The IT Nerd

A new cell phone scam targeted at iPhone users tries to steal theirApple login details by sending a fake Spotify/iTunes email.

The phishing email claims to be from Apple and Spotify. If a user clicks on the link, the email says the user had bought a year of Spotify Premium for $150.99 and links to a page to “review your subscription.” A fake Apple landing page – which looks like a real one – then asks for log-in details.

“One of the most common types of phishing is an email that contains a fraudulent link. In this case, users are likely to give away their personal information, because they will be obviously worried they might be charged $150,” said Ruby Gonzalez, Communications Director of NordVPN. “The supposed website of a trusted brand,such as Apple, creates a fake sense of familiarity, which  misleads people into entering their private information.”

According to Apple, if a user receives an email asking them to update their account or payment information, they should only do so directly in their Settings on the Apple device that they are using. Users can update their passwords at appleid.apple.com.

NordVPN also recommends using its CyberSec feature, which is designed to block advertisements, malicious sites, and phishing links. While it’s still not available on iOS, CyberSec can be used on Windows, macOS, Linux, as well as on the mobile app for Android.

NordVPN provides these tips for spotting a phishing email:

1. Check the sender’s address. Don’t just trust the display name – pay attention to the email address. If the domain looks suspicious (e.g., info@secure.apple.com), don’t open the email.

2. Look for spelling and grammar mistakes. Serious companies don’t usually send out emails with bad grammar and basic spelling mistakes.

3. Take a look at the greeting. Your bank or another legitimate institution would often address you with your full name. If you see a vague “Dear user” instead, remain vigilant.

4. Don’t click on links– instead, hover your mouse on the button to see the destination link. Check if it looks legitimate and, especially, if it contains the “https” part to indicate a secure connection.

5. When in doubt, contact your bank or other institution over the phone or alternative email address and ask to confirm if the email is legitimate.

6. In addition, two-factor authenticationcan be set on iOS devices. That way, a hacker would have to go through another control even if they have stolen a user’s login information.

For additional safety, use a VPN. Using a VPN when browsing can protect you against malware and phishing that targets online access points.

Canada has just joined the other Five Eyes  allies – Australia, New Zealand, the UK, and the US – in a renewed call to create backdoors into private citizens’ information.

The Five Eye countries demand that technology companies cooperate with law enforcement agencies to allow access to encrypted and private communications, including Facebook and text messages.

“It seems that the demands for backdoors are being made by governments that have little understanding about the way technology works,” said Ruby Gonzalez, Communications Director at NordVPN. “It’s impossible to build backdoors into smartphones and other devices without jeopardizing the overall security of that device.”

“When a backdoor is created, that device is not safe anymore. We live in the age when cybercriminals are inventing increasingly sophisticated ways to breach millions of private accounts on Facebook, to compromise tech devices or to steal personal identities. If smart devices have backdoors, cyber criminals will get the easiest way to steal private data from millions of users.”

Canadian officials, however, are claiming that encryption has created gaps for law enforcement and national security.

“Unfortunately, it’s impossible to have personal online security without dependable encryption,” said Ruby Gonzalez. “We are really concerned about the forcefulness of the Five Eye governments and a threat that if tech companies don’t collaborate, they will force backdoor upon them. It’s also important to note that if some countries do pass such a law, device makers might entirely withdraw their products from these markets.”

In the meanwhile, NordVPN recommends that smart device users take security into their own hands by using VPNs, password managers, and anti-malware software. However, if the backdoor into smart devices in indeed created, these devices might be left completely unsecured, no matter what the users do to protect them.

The U.S. government is trying to break Facebook Messenger’s encryption to be able to listen to voice conversations in a criminal probe.

Similarly, the Australian government released a legislative proposal to give law enforcement agencies new rights to access personal user communications and data.

