How To

Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you.

The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The … Read more

Apple's XProtect system (aka File Quarantine) in OS X is a rudimentary anti-malware scanner that will perform a quick check on downloaded files to make sure they do not contain known malware, and will block any versions of Web plug-ins like Java and Flash that have known vulnerabilities.

XProtect runs in the background with no interaction with the user, which is convenient, but it does mean that when it gets updated, users may find themselves unexpectedly unable to access some Web content. Even though quickly updating plug-ins should get you around this inconvenience, it may be useful to know … Read more

Identity thieves are more active than ever. In 2012, the Federal Trade Commission received more than 2 million consumer complaints overall, and for the 13th consecutive year, identity theft was the most-common complaint category: 369,132 ID-theft reports were added to the FTC's Consumer Sentinel Network in the year, an increase of more than 30 percent from 2011.

Last week the FTC released its 2012 Consumer Sentinel Network Data Book (PDF). According to the report, the fastest-growing category of identity theft relates to government documents and benefits: complaints in this category increased 46 percent from calendar-year 2010. Credit-card fraud (… Read more

One of the safest and simplest computer-security measures available is also one of the least used. Two-factor authentication adds a layer of protection to the standard password method of online identification. The technique is easy, relatively quick, and free. So, what's the problem?

Critics are quick to point out the shortcomings of two-factor authentication: it usually requires a USB token, phone, or other device that's easy to lose; you sacrifice some privacy by having to disclose your telephone number to a third party; and it is subject to man-in-the-middle and other browser- and app-based attacks.

Still, for online … Read more

The end-user is at the mercy of the service creator when it comes to how secure their data will be online. Google, fortunately, offers extra opt-in features to help ensure than no one other than you will be able to log-in and access your information. One of these security measures is the two-step authentication process.

With two-step, the user decides if they want to enter a randomly generated code each time they log in from a specific place, or if they want to enter it only every 30 days. The benefit is that if you try to log in … Read more

A few weeks ago, Facebook introduced the ability to sync photos taken on your iPhones, iPads, and Android phones to your Facebook account automatically. Jason Cipriani describes how to enable the feature in "Getting started with Facebook photo sync on Android, iPhone."

Your smartphone or tablet might prompt you to activate the service, which uploads via Wi-Fi or the cell network the most recent 20 photos taken with the device and all subsequent photos it takes. As Jason explains, the photos are stored in a private folder and aren't posted to your Facebook Timeline until you post … Read more

People use Facebook in very different ways. Most Facebook users update their status only a couple times a month or not at all, according to a recent survey by the Pew Research Center Internet & American Life Project. In fact, one in six Facebook users has never posted a status update.

On the other hand, women on Facebook average 21 updates per month, and men six updates each month, according to the survey, which was published last May.

As many Facebook users quickly learn, the social network is not without its risks. This is especially true for people whose Facebook … Read more

Twitter took some heat earlier this month for resetting more passwords than necessary after detecting a security breach in its microblogging network, as CNET's Daniel Terdiman reported on the Internet & Media blog.

The more followers you have, the more potential damage may result from a compromised Twitter account. That's why it's big news when the Twitter feeds of media organizations such as Reuters and Fox News are breached by hackers who post false news stories.

CNET News Editor Steven Musil describes the two attacks on the Reuters Twitter account last August, and Fox News' infamous erroneous … Read more

It's Cyber Monday, and while you're busy shopping online, chances are you'll see lots of user reviews on various products. While the majority of those reviews do come from real users like yourself, who are passionate enough to share their opinions on a product, many of them could be fake, left by the vendors themselves to either promote their product or, in some cases, smear competitors.

While it's exceedingly difficult to absolutely prove that a review is faked, here are a few tips on spotting those that aren't from real users. These will come in … Read more