to the 35% of shoppers who do not have a bank account. Boleto is regulated by Brazilian Federation of Banks.

At the moment, NordVPN’s payment options include all major credit card providers (Visa, Mastercard, American Express, and Discover), crypto currencies (Ripple, Ethereum, and BitCoin), and many regionally localized payment solutions (AliPay, Yandex, iDeal, Sofort, UnionPay, Boleto, and others).

To find out more about NordVPN, please visit nordvpn.com.

This week 500px, a popular photo-sharing service, confirmed that the personal information of 14.8 million of its users was impacted by a security breach. 500px users’ data is now for sale on the dark web, together with records stolen from fifteen other compromised websites.

“Even giant companies are not doing enough to secure sensitive user data. At the moment, approximately 620 million records stolen from sixteen compromised websites, including 500px, are up for sale on the dark web. The whole batch is available for roughly $20,000 in Bitcoin. However, no one knows how many cybercriminals and other shady personas have acquired it so far,” says Ruby Gonzalez, Head of Communications at NordVPN. “We urge all internet users to share less sensitive information online and to use security services, such as antivirus and VPN.”

In an email sent out to users, 500px states that the personal data compromised in the breach might include the following:

• “Your first and last name as entered on 500px
• Your 500px username
• The email address associated with your 500px login
• A hash of your password, which is hashed using a strong, one-way cryptographic algorithm – such hashes are almost impossible to reverse-engineer to access your original password
• Your city, state/province, country, if provided
• Your birth date, if provided
• Your gender, if provided”

What to do if your account gets compromised

If your account has been hacked or compromised in a data breach, you should act quickly, before hackers can get their hands on other important information. NordVPNshares 5 most essential steps to keep yourself safer.

1. Get back into your account

The first important step for you to do is to log into your account and change password immediately. It shouldn’t be ‘password’ or ‘imthekingoftheworld.’ Your password needs to be strong. Try this trick: think of a statement, for example, “I love to go for a walk every evening.” Then, turn it into 1l2g4awEVe (replacing I with 1, to with 2, for with 4, and every with EV).

If possible, use two-step authentication and get a password manager like LastPass or 1Password. Most importantly, never reuse the same password for all of your accounts.

2. Take care of your other accounts

If you used the same or similar password for more than one account, change it on all other key platforms and accounts immediately. That includes your email, Facebook, Amazon, Twitter, LinkedIn, and other. Even though hackers, most probably, got hold of your hashed password, there’s still a chance they can decrypt it and get the real password.

Check haveibeenpwned.com to see if you have an account that has been compromised in a data breach before.

3. Update your settings and available data

Go through the privacy settings and data you provide both on the breached platform and all the other important platforms you use. Make sure you share only the required information and remove what’s not necessary, for example, your phone number and favorite locations. This way, even if your account gets hacked, it will be of less value for hackers.

Common advice is to share as little as possible online. If you are not intent on getting worldwide attention, change your account settings from ‘Public’ to ‘Private.’

4. Revoke access to third-party apps

In Quora case, for the user convenience, there was a possibility to connect to the platform with Facebook and Google. Check, whether you permitted access to view one of those accounts.

We recommend reviewing which of your accounts are linked and rethink if you really need that. Revoke access to applications that are no longer in use, as well as suspicious ones.

5. Beware of phishing scams

Since hackers may have detailed profile information of almost 15 million users on 500px, we are likely to see more personalized and sophisticated phishing scams in the near future. Phishing scams are very effective, as criminals usually use a piece of real private information.

You should be careful if you get seemingly legitimate, personalized messages from banks or any other familiar organizations. That is especially valid if they ask for more personal details, fund transfers or to click on any link. For additional safety, use a VPN, like NordVPN. Using a VPN when browsing can help to protect you against malicious websites and phishing sites.

NordVPN announced a new partnership with Adyen, the payments platform used by many of the world’s leading companies. The decision comes down to Adyen’s self-hosted payment processing solution and region-specific local payments.

Adyen is an international payments platform, which provides modern end-to-end infrastructure connecting directly to Visa, Mastercard, and other payment methods preferred by consumers around the world.

