When we talk about network security, security risks associated with routers is a major concern among users. A router, whether it’s wired or wireless, is an integral part of any home or business network. However, wireless routers or Wi-Fi routers are considered to be less secure than wired ones, but that doesn’t necessarily mean you should avoid wireless networks. In fact, wireless networks have many advantages over wired networks. If your wireless router is configured correctly, it can be virtually as secure as a wired setup.

Network: A computer network is a group of computers and other devices (such as a printer) connected together so that they can communicate to each other and share data across different computers within the network

Router: A router is a networking device that connects multiple networks together and forwards data packets from one network to another.   

Why do You Need a Wireless Router?

Today, most modern networks consist of a diverse range of computing devices from Ethernet-only desktop computers to Wi-Fi enabled mobile devices, such as tablets and smartphones. In order to connect all these devices so that they can communicate seamlessly with each other, and share a single Internet connection, having a Wi-Fi router is the only real-world solution.

Security Risks Associated with Unsecured Wireless Router/Network

Whether you are using a wired router or a wireless one, if it is not configured properly, both of them could pose potential security risks. The common notion that wireless routers or networks are not secure or less secure is true, but only in circumstances where it is used right out of the box without correctly configuring its security settings. If your wireless network is ‘unsecured’ or ‘open’, an intruder can easily gain access to your internal network resources as well as to the Internet, all without your consent. Once the intruder has access to your network, he/she can use it for a variety of operations, such as:

• To steal your Internet bandwidth.
• To perform disruptive or illegal acts.
• To steal your sensitive information.
• To perform Denial-of-Service (DoS) attacks to make the network unusable by sending out false requests.
• To infect the network with malicious threats.

What Security Features Make a Wireless Router Good?

Since its inception, wireless routers have gone through several improvements and security enhancements. Most of the wireless routers on the market today support multiple levels of encryption and offer several security features to help protect your wireless network. Some crucial features include:

• Network Address Translation (NAT) : The NAT feature on your router separates your internal network from the Internet. Your router acts as an interface between the global public WAN (Internet) and your private local network. Certain attacks against operating systems like Windows require that the attacker communicate directly with the computer. When a machine is behind a router employing NAT, those attacks go to the router and no further.

• Built-in Firewall: The built-in firewall feature on your router acts as a robust entry-point protection which distinguishes legitimate traffic from unsolicited traffic and rejects uninvited inbound connections. 

• Integrated Threat Defense: A router with the integrated threat defense feature provide an entry-point level of protection against malicious attacks threats such as worms, viruses, spyware, etc.

• WPA2 Security Encryption: Make sure the wireless router you have, or are planning to purchase, supports the WPA2 encryption method. WPA2 provides the most secure encryption over WPA and WEP.

Recommended Security Setup

No matter how good your wireless router is, in order to have a secure network you must change the router’s default settings and configure it properly. Here are few recommended security settings that you should consider while setting up your router: 

Note: All screenshots that you see below are captured from the Linksys WAG120N router’s configuration page. Yours may look different!

1. Change Login Credentials: The very first thing you should do on your router is to change its default login credentials. Router’s come pre-configured with a default username and password to allow  users access the router’s control panel. The login credentials set by the router manufacturer are all the same (usually admin/admin or admin/password) and is available in the user’s manual and other publications. Consider using a strong password (combination of alpha-numeric characters and at least 8 characters long), but easy for you to remember.

2. Enable Router Firewall: If your router has a built-in firewall, make sure it’s activated. This will enable your router to examine incoming packets and reject any unsolicited traffic. 

3. Enable WPA2 Encryption: Login to your router’s configuration page and enable the strongest support encryption method. Most modern wireless routers these days support multiple levels of encryption ranging from WEP (Wired Equivalent Privacy), WPA (Wi-Fi Protected Access) to WPA2 encryption. WPA and WPA2 provide stronger authentication and encryption over WEP. WEP is the oldest and least secure encryption method and should be avoided. 

