There are several threats to children going online for the first time, supervised or otherwise. Before you let them loose, make sure they appreciate the risks by sharing this guide with them. Ensure that they are as capable as you of protecting your family from privacy and personal security risks online. What Is Catfishing? Named after a documentary (see video trailer below) in which the truth and lies of online dating are highlighted, “catfishing” is the insidious act of creating a fake online identity. But this isn’t (usually) a scam to squeeze money out of you. The purpose of catfishing is to fool an individual (typically someone with romantic intentions) and ultimately humiliate them.

https://youtu.be/1xp4M0IjzcQ

So, how is this done? In short, it’s all about digital fakery, with the perpetrator pretending to be someone they’re not. This is achieved by posting false personal information, specifically using some else’s profile pictures, on social media sites. The aim is to trick someone to fall in love with the scammer.

Catfishing is typically aimed at children (mainly teenagers) and young adults, but not always. Regardless of age, you should be concerned about catfishing. Fortunately, there is plenty you can do to reduce (or completely negate) its impact.

1. Make Friends Offline Before you go online, remember the importance of healthy relationships offline. Talking to people face to face, enjoying trips and games — these are far superior to digital exchanges. Although social networking is about communication, verbal, present discussion is far more important and valuable than anything done on a phone or computer.

The digital aspect is really just a gimmick, a shortcut. Keep it genuine. Expanding on this further, it’s not embarrassing or creepy to let your friends meet your parents, or vice versa. It’s useful to put a face to a name. And if a lift to the cinema or a party is ever required, it avoids unnecessary awkward moments.

2. Don’t “Friend” Strangers Getting access to a social network for the first time is exciting. But like anything, you shouldn’t get overexcited. Stick to the same core group of friends that you have at school, or college. If you know a person well in real life, then add them on Facebook (or your social network of choice).

When it comes to strangers, things change. Even if the person is cute/handsome/attractive or whatever, if you have yet to meet them in real life, don’t add. It’s a simple rule that guarantees safety.

Unfortunately, social networks don’t help, throwing up “people you may know”-style suggestions all the time. Incoming friend requests don’t help either. So just remember that rule: Don’t know them? Don’t add them!

3. Set Privacy Controls on Your Social Networks Social networking services come with privacy controls. Typically, these are enabled, but often not to the full extent. As we don’t know which social network(s) you’re using, we can’t possibly go through every single option. However, as a general rule, you should set privacy settings to restrict anyone who isn’t a friend from seeing photos — including the profile pic.

In Facebook, open Settings > Privacy and ensure the options are set to Friends or Only Me. This way, your Facebook account will be protected from being viewed by strangers.

4. Don’t Put Personal Photos on Twitter Access and privacy is a little more complicated on Twitter. Tweets and photos — including profile pics — can be quickly taken out of your control here, thanks to retweets. Within minutes, a photo can go viral, or it can be whisked away for catfishing, before you’ve had a chance to deal with privacy settings.

It’s worth, therefore, opening the Settings page for your Twitter account, going to Privacy and safety, then checking Protect your Tweets. Doing so blocks strangers from viewing your tweets. Anyone who wishes to follow you on Twitter must henceforth be approved. This tightens things up nicely.

Clearing the check against Tweet with a location will help maintain privacy with regards to your location. Meanwhile, you should also select Do not allow anyone to tag you in photos to maintain photo security.

Note that anyone who already follows you prior to protecting your account will still be able to view your tweets and photos. You can, of course, block any of these previous contacts by opening the Followers page, selecting the vertical ellipses, and selecting Block @[username].

You should also disable the option to Receive Direct Messages from anyone, limiting this facility only to your friends.

5. Search Google Images There are at least two victims in catfishing: the target, and the person whose photo is used as a fake profile. Often, these are just models, photos of random attractive people picked up from a Google search. Fortunately, this same tool can be used to track photos.

For instance, if you’re concerned that your profile photo has been misused, you can check. Simply open Google Images at images.google.com, and drag the profile pic from your computer into the browser window. All instances of the photo online will then be displayed.

You can use the same tool to check the photos of your contacts. Of course, you shouldn’t have any followers who aren’t already known to you in real life, but if you do, use Google Image Search to verify their honesty (or otherwise).

6. Delete Inactive Accounts What if you already have a social media account that you’ve forgotten about? Older readers might have a dead MySpace account, leaking their secrets. If you’re younger, perhaps you have an Instagram account that you don’t really use. Either way, these accounts are ripe for farming by catfishing identity thieves.

It can take a while to regain access to old accounts, but it is worth doing so. You’ll often need access to older email accounts, but in some cases, simply being able to recall the setup information (like the name of the email account) will be enough to forward the credentials to your new account.

Once you’ve gained access, delete the photos on the social network profile, and then delete the account

Beyond Catfishing These tips will help shore up privacy holes in a more general way too, giving your child the opportunity to protect him or herself from other online threats.

