Tuesday, January 21, 2020

When to update chrome and how to do it.

Update Google Chrome

To make sure you're protected by the latest security updates, Google Chrome can automatically update when a new version of the browser is available on your device. With these updates, you might sometimes notice that your browser looks different.

Get a Chrome update when available
Normally updates happen in the background when you close and reopen your computer's browser. But if you haven't closed your browser in a while, you might see a pending update:

1. On your computer, open Chrome.
2. At the top right, look at More More.
3. If an update is pending, the icon will be colored:

  • Green: An update was released less than 2 days ago.
  • Orange: An update was released about 4 days ago.
  • Red: An update was released at least a week ago.

To update Google Chrome:

1. On your computer, open Chrome.
2. At the top right, click More More.
3. Click Update Google Chrome.

  • Important: If you can't find this button, you're on the latest version.

4. Click Relaunch.

The browser saves your opened tabs and windows and reopens them automatically when it restarts. Your Incognito windows won't reopen when Chrome restarts. If you'd prefer not to restart right away, click Not now. The next time you restart your browser, the update will be applied.

All credit goes to http://bit.ly/2Gb0miP

Tuesday, January 14, 2020

7 Google Chrome Tips to Get The Most of Your Browser

Over a billion people use Google Chrome daily. Users love its simple interface, quick speed, and vast catalogue of browser extensions. Chrome is so widespread in the US that aside from its nearest rival, Safari, which holds 32% of the market, no other browser tops 5% of users.

If you love Google Chrome and want to take your browsing experience to the next level, then try out these essential browser tips.

Learn Your Shortcuts
Before sharing favourite extensions for security and convenience, it’s important to review some Chrome fundamentals. You may already know that “Ctrl + T” opens a new tab, and “Ctrl + N” — a new window.

Here are some of the other shortcuts you may find useful:

Ctrl+J = Open Downloads window.
Ctrl+K = Move the cursor to the Omnibox (address bar).
Ctrl H = Show History
Ctrl B=Show Bookmarks
Ctrl+1-8 = Pressing Ctrl and any number 1 through 8 moves to the corresponding tab in your tab bar.
Ctrl+9 = Switch to the last tab.
Ctrl+Shift+T = Undo any closed tab.
Ctrl+Shift+N= Open Incognito mode
Ctrl+W= Close active window
Ctrl+Shift+Delete= Clear browsing data

Clear Up Some Space
Press Ctrl+Shift+Delete, and you’ll see how much space Chrome data is taking up. Depending on when the last time you’ve cleared Chrome, you may have gigabytes of cached data. What’s excellent about Chrome, you can customise how you want to remove it.

You can remove everything or select time frames like the last 24 hours or two weeks. Meanwhile, you can keep your stored passwords, autofill data, and select anything else you want to keep while deleting everything else.

Doing this now and then is a great way to save space on both your desktop and mobile devices.

Clean Your Computer
Did you know Chrome can check your computer for spyware and other threats? Both Windows and Mac users can use Google’s Software Removal Tool in Chrome’s settings.

By any means, it shouldn’t replace your anti-malware software. But it’s an extra layer of security, and it’s free.

Get a Chrome Password Manager
To secure your online accounts, you need to use robust, lengthy, and unique passwords. But creating and remembering these for the 50 or more online accounts you have is impossible.

Fortunately, you can download a Chrome password manager (for example, this one). Chrome does have a built-in password storing option, but it’s not a secure one. You’re better off going with a browser extension that combines security and convenience.

Then you can store all your passwords in one secure place and then sync them across your devices. It makes your login credentials not only safer but easier for you to access. Talk about a win-win.

Block Pop-ups and Ads
In 2020, there’s no reason for you to experience pop-ups and intrusive ads. Adblock Plus is the classic Chrome extension that kills a wide array of pop-ups and even hits YouTube ads.

But some options include not only pop-up blocking but also malware detection and more. Check out Ghostery, which blocks not only pop-ups but also third-party tracking scripts. Companies use those to track Internet user’s activity for marketing or other purposes.

Find the Right Extensions for You
Password managers and pop-up blockers are essential for all internet users. But from here, take some time to find the right extension for you. No matter what your occupation or interest, you’ll be able to find a helpful extension.

For example, students and professionals can benefit from spelling and grammar tools like Grammarly. Grammarly checks all form boxes and fields to make sure you don’t have any errors.

Online shoppers can use Honey to scan the internet for promo codes and discounts that auto appears at checkout. And that is just the beginning. Experiment and see what you can find.

Take Care of Chrome
Chrome should update automatically. But if you’re one of those people who don’t close the browser (or turn off the computer), you may want to check. Chrome will notify you if an update is available. Click on the three dots next to your account picture. If you don’t see anything, then go to Help and check manually.

Then from time to time, restore default settings, delete unused extensions and books, and check the activity logs. Keeping on top of this will ensure Chrome is always running fine.

Top Chrome Tips for 2020
Google Chrome is a fantastic web browser. It’s simple, fast, and secure. But you can make Chrome your own only when you start integrating these tips into your daily life. Get out there and make the most out of your browsing experience.

all credit goes to http://bit.ly/2spJKkd

Tuesday, January 7, 2020

Employee education, training is key to curtailing risk of phishing attack

While the objective of phishing has remained constant over time, the nature of phishing attacks is constantly evolving.

Despite being one of the oldest types of cyberattacks — dating back to the 1980s — phishing continues to plague businesses of all types as one of the most significant cyberthreats today. The recent global ransomware attack WannaCry, which infected more than 200,000 computers in at least 100 countries, originated with a successful email phishing attack. WannaCry is just one of countless examples of the widespread, severe damage that cybercriminals can inflict upon businesses by using disguised email as a weapon. Phishing attacks are on the rise and are becoming more sophisticated as time progresses.