We recommend using WPA2 encryption as it is the most recent and has the strongest encryption method available. The WPA encryption method comes in personal and enterprise versions. On the other hand, WPA2 comes in personal, mixed and enterprise versions; we have listed a brief description of all the WPA2 versions below:

• WPA-Personal/WPA2-Personal: These security modes are well suited for home and small office network environments. Both of these modes use Pre-Shared Keys and do not require an authentication server.
   
• WPA-Enterprise/WPA2-Enterprise: As the name suggests, these two security modes are designed for enterprise-class network needs. These security modes require a RADIUS (Remote Authentication Dial In User Service) authentication server and use Extensible Authentication Protocol and provide added security. Setting up a WPA-Enterprise or WPA2- Enterprise can cost a lot and the implementation can be complicated.
  ​ 
• WPA2-Mixed: This security mode allows clients to use either WPA-Personal or WPA2-Personal. WPA2-Mixed mode permits the coexistence of WPA and WPA2 clients on a common service set identifier (SSID) to allow older wireless devices to connect to the network using TKIP or AES encryption methods.

Whether you use the WPA or WAP2 encryption method, make sure to use a strong, complex, and difficult to guess Pre-Shared Key (Password). Please note that Pre-Shared Key is different from your router’s login credentials. Your router login credentials are required to access your router’s configuration page, whereas the Pre-Shared Key is required by wireless devices to join your network. This password can even include spaces so feel free to make a little phrase here.

4. Change SSID: Apart from changing your router’s default login credentials and IP address, you should also consider changing the router’s default SSID. SSID is a unique name that identifies your wireless network. Router manufacturers set a default SSID which usually is a combination of the manufacturer’s name and the model number. For example, Linksys®_WAG120N.

If your wireless network broadcasts the default SSID, intruders can easily distinguish the make /model of your router, and hack it with very little effort. Along with changing your router’s username, and password, it is important that you give a unique name for your wireless network.

5. Limit Wireless Coverage: Most wireless routers’ default settings extend the wireless coverage beyond your home or business perimeters. Limiting your wireless router’s coverage range could be an additional security measure to avoid probing by intruders outside your network coverage area. Please note that this is not a common feature on majority of routers. If you router has this feature (a few manufacturer’s call this feature ‘Radio Power’), you can use it to achieve this goal.

6. Do NOT Disable SSID Broadcasting: Unlike most guides that you might have read before, we do not recommend disabling this feature. When you disable SSID broadcasting on your wireless network, your wireless network will not show up when you search for a wireless network on Wi-Fi capable mobile devices. The idea is to hide your wireless network so that intruders and unauthorized persons wouldn’t know you have a wireless network! It sounds like a good idea, but it doesn’t offer any significant security advantages.&

Any determined hacker can still sniff out your SSID, and in most cases, hackers don’t even need to have your SSIDs in order to get into your network. Disabling SSID broadcast means you will have to manually configure Wi-Fi connections on new wireless devices that you wish to join your network. This could be a major inconvenience.

7. Do NOT Disable Universal Plug 'n' Play (UPnP): Again, unlike most guides, we do not recommend disabling the UPnP feature either. UPnP is a very useful router feature that dynamically opens virtual ports for applications when they need one. A virtual port allows software and devices to have a direct connection to the Internet for very specific purposes. An Xbox 360 may open a port for a multiplayer game, for example. Disabling this feature means that you would have to manually open all ports of all programs you will be using. 

NOTE: Please note that some routers could have security issues related to UPnP. However, you can always verify if your router is vulnerable by visiting the following website: http://upnp-check.rapid7.com/

Unfortunately, if the result says your router is vulnerable, you should contact your router’s manufacturer to verify if there is a firmware update available. Router manufacturer’s often release firmware updates to address security vulnerabilities and offer product enhancements. If there is no firmware update available, you should consider replacing your router.

Warning: Updating router firmware is a critical process and we recommend that you seek assistance from a qualified technician.

Every system has a flaw, but that doesn’t necessarily mean you should avoid it. With just a few security measures, you can enjoy your connected home or business network.

If you have any questions related to home networking, feel free to share it with us on our Facebook Page, or simply leave a comment below.