Moving forward, this whole exercise is a good starting point to safe activity online. Underline the fact that an internet connection doesn’t just deliver the positives of social interaction into your home. The negatives are often included too. Taking steps to mitigate these risks will educate your child, and help to guarantee online safety in future.

ECRI Institute Releases List of Top 10 Health Technology Hazards

While dirty hospital mattresses and the failure to properly disinfect medical gear are among top safety risks posed to patients, ransomware and other cyberattacks will pose even bigger threats to patients in 2018, according to the ECRI Institute. The non-profit patient safety research organization named ransomware and cybersecurity threats as the No. 1 health technology hazard for 2018.

"This is the first year ransomware has been included in the ECRI Institute's Top 10 Health Technology Hazards list," says Juuso Leinonen, senior project engineer at the health devices group of ECRI. "Cybersecurity topics have been covered in the past, but this is the first year acybersecurity topic has been ranked No. 1 in the list."

During the past year, ransomware showed its potential to disrupt healthcare delivery, he says. "We saw several global ransomware attacks that impacted various organizations, including some hospitals. Ransomware has the potential to impact technologies crucial for patient care, such as patient information systems and medical devices," Leinonen says. "Lack of access to these systems and devices can result in compromise or delay to patient care, which can lead to patient harm. Ransomware can also result in financial losses due to disruption to hospital operations such as postponed appointments and elective surgeries."

ECRI's top 10 list of health technology hazards identifies the potential sources of danger involving medical devices and other health technologies that the research organization says warrant the greatest attention for the coming year.

Global Health Threat

Global attacks, including those involving WannaCry and NotPetya, have had a heavy impact on the healthcare sector across the globe so far in this year, from the National Health System in the United Kingdom to medical device manufacturers including Bayer AG and pharmaceutical giant, Merck.

During the WannaCry ransomware attacks back in May, at least two U.S. hospitals reported that their imaging systems from Bayer AG had been infected.

Numerous other hospitals and clinics in the U.S. have also been victims of ransomware attacks that have greatly disrupted the delivery of patient care.

For instance, just last month, Arkansas Oral & Facial Surgery Center acknowledged that a ransomware attack in July not only shut down access to some electronic patient data but also rendered imaging files, including X-rays, inaccessible for an undisclosed period of time.

One of the highest-profile cyberattacks in 2016, which was suspected of involving ransomware, greatly disrupted patient care for several days at MedStar Health. The 10-hospital system serving Maryland and Washington area said it shut down many of its systems to avoid the spread of malware.

Ransomware and Medical Devices

The Food and Drug Administration recently called attention to the risks malware poses to medical devices. In an Oct. 31 blog post, Suzanne Schwartz, M.D., associate director for science and strategic partnerships at the FDA's Center for Devices and Radiological Health, wrote: "A computer virus or hack resulting in the loss of or unauthorized use of data is one thing. A breach that potentially impacts the safety and effectiveness of a medical device can threaten the health and safety of an individual or patients using the device."

Schwartz, who'll be a speaker at Information Security Media Group's Healthcare Security Summit in New York on Nov. 14-15, wrote that the FDA "encourages medical device manufacturers to proactively update and patch devices in a safe and timely manner" to avoid having their products compromised by ransomware or other cybersecurity threats.

Taking Action

Managing cybersecurity in a healthcare environment is extremely difficult, ECRI's Leinonen says, because a hospital might have "thousands of devices from hundreds of vendors."

Healthcare facilities need to acknowledge that mitigating the risk of ransomware is not solely a problem for IT, he stresses.

"Collaboration within your organization is a key to success. Various departments, including IT, clinical engineering, information security, risk management, purchasing and clinicians all have a part to play," he says.

Susan Lucci, chief privacy officer and senior consultant at security consultancy Just Associates, says all healthcare entities can take two steps to better prepare and deal with emerging cyber issues that can pose a hazard to patient privacy and safety.

"Have a well-established privacy and security committee that meets to review subjects like this regularly, and have a clearly defined breach response plan and breach response team to quickly respond to immediate threats that may arise," she says.

Malware can pose risks to patients in several ways, says Curt Kwak, CIO of Proliance Surgeons in Washington state. "Ransomware will halt workflows, halt data processing and the [malware's] ongoing threat of data corruption could jeopardize the practitioner's trust in the data that they are utilizing to treat their patients," he says.

Nevertheless, some organizations fail to realize that ransomware poses a threat to patient safety, says Keith Fricke, principal consultant at tw-Security. For example, he notes, "those entities that have experienced ransomware events may have been inconvenienced by files getting encrypted that did not directly impact patient care." So they may not see ransomware as a patient safety issue.