The Amsterdam-based company, which is an EU-chartered bank as well, provides the payment technology behind digital-first giants such as Spotify, Etsy, Uber, Booking.com, AirBnB, Facebook, Netflix, and eBay. The latter switched from PayPal in 2018, making Adyen its main payment processing partner.

NordVPN will start introducing localized Adyen payment options in February 2019. It is expected that by the end of 2019 it will be the major regional payment option. Simultaneously, NordVPN is ceasing the PayPal support.

At the moment, NordVPN’s payment options include all major credit card providers (Visa, Mastercard, American Express and Discover), crypto currencies (Ripple, Ethereum and BitCoin), and many regionally localized payment solutions (AliPay, Yandex, iDeal, Sofort, UnionPay, Boleto and others).

To find out more about NordVPN, please visit nordvpn.com.

Last week, the Japanese government approved a law amendment that will allow its employees to hack into people’s Internet of Things (IoT) devices as part of an unprecedented survey of insecure IoT devices.

The government reportedly wants to secure IoT devices before Tokyo 2020 Summer Olympics to avoid Olympic Destroyer and similar attacks.

The Japanese National Institute of Information and Communications Technology (NICT) employees, under the supervision of the Ministry of Internal Affairs and Communications, will be allowed to use password dictionaries and default passwords to attempt to log into consumers’ IoT devices. The result of the survey should be a list of insecure IoT devices in Japan, which will enable the authorities and internet service providers to take measures and secure the devices.

“Since the IoT industry is in its infancy, almost all of the devices have the potential to become cybersecurity risks. In a rush to get them into the market, most manufacturers are ignoring the security side. From this point of view, the Japanese government’s concern has merit,” says Daniel Markuson, Digital Privacy Expert at NordVPN.

“However, it is understandable why this amendment has sparked outrage in Japan. It seems as an excessive measure, as the same results could be achieved by sending a security alert to all users or informing people via media. It is also not completely clear what other sensitive data might be collected during the survey and how it will be handled.”

Daniel Markuson, Digital Privacy Expert at NordVPN, recommends that all IoT owners living in Japan take security measures upfront, before the survey begins:

• Change passwords. Default factory passwords should be changed to strong ones, containing capital letters, numbers and symbols. Passwords should be different for each device.

• Update all devices. Manufacturers often fix critical security vulnerabilities with updates.

• Create an offline WiFi LAN. Most IoT devices can operate on a LAN (local-area network). Such local network can connect smart devices inside one’s home without the need to connect to internet.

• Secure the router. Some routers can support VPN encryption. Routers with a VPN will allow to connect IoT devices in an office or home, but no incoming communication with them will be possible. This may be inconvenient if user wants to control IoT devices remotely, though.

It is estimated that over 200 million private and business owned IoT devices, such as web cameras and routers, will be tested in Japan. The survey should start next month.

The Olympic Destroyer malware was deployed before the opening ceremony of the Pyeongchang Winter Olympics in South Korea in 2018 by Russian hackers. A similar attempt to built a botnet of IoT devices and home routers was noticed before the 2018 UEFA Champions League final that was to be held in Ukraine.

NordVPN has won the awards for Best VPN Overall and Best Customer Service from BestVPN.com, a VPN review site, established in 2013. The awards were presented during CES 2019, one of the world’s leading technology conferences.

NordVPN is one of the world’s most advanced VPN service providers and is more security oriented than most VPN services. It offers double VPN encryption, ad blocking, and Onion Over VPN. The user-friendly product offers one of the best prices on the market, has over 5,000 servers worldwide, and is P2P friendly. One of NordVPN’s key features is its zero log policy.

The BestVPN.com Awards comprise of a number of core categories – Privacy, Speed, Value and Customer Service. The Best Overall Award is the nexus of all these categories, arguably making it the most prestigious accolade on offer.

The busiest shopping season is here, and cybercriminals are just as busy as bargain hunters.With the revenues from holiday sales online increasing year on year, the level of reported internet scams and other forms of crime is rising as well.

One of the biggest threats during the shopping season is online phishing. Phishing victims usually receive emails that look likemessages from legitimate online vendors, such as Amazon.Such emailsask to click on a link, whichmay, in turn, ask to submit theuser’s personal information.