“Forced decryption and backdoor access goes against the basic principles of privacy. And every time privacy was challenged in the past, we saw an increase in customers,” said Marty P. Kamden, CMO of NordVPN and cybersecurity expert. “For example, when Australia passed its mandatory data retention law, NordVPN saw a 300% growth in Australian users. Such increase stems from the fear that the basic right to privacy is getting increasingly undermined.”

According to the Globe and Mail, Facebook is contesting the demand of the U.S. Department of Justice, and Facebook may be held in contempt for refusing to allow surveillance.

“We understand the need for criminal investigations to proceed smoothly, but breaking the encryption of one company could open the doors to complete loss of privacy, leaked documents and personal details as well as misuse of data,” said Marty P. Kamden. “If Facebook Messenger is decrypted for one case, it will set a legal precedent, and other encrypted communication apps, such as WhatsApp or Signal might also be rewritten by government’s request. Decryption is not just listening to or reading one message and keeping the others private – it might mean that everyone’s messages will be exposed. This would make these apps unsafe to use for millions of its users.”

WhatsApp, also owned by Facebook, currently counts 1.5 billion users worldwide, while Facebook Messenger has 1.3 billion users.

Facebook Messenger’s voice calls have end-to-end encryption, meaning they can be accessed only by the caller and the receiver, while Facebook’s Messenger text messages can also be encrypted by turning the “secret conversations” option on. WhatsApp and Signal also use end-to-end decryption.

“Tech community has been very concerned about the attempts of various governments to interfere with encrypted communications. That may put in harm’s way thousands of activists and dissidents in countries with authoritarian regimes and expose ordinary users’ data to hackers and cybercriminals,” added Marty P. Kamden. “We definitely think decryption would cause more harm than good.”

Egypt has passed a law that warns people who browse censored websites can be jailed for at least one year. Those who share content from blocked sites can receive a minimum prison sentence of two years.

Since Mohamed Morsi, the Islamist president, was overthrown in a military coup, the government started crackdowns on the media. For example, Egypt has banned The Huffington Post, Human Right Watch, Qatar’s Al Jazeera, and other websites critical of the government.

“People want to access the information they were used to reading, they want to know unbiased opinions about what is happening in their country – so they turn to VPNs (Virtual Private Networks) that allow to bypass censorship and to browse Internet freely,” said Marty P. Kamden, CMO of NordVPN. “We have seen an increase in the number of our Egyptian users since the law had been passed.

“Even though Egypt attempts to block VPNs, NordVPN is still functioning, and we will do our best to make sure free Internet is available to Egyptians.”

Social media has also been under attack – vocal influencers with anti-government statements are being rounded up. A social media account with more than 5,000 followers is deemed a media organization and is supervised by a state-appointed media supervisory council.

“VPNs play a very important role if a dissident doesn’t want to reveal their identity and IP address,” said Marty P. Kamden. “They encrypt information that the user shares into a safe tunnel and hide not only the IP address, but the website one visits as well.”

A VPN links user’s computer to a server in a country of their choice – for example, a person can appear to be in the U.S., while they actually are in Egypt, simply by choosing a different VPN server location. A VPN encrypts user data through a secure tunnel before accessing the Internet – this protects any sensitive information about a person’s location by hiding their IP address.

Those who are facing threats online can request free VPN access from NordVPN.

Google has been absent in China for eight years – and now it’s planning an unexpected comeback.

According to the latest news leaked by The Intercept, Google is planning to launch a censored version of its search engine in China. The Chinese version will come with numerous websites blocked, including Wikipedia, BBC News, Instagram, Facebook, and Twitter,  and will only allow search terms that comply with China’s harsh Internet regulations. “Sensitive queries” will be blacklisted and other websites will be filtered – for example, such keywords as “anti-communism,” “human rights,” “democracy,” “oppression,” “dictatorship” and others are currently blacklisted in China to avoid government criticism. Therefore, words like “human rights,” “democracy,” “religion” and “peaceful protests” will be censored in the Chinese Google as well.

The Google’s China project is called “Dragonfly,” and it includes two Android apps. The apps are pending the Chinese government approval, and one of them might be launched at the end of this year.