Fricke says many organizations' data backup plans are insufficient, putting them at additional risk. "In addition, those with mature backup strategies have to be wary of ransomware-encrypted files getting replicated to their offsite backups," he points out.

And because ransomware and other cyberattacks show now sign of abating, Kwak stresses that it's "critical for the organizations to continue to monitor and protect their data environment and educate their end users on the best cybersecurity practices."

If you thought browsing securely (and privately) was as easy as opening a new incognito window, think again. Private browsing is all the rage now that it’s necessary in order to access certain websites in some countries. Luckily, there are lots of ways to access the web that doesn’t require Safari, Firefox, or Chrome. There are also ways to surf the internet that aren’t actually secure at all -- even if they’re advertised as such. The first step to tapping into a safe connection is understanding what a safe connection is -- and what it’s not.

This is not what private browsing looks like.

Google Chrome’s Incognito mode may cover your tracks online locally, but it doesn’t erase them entirely. When you choose to browse privately using a major web browser, the places you visit online will not accumulate in your computer’s history. This way, no one else who accesses your device will be able to see the websites you used during your private browsing session. (In fact, you won’t even be able to see them yourself.)

Except...you can. In fact, anyone can; That is, anyone who has access to your internet bill. All it takes is calling up your internet service provider and requesting a log of the websites you visited at any given time and day. (Yes, this can include times and days when you were browsing “privately.”)

Yet you and anyone with access to your internet bill aren’t the only ones with access to your browsing history! All of the websites you’re visiting can also see you, even if you’re not logged into an account associated with their services. This is because your path to that website isn’t protected. Online, who you are is defined by how you arrived there.

Encryption is the Key

Truly private browsing requires an encrypted connection through a browser that has Virtual Private Network (VPN) capabilities. This isn’t your typical browser, but rather a special kind that you may have to do a bit of Googling to find (that is, unless you’re lucky enough to find yourself reading this article).

When you connect to the internet through a VPN, where your connection originates is indistinguishable. This is because your connection is made possible through a web of devices and a remote server (some private browsers allow users to choose from a number of remote servers, but most don’t). Unlike when you connect to the web using a standard connection, when you browse through a VPN, your device’s point of origin is unidentifiable.

The only thing that is visible when you’re browsing utilizing a VPN, is the location you chooseto be visible. Private browsers with VPN capabilities allow you to choose from connections around the world to display as your point of origin. (If you connect through a VPN location in Switzerland, it will appear as though you are browsing the web via Switzerland, even if your physical location is Palo Alto, California.)

Encrypted Browsing in the Work Place

In the workplace, things get a bit more complicated. Although a VPN connection will encrypt your traffic, your employer’s IT department may be able to still tell if you are using an encrypted connection especially if you’re on the company network. This may be against your company’s policy, so be aware of the consequences.

Also if you’re on a company machine, then it may already be controlled by corporate and your activities are already being monitored regardless if a VPN is on or not. The safest bet is use to a VPN on your own personal device over data and not on your company network to keep your browsing private from your employer.

How to Choose a Private Browser

There are many private browsers out there that are completely free, which is why choosing the right one to do the job can be a daunting task. Ever since the rise in popularity of private browsing in recent months, some have even adopted questionable means of serving their users (including feigning VPN capabilities and selling data).

The first thing to note when shopping for a private browser is what makes it private. If the only thing advertised is an ability to delete your local history, then you’re being pushed a glorified incognito window. Almost all today’s browser’s incognito mode does not encrypt your traffic.

The first thing that should be advertised is what VPN options the browser offers. A user friendly private encrypted browser will have different servers to connect to the web through, easy ways to switch between servers, as well as an intuitive interface for connecting, and disconnecting from the web.

Encryption is crucial for truly private browsing because it masks information about your surfing habits such as how long you stayed on a site, how many times you visited, and what your activity log looked like for any particular website. Someone snooping on your online activity may be able to see how much data you’re using in a browsing session, but they won’t be able to see how it’s used if your connection is encrypted.

There are a number of quality private browsers out there that can be downloaded for free, but it’s important to lookout for any hidden catch. When a web product or service is offered for free, sometimes the reason for that is because you’re paying for it with your data.

Other Ways to Stay Safe Online

Browsing privately isn’t the only way to protect your data on the internet. You can start using these tools even without a private browser to enhance your traditional web experience and make it harder to be tracked.

Start by switching up your default search engine. Google’s AdSense makes a private browsing experience impossible using Google. A private search engine such as DuckDuckGo and StartPage don’t creep on your habits for the sake of targeting advertisements to you.

If you browse the web primarily from your phone, be sure to turn off Geotagging to prevent the public caching of your physical location each time you take a photo. (If you’re using a private browser but still have this feature turned on, your browsing location with conflate with your physical location.)

There are many free password managers available that will help you generate passwords that are difficult to be compromised, and will remind you when it’s time to change up your passwords.