Copyright © 2013 Support.com, Inc. All rights reserved. Support.com is a trademark or registered trademark of Support.com, Inc. in the United States and other countries. All other trademarks are the property of their respective owners.​

In today's increasingly technology-driven world, the Internet plays a large role in spreading information. There are however things that people need to be aware of when using the Internet, such as cybercriminals, who misuse the Internet to carry out their criminal phishing attacks. They set out to deceive users into revealing their sensitive information unknowingly which can result in substantial financial loss.

Phishing attacks are one of the most serious problems that users face on the Internet and has been growing at an alarming rate. According to a report[1]published by EMC Corporation, the total number of phishing attacks launched in 2012 was 59% higher than in 2011.The global financial loss from phishing attacks is estimated to be around $1.5 billion in 2012, representing a 22% increase from 2011.

What is Phishing?

Phishing is a fraudulent act of deceiving users to acquire their sensitive personal information, such as usernames, passwords, social security numbers, and bank account/credit card details, etc. Phishing attacks are usually carried out via fraudulent e-mails, legitimate looking fake websites, fake phone calls, instant messages, malicious programs, rogue applications, etc.   

How Phishing Scams Work?

It all starts with a fraudulent notification, for example an email that you receive in your inbox. The email may appear as an official request from a trustworthy company seeking to alert you to something important. Such emails are cleverly designed to look identical to the company that the cybercriminals are trying to masquerade as. Such emails furthermore contain manipulated URLs, hyperlinked texts, and malicious attachments. The emails are intended  to scare/mislead you into believing that something bad has happened to your account with hopes that you act quickly by clicking on links that are included, which ultimately lead to a request for additional information to clear up the account issue.

Alongside the fraudulent emails, cybercriminals also create fake websites designed to closely resemble the official website of the company they are replicating. As soon as you click on the link in the email, you will be redirected to the fake website and you may be presented with a login screen or a web form that requests your private information. By providing your login credentials or just by filling out the form, you essentially end up handing over all your personal information. The cybercriminal at which time can misuse your information in a variety of ways including taking over your bank accounts, your credit card details, and even stealing your identity!

In phishing attacks, recipients are often tricked into installing malware on their computer, either by opening an email attachment or by clicking on a link. Once the users' computer is infected, the malware subsequently collects sensitive information to send to criminals operating the scam.

How to Recognize Phishing Emails

Skilled cybercriminals can fool even experienced computer users. However, by being able to recognize phishing emails you may be able to reduce your chances of being defrauded:

1. Your name is missing: The email doesn’t have your name in it.
    
2. Spelling and bad grammar: The email contains spelling or grammatical mistakes. 
    
3. Threats: The email contains threats that your security has been compromised, or requests that you take immediate action. 
    
4. Seeking personal information: The email requests your personal information such as, login details, bank account details, credit card details, etc.

An example of what a phishing scam in an email message might look like. Source: Microsoft[2].

1. Deals that sound too good to be true: The email contains deals or offers that sound too good to be true. For instance, the email claims that you have won a million dollar lottery and that they need your account information in order to credit the prize money!
    
2. Manipulated/ misleading links or anchor text: The email contains manipulated links or deceptive anchor text that redirects you to an unreliable destination.
    
3. Unsecured website:  You clicked on a link and were directed to a website with no https:// or padlock icon.
    
4. Donation requests: If you receive an email requesting a donation to a charitable organization after a disaster.

How to be Safeguard Against Phishing Attacks

Phishing attacks are a serious threat against all of us, and it is very important for all computer users to become familiar with various types of phishing scams as well as learn how to stay protected against them. Below is a list of top 5 ways to safeguard against phishing scams and attacks:

1. Think before you act:  The first step is to think before you take any action like opening attachments from an unknown sender, clicking on links included in an email, or filling out your personal information in a web form. Always be careful and think twice before doing anything on the Internet. 
    
2. Examine links and anchor text: Before you click on a link, use your mouse to hover over the link to verify the links destinations. 

   

   To verify a link/anchor text on a web browser, use your mouse cursor to hover over the link/anchor text to see the actual destination URL in the browser’s status bar. Alternatively, you can right click on the link > select ‘copy link location’ > and paste it in notepad.
    