“Unsuspecting shoppers may believe they are on their vendor’s website, while they are actually on a fake sitedesigned to extract their personal information,” said Ruby Gonzalez, Communications Director at NordVPN, a VPN service provider.

“Even thoughhackers are getting more and moresophisticated, it’s still possibleto recognize that you are visiting a fake site. Be especially cautious if you have clicked on alink or button received through an email – a well-designed phishing email may feature the logo and the general look of your favorite brand. It may even lead you to a sitethat looks like the real one. ”

The truth is, if a person is untrained in cybersecurity, a phishing email can easily lead themto sharesensitive information willingly and expose themselves to hackers. NordVPN offers easy online security tips to avoid phishing attacks and stay safe online.

Tips for spotting a phishing email:

1. Check thesender’s address. Don’t just trust the display name – pay attention to the email address. If the domain looks suspicious (e.g., info@secure.apple.com), don’t open the email.

2. Look for spelling and grammar mistakes. Serious companies don’t usually send out emails with bad grammar and basic spelling mistakes.

3. Take a look at the greeting. Your bank or another legitimate institution would often address you with your full name. If you see a vague “Dear user” instead, remain vigilant.

4. Don’t click on links– instead, hover your mouse on the button to see the destination link. Check if it looks legitimate and, especially, if it contains the “https”part to indicate a secure connection.

5.When in doubt, contact your bank or other institution over the phone or alternative email address and ask to confirm if the email is legitimate.

For additional safety, use a VPN. Using a VPN when browsing can protect you against malware and phishing that targets online access points.

According to a Q4 report by We Are Social of 2018 Global Digital Trends, there are almost 4.2 billion people using the internet and 3.4 billion active social media users.

Millions of new users, especially across Africa and South Asia, have started using the internet for the first time in the past few months. Most of them are connecting through mobile devices.

In general, mobile internet usage accounts for more than half of all global web traffic. Google’s Consumer Barometer survey says that users are five times more likely to go online via their phones.

“Mobile phones are now our favorite tools for internet browsing. However, not many people realize that mobile devices have even more data privacy concerns than computers,” said Ruby Gonzalez, Communications Director of NordVPN. “Basically, a mobile phone acts as a spy – it tracks its owner’s location and gives a lot less control over privacy than a computer would.”

People rely on their mobile phones not only for social interactions but also for banking, sharing data, storing passwords and other sensitive information. As such, they are vulnerable to security breaches, as well as personal hacking attacks, especially when using public Wi-Fion their phones.

NordVPN has put together some advice on how to protect one’s privacy on a mobile phone:

1. Recognize suspicious SMS. One of the most common “smishing” attacks is a text message that contains a link to mobile malware. Once a user clicks on it, a malicious app can be installed on their smartphone. In another example, a scammer can use techniques that are common for charities when a disaster strikes. A charity may send a text message saying “Flood,” and once a user responds with the code word “Prevent,” they automatically donate a certain amount of money to the organization.

Users should be careful about clicking on any SMS links or replying to messages. It’s also a good idea to use NordVPN’s CyberSec feature, which is designed to block malicious sites and phishing links.

2. Be careful when downloading apps.There are fake apps designed specifically to collect one’s information or install malware. It’s best to download apps directly from official app stores (iTunes, Android or Amazon) and to check for any signs that might scream the app is fake. For example, grammar mistakes indicate an app is not legitimate and so do requests to enter one’s private information.

3. Install a mobile VPN app.A VPN encrypts all the traffic flow between the Internet and a user’s device. When shopping, banking, or sharing personal information online, users are advised to be aware of unique threats mobile device users face and to always use a VPN. NordVPN’s mobile app (available for iOS and Android devices) provides secure encryption and user-friendly design and functionality.

4. Make sure your software is up to date.Hackers often exploit privacy and security holes – those holes are patched up withsoftware updates. Therefore, it’s important to keep one’s software always up to date.

In addition, NordVPN recommends usinge passcodes to lock one’s phone (they should be more difficult than “1234” or one’s birthday) and not to click on any suspicious links received by email.