Last but not least, you can use browser security tools such as HTTPS Everywhere and Privacy Badger to protect your data even when you’re not browsing privately.

https://youtu.be/i4YQRLQVixM When Apple announced the iPhone X earlier this year, it promised its new unlocking mechanism, Face ID, was twice as secure as its predecessor, Touch ID. The company said it had tested it six ways from Sunday — including using masks — and that unless you had an identical twin running around, the chances of somebody breaking into your phone were “one in a million.” This week, Bkav says they’re the one. The Vietnamese cybersecurity firm claims they’ve successfully hacked an iPhone X using a mask.

The mask, a combination of silicon, paper, fabric, and 3-D printouts that looks like something out of a low-budget horror film, cost $150, according to Bkav. The firm posted a video in which they claim to break into the phone, and a blog post answering questions about how they did it. “The recognition mechanism is not as strict as you think, Apple seems to rely too much on Face ID’s AI. We just need a half face to create the mask. It was even simpler than we ourselves had thought.” Of course, this is just one firm’s claim and the technique video hasn’t been confirmed or replicated by anybody else. (Wired tried and failed to defeat Face ID using masks earlier this fall.) Don’t go panicking just yet.

The internet was developed on university campuses, and it revolutionized education. As a student, you probably don’t have access to a highly secured campus network that restricts and regulates the traffic and new devices. You’re responsible for your own online security, so here are some tips to help you be safe and privacy-savvy on campus. 1. Keep Security Systems Up to Date All of your connected devices should have updated antivirus, operating software and apps. Turn the auto updates on! It’s important to have the latest protection against viruses, malware and other threats to which you’re exposed.

2. Check Your Bank Statements Frequently This should become a habit. Aim to check your statements once a day, so you’ll make sure all transactions are legitimate.

3. Only Shop on Secure Sites Online shopping is great but you have to make sure you’re doing it from a secure network. Avoid sensitive transactions like shopping and banking when using a public campus network; instead, consider using a virtual private network (VPN) or your smartphone’s hotspot for more secure browsing.

Pay attention to the websites, too. Check to make sure the URL starts with https:// and search for reviews to make sure it’s safe.

4. Back Everything Up What if you’re working on an important research project and you lose everything right before the deadline? Store your work safely on the cloud or on an external hard drive.

5. Get Informed About Ransomware Hackers can remotely lock your computer and keep your private files encrypted until you pay them. Do not pay the ransom! Get informed so you’ll know what to do in such a situation. To protect your files from this, be wary about clicking links or opening attachments in emails.

6. Improve Your Passwords Do not use the same password for different services. Avoid passwords that are easy to guess, such as those that include your name, birthday or address. Make your password a sentence that is at least 12 characters long – focus on positive sentences that are easy to remember – on many sites you can even use spaces!

7. Never Share Passwords So you’re expecting an important email and you thought your roommate could check it for you? Do not do that! It doesn’t mean you don’t trust them. Do not share your passwords!

8. Keep Your Passwords Safe How do you remember all those passwords? Do not keep them in a note on your phone. If someone gets their hands on it, they will have access to everything. Write the passwords in your diary, a notebook or a piece of paper that you’ll keep in a safe place away from your computer – or consider using a password manager that will store them for you.

9. Learn What to Do in Case of a Data Breach Campus networks and servers are at risk of a data breach, meaning hackers can break in to computer accounts. You can’t do much to protect yourself against these practices, but if there is a breach impacting your accounts, immediately change all passwords. Check and control your bank statements, too!

10. Use Public Computers Very Carefully You’re using a computer in the library? Never save your passwords on the websites you visit. Always log out before leaving a website. Delete all files you may have downloaded or saved from the device.

11. Don’t Fall for a Phishing Scam If a suspicious site or email or other message asks for sensitive information like your credit card number, Social Security number or phone number, do not provide it.

12. Protect Your Devices Protecting your devices includes keeping them safe from physical theft. Never leave devices unattended in public. When you leave your devices in your room on campus, don’t leave them in a visible spot. You can use a cable lock for laptops and other devices to keep them secure.

13. Manage Your – and Others’ – Privacy No one should post photos of you on social media without your permission. Unflattering content – or photos of you under the influence or engaging in risky behavior – could present disciplinary risks and/or impact your ability to get jobs in the future. Ask friends to get your permission before posting about you, and do the same for them. The golden rule applies online as well.

14. Think Before You Click Before you open any email or click any link you’re not sure about, stop and think. Make sure your antivirus is updated. Think: do you really need to click? When in doubt about a link or attachment, throw it out.

15. Share With Care Social media is all about sharing, but it doesn’t mean you should make your whole life public. Do not make your personal information public. You don’t have to inform the world when you’re leaving the dorm room and leaving your belongings unattended.