As such, now is the time for companies of all shapes and sizes to review the issue of phishing and what steps can be taken to minimize the risk of this lethal cyberthreat. In particular, employee education and training is a vital tactic that can be employed to combat the threat of phishing so that companies don’t fall victim to this time-tested attack vector.
Related: Top U.S. cybercrimes include more than just data breach, phishing

Phishing explained

As a general matter, phishing involves the sending of fraudulent email communications that deceivingly appear to originate from a reputable source. The objective of phishing attacks is either to steal sensitive personal data, such as credit card information or login credentials, or to install malware on the target’s machine or systems. Many phishing emails include ransomware — a vicious form of malware that can lock a device by encrypting its files, which then become inaccessible to the victim until a ransom is paid.
Although the objective of phishing has remained constant over time, the nature of phishing attacks is constantly evolving. For starters, cybercriminals have branched out beyond emails, and now are perpetrating phishing attacks through both text messages and social media platforms. In addition, today’s targeted phishing attacks are also combined with social engineering methods, where phishers research their intended target and incorporate detailed personal information pertaining to the intended victim in their fraudulent communications, significantly raising the likelihood of success of the attack. As such, it is significantly more challenging for companies to defend against phishing scams today than in years past.

Furthermore, the financial impact that a successful phishing attack has on a company is significant. According to the FBI’s Internet Crime Report, in 2017 alone, business email compromise — a form of targeted phishing geared to defraud companies — cost targets an average of $43,000. In May of last year, the FBI announced updated numbers, providing that phishing has cost businesses more than $12 billion over the last five years alone.

Employee education and training

Employee education and training is an essential tool that companies must utilize in order to effectively defend against sophisticated phishing scams. With proper education and training, a company’s workforce can serve as a robust first and last line of defense against phishing attacks.
Companies should include targeted phishing awareness education and training as an integral part of every employee’s onboarding process. In addition, companies should also complete phishing training on a regular basis for all members of their organization. Importantly, however, companies cannot rely on mere annual training to carry the day when it comes to effectively combating the threat of phishing attacks. Rather, in order to fully minimize the threat, training needs to be multifaceted, ongoing and consistent.

The first step in educating and training employees is to persuasively convey how significant a threat phishing poses to the long-term success of the organization. Educating employees about the dangers and consequences of phishing attacks is one of the best defenses companies can deploy to guard against the risk of phishing scams. In addition, employees should be educated on current phishing methods and techniques that are being deployed by hackers to deceive employees into giving up access to their organization’s network and systems. This ensures that employees stay up-to-date on new and emerging threats, and keeps important data security practices and habits fresh in workers’ memories. Furthermore, companies must also provide employees with best practices to implement to ensure they avoid the pitfalls of potential phishing scenarios, such as:

Never trusting an email based simply on the message’s purported source;
Never relying exclusively on images or logos as a measure of a email’s authenticity;
Being suspicious of emails with generic greetings and improper grammar style;
Being cognizant of the fact that enticing or aggressive email subject lines are commonly used to entice people into clicking on a link or taking other high-risk actions;
Recognizing that emails that threaten or urge “immediate action” are often used to scare and intimidate targets into acting hastily, before they take the time to exercise proper caution;
Never clicking on a link without first verifying the destination of the link by hovering the user’s cursor over the URL to determine the link destination; and
Never transmitting sensitive personal or company information via email.
Finally, companies must also teach and train all employees how to spot and recognize attempted phishing attacks. Active training — as opposed to passive training, such as video tutorials — in individual settings is ideal to maximize the impact of phishing training regimens. A very effective technique that companies can implement is to demonstrate what an actual phishing attack might look like in real-time, and how that attempted attack is properly dealt with and neutralized.

In addition, training employees in real-life, non-classroom settings with simulated phishing campaigns is also an extremely effective training and educational tool that aids employees in recognizing their own understanding of the threat, while at the same time reinforcing the company’s anti-phishing education and training efforts. For example, a company can test employees by sending them simulated phishing emails to see if they are able to detect the malicious nature of the message. If an employee responds to the email, the company can then use this as an opportunity to educate the employee and further reinforce the importance of proper security measures and practices.

Beyond that, the results of simulated phishing exercises — such as the attack techniques that workers are most susceptible to — can be used to focus and strengthen the organization’s phishing education and training efforts, helping to shore up any weak spots that employees may demonstrate in identifying and avoiding phishing scams.

The final word

According to Symantec’s 2018 Internet Security Threat Report, approximately 71.4% of targeted cyberattacks involved the use of phishing email messages. In addition, according to a recent Verizon Data Breach Investigations Report, almost two in three instances of malware were installed by way of malicious email attachments contained in phishing emails. Companies can expect to continue to encounter a similar, steady — if not increasing — steam of phishing attacks specifically targeting business entities for the foreseeable future. As such, now is the time for companies to ramp up their employee phishing education and training regimens to effectively defend against the high volume of sophisticated phishing scams which show no signs of slowing down in the coming years.

By effectively educating and training workers to employ effective anti-phishing data security practices, companies can put their workforce in the best position to identify, respond to, and defeat attempted phishing schemes when — inevitably — they arrive in a worker’s inbox.

All credit goes to: https://www.propertycasualty360.com/2019/05/24/how-effective-employee-education-and-training-combats-phishing-attack-risk-414-155823/?slreturn=20190428150802