Google’s images search, spell check and suggested search features will also have embedded censorship.

The Google employees who leaked the information expressed having moral and ethical concerns about the project.

“What the tech community and human rights activists are concerned about is that other oppressive governments could copy the new Chinese Google model. This would make Internet into a tool of censorship, not the place of free expression and communication,” said Ruby Gonzalez, Communications Director at NordVPN. “NordVPN is happy to be offering a service that will allow people in China to connect to the original Google and bypass its censored version. At present, NordVPN works in China, helping Internet users connect to Facebook, Google and other sites. Our goal is to provide free Internet in every corner of the world and to make sure free speech is accessible to everyone.”

A VPN encrypts a user’s Internet connection and re-routes it into a secure tunnel. People can safely connect to servers in other countries and use the Internet as if they were in the US, UK or elsewhere.

NordVPN aims to bring VPN benefits to everyday Internet users. NordVPN’s team has been on a mission to create the ultimate user experience for its apps, rethinking all the basics that can make unparallel VPN experience.

New design and usability tweaks of the iOS and macOS apps are designed to make the interface sleek and intuitive. The updates simplify the way to navigate to the desired country’s server and to find all the features, making NordVPN easy-to-use even for those who have never tried a VPN before.

The refreshed view and navigation might remind of a deck of cards – the app is organized this way to make it more thumb-friendly and easy to find all the features and options.

The iOS app now offers simple a swipe-up for browsing servers, country servers in detail and much more. A one-tap connect option and a unique algorithm for choosing the fastest server automatically makes the experience as hassle-free as possible. To use the apps, users need to enter their log-in details (the first time only) and press the Quick Connect button.

Updates for iOS:

• Swipe-up to browse servers: Swiping up in the main map screen allows to get one-tap access to servers by country, specialty servers, search and favorites’ list.
• Country servers in detail: One tap on a country pin in the map will open the Country card, which will allow to quick-connect to the best recommended server in that location and see the full server list.

Updates for Mac

• New sidebar: Only one click to access the country list, specialty servers and favorites’ list. They will always be on the left-side of the map view.
• New search: The search field now sticks on the title bar (at the top of the window), and the search results are displayed in a drop-down list immediately as one types.

Updates for Mac and iOS:

• New toolbar: more compact and matching the native Mac and iOS look.
• New app icon: brand new app icons to match the sleekness of the apps.

It takes only a single click or tap to go truly private online – Quick Connect, is a feature that connects to the best server for the user.

Other features include military-grade encryption (powered by the IKEv2/IPSec protocol), access to the NordVPN service on up to 6 devices with 1 account and a choice of over 4,500 servers worldwide.  24/7 customer support is accessible from the app.

The Kill Switch feature enables the app to disconnect from the Internet in case the VPN connection drops. This way, no sensitive data will be exposed – not even for a brief moment.

In short, the NordVPN apps for macOS and iOS provide a simple and intuitive tool for online security and privacy that is accessible and easy to use.

A VPN service encrypts all the traffic flow between the Internet and a user’s device. Further, it prevents third parties from monitoring one’s Internet activity and helps hide the IP address. An additional benefit is accessing all geographically blocked internet content (i.e. access to Facebook when traveling to Vietnam).

Download the NordVPN app for iOS and NordVPN app for macOS to enjoy all-around security. Those who already have the NordVPN app on their iPhone, iPad or Mac, can simply update it to get the new improvements. There is a free 3-day trial available for Mac users and a 7-day trial on the iOS app.

Researchers of analytics software firm FICO found that majority of Internet users are annoyed with web and phone security measures. Out of 2,000 polled adults, 81% don’t see the need for what they call unnecessary security procedures.

64% of the respondents are not happy about the need for elaborate passwords featuring a mix of numbers, symbols and capital letters, and 71% would rather not deal with captcha codes, as they often have illegible words.