3. Never click on a link in an email if it’s supposed to take you to a sensitive website: If the email you received is from your bank, just go to your bank’s website – don’t use the link in the email. If it’s a real notification, the notice will be posted on your account as well.
    
4. Keep your web browser up-to-date: Most modern web browsers today come with built-in features to help you stay protected against rough and malicious websites. Make sure your web browser is up-to-date. 
    
5. Keep your computer up-to-date: Keeping just your web browser up-to-date is not enough. Always make sure that your computer is up-to-date with recent operating system updates/patches, enabled firewall, and your security software has the most recent definitions. 
    
6. Make a call: If you ever receive an email from a company or an institution and you are not sure of its authenticity, do not hesitate to call the company or institution directly to verify if the email is genuine.

Phishing Attacks Are Not Limited to Emails

It is important to mention that phishing attacks via email are a common practice but are not limited. Cybercriminals are aware of the rising popularity of social networking websites and smartphones and are taking advantage of these platforms. You may become a victim of phishing attacks by clicking on a bogus post on a social networking site like Facebook, or installing a malicious app on your smartphone. 

Phone-based phishing attacks are becoming more common these days. Cybercriminals often attempt to trick users into divulging personal information via telephone calls or text messages. If you get one of these, contact your financial institution directly to find out if it’s real.

Reporting Phishing Attacks

If you believe you are a victim of a phishing attack, act quickly! Below is a list of some organizations that can assist you:

If you have any questions related to phishing, feel free to share it with us on our Facebook® Page, or simply leave a comment below.

1 http://www.emc.com/collateral/fraud-report/online-rsa-fraud-report-012013.pdf
2 http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

Copyright © 2013 Support.com, Inc. All rights reserved. Support.com is a trademark or registered trademark of Support.com, Inc. in the United States and other countries. All other trademarks are the property of their respective owners.​

Back in January of this year, the United States Department of Homeland Security advised PC users to disable Java from their web browsers following the serious zero-day vulnerabilities discovered in Java. In response, Oracle released an emergency Java patch, but the fix was not meant to patch all the critical vulnerabilities.​

Staying protected against Java exploits is a rising concern among millions of Windows®, Mac OS®, and Linux® users. What makes this exploit such a big deal is the fact that Java runs on more than 850 million personal computers and on billions of devices worldwide, including mobile devices and TVs¹. 

What is Java and why do I need it?

Java is an object oriented programming language and a cross-platform technology that was designed to have few implementation dependencies. Sun Microsystems released the first public implementation as Java 1.0 in 1995. Since its inception, Java has expanded and has gained immense popularity among more than 9 million² developers around the globe. The following statistics³ from Oracle can give you a good grasp of where Java currently stands:

• 1.1 billion desktops run Java
• 930 million Java Runtime Environment downloads each year
• 3 billion mobile phones run Java
• 31 times more Java phones ship every year than Apple and Android combined
• 100% of all Blu-ray players run Java
• 1.4 billion Java Cards are manufactured each year
• Java powers set-top boxes, printers, games, car navigation systems, ATMs, lottery terminals, medical devices, parking payment stations, and more.

“From laptops to datacenters, game consoles to scientific supercomputers, cell phones to the Internet, Java is everywhere!” – Oracle.⁴

Java powers numerous programs ranging from web-based applications, mobile applications, utilities, games, interactive content for websites, to large-scale enterprise applications. The moment you need to use an application or run/access any Java-based content, you need to have Java installed on your device.

So, what went wrong?

At the beginning of this year, researchers discovered a new Trojan called Mal/JavaJar-B that exploits a flaw found in Java, leaving computers running on Windows, Mac OS, and Linux vulnerable to serious attacks. The flaw allows attackers to remotely trigger malicious code which can then infect your machine with malware or even at times ransomware.

Let’s give you a little background on how these types of attacks actually work. Cybercriminals need a way to get their malicious programs into your computer. To achieve their goal, they often exploit security holes in legitimate programs or websites. For instance, cybercriminals can create a malicious web page, or even hack a legitimate website and inject malicious code to exploit a weakness in your browser. When you visit these web pages or websites, the malicious program enters your computer and infects it. In the same way, when cybercriminals discovered the security flaw in Java plug-ins, they started exploiting it to infect computers and fulfill their malicious intents.

Cyber intruders have been exploiting vulnerabilities in Java to execute a series of attacks not just against home-users, but also against companies such as Microsoft, Apple, and Twitter. In February, another zero-day vulnerability was discovered by the security firm FireEye that was used to attack multiple customers. Researchers at the security firm observed a series of exploitations against web browsers having Java v1.6 Update 41 and Java v1.7 Update 15 installed. Unlike other popular Java vulnerabilities, FireEye found that the new vulnerability leads to arbitrary memory read and write in JVM process.

A zero-day attack or vulnerability refers to an attack that exploits a previously unknown vulnerability in a computer program. The attack occurs on "day zero" of awareness of the vulnerability and developers had zero days to address and fix the vulnerability.

It isn’t the first time that hackers have targeted Java. It seems that cyber criminals are firmly establishing the trend of attacking Java to exploit its security flaws. According to security software maker Kaspersky Lab, Java became the most frequently attacked piece of software last year and it was responsible for 50% of all cyber-attacks in 2012.

However, to avoid any confusion, it is important to mention that these vulnerabilities are related to security issues with Java in web browsers (Java plug-ins) and are not applicable to Java running on servers, standalone Java desktop applications or embedded Java applications⁵.

Should I disable Java plug-ins?

As mentioned earlier, U.S. Department of Homeland Security is actively advising users to disable Java in their web browsers in order to stay protected against such vulnerabilities. In addition, researchers warned that it could take two years for Oracle to fix all the security flaws in Java, excluding any additional Java exploits likely to be discovered in the future.

While Oracle is working on patches to fix known security holes, there are currently no practical solutions to the vulnerability in the software; the only solution that seems available at this time is to unplug Java from web browsers.

However, before you unplug the Java plug-in, there are consequences you should be aware of. If you don’t have Java installed on your system and you try to run or access Java-based content, such as online games, web based instant messaging clients, mobile applications, etc., you will encounter the following warning/error message:

The absence of Java on your machine will completely prevent you from accessing Java-based content. This can be a huge inconvenience, but if you are concerned about security and want to be completely safe from these kinds of attacks, you’ll have to live with this inconvenience until the makers of Java come up with a concrete patch to fix these vulnerabilities.

However, the good news is that you don’t need Java all the time! You need it only when you are interacting with websites containing Java content. If you have multiple web browsers installed on your computer, you can choose to have the plug-in installed in one web browser (the one you rarely use) and only use it to access websites that require a Java plug-in.

Before you get ready to disable Java, you should check to see if you have Java installed on your machine. Visit this URL and click the ‘Do I have Java?’ link to see if you have Java installed.

​

If you have Java installed on your computer, you’ll be shown which version of Java is installed, and you’ll also be notified if a new version of Java is available for download.

How do I disable Java in my web browser?

Fortunately, unplugging the Java plug-in from the web browser is very straightforward. If you have Java v7 Update 10 or later installed on your computer, you can disable Java in all web browsers using the Java Control Panel. To access the Java Control Panel, follow these steps:

1. Click “Start” then click “Control Panel”.

1. Locate and launch “Java”.

​

1. Click the “Security” tab.

​

1. Un-check the “Enable Java content in the browser” checkbox. Click “OK” and you are done!

To completely uninstall Java from your computer or to disable Java plug-in on an individual browser, please use the links given in the next page for for step-by-step instructions:

Many PC users consider malware, viruses, spyware, adware, worms, Trojans, etc. as the same thing. While all these infections harm our computers, they are not the same. They are all types of malicious software that each behave differently.

The word malware is a combination of two words “malicious” and “software”. It is a generic term used to describe all of the hostile and intrusive program codes including viruses, spyware, worms, Trojans, or anything that is designed to perform malicious operations on a computer.

The meanings of many of these words have changed over time. Some refer to how the malware infects your system while other words are used to describe what the malware does once it’s active in your machine.