Overall, more than two-thirds of people (71%) think there are too many security measures nowadays, and 58% are irritated about having to remember email addresses to recover passwords. 78% said they struggle to keep track of all their passwords.

“It’s important to provide consumers with smooth, easy customer experience, but at the same time, people need to be educated that security measures are necessary,” said Marty P. Kamden, CMO of NordVPN, a VPN service provider. “Hacking, ransomware and phishing are on a historical rise all over the world. People need to use strong passwords and take precautions when going online. However, there are ways to make this easier – for example, by using a password manager.”

More than half of the respondents (55%) said they had been victims of banking fraud.

NordVPN offers easy online security tips to make it easier for consumers to deal with all the security measures while keeping them safe online.

1. Use a password manager. Perhaps the most basic requirement for any online account setup is using strong passwords and choosing different passwords for different accounts. Weak passwords make it simple for hackers to break into an account. A strong password has a minimum of 12 characters and includes a strong mix of letters, numbers and characters. In order to easily track all your passwords, it’s recommended to use a password manager, such as truekey.com, LastPass and 1Password.
2. Don’t forget to install the latest security updates. Security updates often contain patches for recent vulnerabilities, which hackers are looking to exploit. It takes just a few minutes, and the update lasts more than a month.
3. Don’t open anything suspicious you get through email. Delete dubious emails from your bank, ISP, credit card company, etc. Never click on any links or attachments in emails you’re not expecting. Never give your personal details if asked via email.
4. Back up all data. Back up your data on an alternate device and keep it unplugged and stored away. Backing up data regularly is the best way to protect yourself from ransomware because only unique information is valuable. It’s an easy and fast process with a long term impact.
5. Use a VPN for additional safety. Using a VPN when browsing can protect you against malware that targets online access points. That’s especially relevantwhen using a public hotspot. However, keep in mind that a VPN cannot protect you from downloading malware. While a VPN encrypts your activity online, you should be careful when downloading and opening certain files or links.
6. Close pop-up windows safely. Ransomware developers often use pop-up windows that warn you of some kind of malware. Don’t click on the window – instead, close it with a keyboard command or by clicking on your taskbar.
7. Use anti-virus programs. Make sure you have installed one of the latest reputable anti-virus programs to make sure you are fully protected.

EU lawmakers are planning to pass an obscure Copyright Directive that might have a massive impact on how Europeans use the internet. There are many objections against the directive, including Spanish and Italian Wikipedia’s that blacked out on Tuesday in protest. The online encyclopedia says the Copyright Directive will severely restrict internet freedom.

The Copyright Directive claims to protect intellectual property and includes regulating the illegal streaming and downloading of pirated movies and music.

“The general intention of the directive is well meaning. However, the vague wording of the law means that it may be applied to an extremely broad range of cases,” said Ruby Gonzales, Communications Director at NordVPN. “For instance, the Copyright Directive may extend the rights of publishers to charge for the snippets of news articles that appear under search results. It is also going to force websites to scan all content being uploaded – to YouTube and elsewhere – and automatically block anything that might infringe copyright.”

AI filters that all websites will have to implement are very bad at detecting the nuanced difference between plagiarism and the concept of fair use, satire, or derivative works.

“If this Directive passes, we may lose the ability to share an article on Facebook or find it via Google. In fact, Wikipedia might have to close down,” said Ruby Gonzalez.

NordVPN encourages internet users to visit savetheinternet.info to sign their petition and see what the next step could be in defeating this proposal.

As the biggest football tournament in the world has taken center stage in Russia, cybersecurity experts are warning that soccer fans might be attractive targets for hackers. Besides, internet security is a growing concern in Russia in general.

“All big events are an attractive target for hackers, and the World Cup is not an exception. Those visiting the 2018 FIFA World Cup must be extremely cautious and take additional steps to avoid various threats. Emotional matches can cause loosened focus on personal privacy, and the World Cup can become a true goldmine for cybercriminals,” said Laura Tyrell, Public Relations Manager at NordVPN. “The biggest security issue during the event are public Wi-Fi hotspots.  In addition, Russian authorities have been strengthening mass surveillance and tracking, so that should also be a concern, especially to journalists and others transmitting sensitive information.”