Delivery/Infection Methods

When we’re trying to build better software to remove malware from your machine, the main things that we are interested in is how it got into your computer and how it is continuing to work. The malware will generally fit into one of the following categories.

1. Virus – this is a term that used to be generic. Any bad software used to be a virus; however, we use the term “malware” now. We use the word “virus” to describe a program that self-replicates after hooking itself onto something running in Windows^®.
    
2. Worm – a worm is another kind of self-replicating program but generally doesn’t hook itself onto a Windows process. Worms generally are little programs that run in the background of your system.
    
3. Trojan – software that you thought was going to be one thing, but turns out to be something bad. Named for the fabled “Trojan Horse” that appeared to be a gift but in fact carried a dangerous payload.
    
4. Drive-by download – this is probably the most popular way to get something nasty into your computer. Most of the time, it comes from visiting a bad web page. That web page exploits a weakness in your browser and causes your system to become infected.

Malware Actions

Once malware is in your computer, it can do many things. Sometimes it’s only trying to replicate itself with no harm to anyone, other times it’s capable of doing very nasty things. 

1. Adware – not truly malware and almost never delivered using one of the methods above. Adware is software that uses some form of advertising delivery system. Sometimes the way that advertisements are delivered can be deceptive in that they track or reveal more information about you than you would like. Most of the time, you agree to the adware tracking you when you install the software that it comes with. Generally, it can be removed by uninstalling the software it was attached to.
    
2. Spyware – software that monitors your computer and reveals collected information to an interested party. This can be benign when it tracks what webpages you visit; or it can be incredibly invasive when it monitors everything you do with your mouse and keyboard.
    
3. Ransomware – lately a very popular way for Internet criminals to make money. This malware alters your system in such a way that you’re unable to get into it normally. It will then display some kind of screen that demands some form of payment to have the computer unlocked. Access to your computer is literally ransomed by the cyber-criminal.
    
4. Scareware – software that appears to be something legit (usually masquerading as some tool to help fix your computer) but when it runs it tells you that your system is either infected or broken in some way. This message is generally delivered in a manner that is meant to frighten you into doing something. The software claims to be able to fix your problems if you pay them. Scareware is also referred to as “rogue” software – like rogue antivirus.

Some malware get into your computer and appear to do nothing at all. Such malware may have no obvious symptoms, but it has infected your computer along with a group of other computers, forming what is called a “botnet”. This botnet can be directed by an Internet criminal to do any number of things including spam delivery and attacking Internet sites. Internet criminals don’t want to do anything direct that may be tracked back to them, so they employ botnets to do their dirty work for them.

Sometimes you’ll hear the term “rootkit” or “bootkit” used to describe a certain type of malware. Generally, this refers to methods that the malware uses to hide itself deep inside the inner workings of Windows so as to avoid detection.

You can mix and match these terms to describe just about any modern malware. Something like Tidserv/Alureon uses drive-by download to get into your system. Once it’s in, it creates a bootkit so it starts before Windows even starts, and it creates a worm-like application that uses rootkit techniques to hide itself. Once it all starts up, it can act like spyware or it can hijack many Windows functions to do just about everything from putting advertising popups on your system to allowing someone to take remote control of your system.

For maximum protection, make sure your PC is protected with security software that can protect you against malware.

If you have any questions related to malware, feel free to share it with us on our Facebook^® Page.

By joining the Support.com team, we can protect even more people with SUPERAntiSpyware. The whole team at SUPERAntiSpyware will be joining Support.com, including our founder Nick Skrepetos. Sure, some things will change as they always do, but one thing that won’t change is our dedication to our customers and to removing ALL the spyware, NOT just the easy ones! For more information about the acquisition, click here!

MySecurityShield Application

Click here to download SUPERAntiSpyware to Remove MySecurityShield

GoodMemory Application

Click here to download SUPERAntiSpyware to Remove GoodMemory

EasySCan Application

Click here to download SUPERAntiSpyware to Remove EasyScan

AntivirusScan Application

Click here to download SUPERAntiSpyware to Remove AntivirusScan

FastDisk Application

Click here to download SUPERAntiSpyware to remove FastDisk