About 1 million football enthusiasts from different countries are currently in Russia, visiting 12 venues in 11 cities. Recently, Kaspersky Lab analyzed around 32,000 Wi-Fi hotspots in 11 cities hosting World Cup matches and found that over a fifth (22.4%) of them are unsecure. According to the report, the top three World Cup cities with the highest percentage of unreliable networks are Saint Petersburg (48%), Kaliningrad (47%) and Rostov (44%).

The most common hackers’ tactics are man-in-the-middle attacks, Wi-Fi sniffing, and fake hotspots. Especially unreliable are those Wi-Fi hotspots that are free, usually provided in coffee shops, shopping malls, airports, stations, etc.

Here is some advice from NordVPN on staying secure when using the internet at the World Cup – or any big public event.

1. Don’t share your device. Be extremely cautious with your devices – don’t share your smartphone or computer with anyone, especially the ones you don’t know.
2. Install a VPN. A VPN makes a user’s online traffic snoop-proof through strong encryption. When connected to a VPN, public Wi-Fi can be used without getting paranoid about data being stolen. NordVPN, for example, is easy to use and keeps no user logs.
3. Be careful with gifted USBs. Be cautious with various IT-related gifts, such as USB keys – throw them away instantly, as such items might contain viruses or other malicious content.
4. Always update. Update all your apps and software, both on your laptop and smartphone.
5. Be careful about fake apps. Use and download only official applications.
6. Avoid online financial transactions on unprotected networks. Avoid using internet banking, buying online or presenting your credit card details online if the network is unprotected.
7. Don’t tell them where you are. Avoid sharing your location on social media or other applications.
8. Press the off button. Keep your Bluetooth and Wi-Fi off, except when needed.

Consumers are canceling traditional pay-TV service at faster rates than expected, causing a transition revolution from cable TV to smart TV and streaming. In the U.S. alone, more than 22 million users have cut the cord on the cable on 2017. The number of smart TV users – such as Android TV –  has doubled in the past year.

However, some of the biggest problems that smart TV users face are streaming limitations and lack of Internet security.

NordVPN, a VPN service provider, is contributing to a solution to these problems by launching a brand new NordVPN app for Android TV. Now FIFA World Cup and Olympics fans or Games of Thrones followers can stream securely and without limitations.

First of all, smart TV users will be able to protect their online security. Since a smart TV is connected to the Internet, it becomes vulnerable to the same cyber threats as one’s computer or smartphone. NordVPN for Android TV uses the OpenVPN security protocol to encrypt a user’s online traffic, so that all sensitive data becomes protected from hackers or snoopers.

In addition, VPN for smart TV provides an opportunity to enjoy all the video apps pre-installed with the Android TV box. Sometimes, living in a specific part of the world might mean lesser selection of online content. A VPN app connects user’s smart TV to a server in any country of choice, so they can watch TV as if they were in that country. NordVPN offers 4000+ servers in 62 countries around the globe.

In the U.S., video streamers might also face bandwidth throttling. Sometimes, American Internet service providers (ISPs) can slow down the Internet speed for specific websites, which can result in video buffering. NordVPN can prevent throttling by redirecting all traffic through an encrypted tunnel.

The native NordVPN app interface makes it very easy to use; everything, from setting it up to connecting to VPN, is straightforward and quick. It offers such features as Quick Connect, which automatically picks the best server in terms of speed, latency, and performance. The CyberSec security suite is integrated into the app to protect an Internet-connected smart TV against malware and cyber-threats, and shield from intrusive ads.

One NordVPN account can be used to secure up to six devices simultaneously. NordVPN also offers applications for Windows, macOS, and iOS.

The app can be downloaded from Google Play store on Android TV.