Threat Lab

Girl Scouts and OpenText empower future leaders of tomorrow with cyber resilience

The transition to a digital-first world enables us to connect, work and live in a realm where information is available at our fingertips. The children of today will be working in an environment of tomorrow that is shaped by hyperconnectivity. Operating in this...

World Backup Day reminds us all just how precious our data is

Think of all the important files sitting on your computer right now. If your computer crashed tomorrow, would you be able to retrieve your important files? Would your business suffer as a result? As more and more of our daily activities incorporate digital and online...

3 Reasons We Forget Small & Midsized Businesses are Major Targets for Ransomware

The ransomware attacks that make headlines and steer conversations among cybersecurity professionals usually involve major ransoms, huge corporations and notorious hacking groups. Kia Motors, Accenture, Acer, JBS…these companies were some of the largest to be...

How Ransomware Sneaks In

Ransomware has officially made the mainstream. Dramatic headlines announce the latest attacks and news outlets highlight the staggeringly high ransoms businesses pay to retrieve their stolen data. And it’s no wonder why – ransomware attacks are on the rise and the...

An MSP and SMB guide to disaster preparation, recovery and remediation

Introduction It’s important for a business to be prepared with an exercised business continuity and disaster recovery (BC/DR) plan plan before its hit with ransomware so that it can resume operations as quickly as possible. Key steps and solutions should be followed...

Podcast: Cyber resilience in a remote work world

The global pandemic that began to send us packing from our offices in March of last year upended our established way of working overnight. We’re still feeling the effects. Many office workers have yet to return to the office in the volumes they worked in pre-pandemic....

5 Tips to get Better Efficacy out of Your IT Security Stack

If you’re an admin, service provider, security executive, or are otherwise affiliated with the world of IT solutions, then you know that one of the biggest challenges to overcome is efficacy. Especially in terms of cybersecurity, efficacy is something of an amorphous...

How Cryptocurrency and Cybercrime Trends Influence One Another

Typically, when cryptocurrency values change, one would expect to see changes in crypto-related cybercrime. In particular, trends in Bitcoin values tend to be the bellwether you can use to predict how other currencies’ values will shift, and there are usually...

7 cyber safety tips to outsmart scammers

Welcome to the wild west of the digital world where cyber scammers lurk around every pixelated corner. Cybercrime isn’t just a futuristic Hollywood plotline, it’s a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents.

And guess what? It’s on the rise faster than your Wi-Fi connection during peak hours (okay, maybe not that fast, but you get the gist). So, hoist the sails as we cruise through the seven seas of cyber safety.

Identifying scams

Before we dive headfirst into the cyber safety tips, let’s equip ourselves with the ultimate weapon: knowledge. Scams are the digital equivalent of a snake oil salesperson peddling miracle cures. They come in all shapes and sizes, lurking in the shadowy corners of the internet.

Let’s embrace the golden rule of scam detection: skepticism.
Whether it’s a promise of untold riches, a once-in-a-lifetime opportunity, or a free Caribbean cruise courtesy of a Nigerian prince, approach with caution and a healthy dose of skepticism.

Now, let’s take a quick tour through the terrain of common cyber scams:

  • Phishing scams
    Ah, phishing scams, the bane of our digital existence. These sneaky scams involve fake emails posing as messages from familiar faces or reputable companies. They’ll try to sweet-talk you into clicking on suspicious links or divulging sensitive information like passwords or credit card details. Remember: real companies don’t ask for your personal data via email.
  • Sweepstakes and awards scams
    Congratulations! You’ve just won a brand new car, a tropical vacation, and a lifetime supply of unicorn-shaped cookies—all you need to do is pay a small processing fee. Sound too good to be true? That’s because it is! These scams offer you instant wealth but are really just clever ruses to empty your wallet faster than you can say “jackpot.”
  • Investment scams
    Picture this: a golden opportunity to double your money with zero risk. Investment scams lure unsuspecting victims with the promise of sky-high profits. Don’t let these offers cloud your judgment. Always do your due diligence before investing your hard-earned cash.
  • Lawsuit or tax scams
    Lawsuit and tax scams thrive on instilling fear and panic, claiming you owe urgent payments. When in doubt, verify the legitimacy of any claims before reaching for your wallet.
  • Romance scams
    Romance scams prey on the trusting hearts of hopeful romantics, weaving elaborate tales of love and devotion before swooping in for the financial kill. Remember: anyone who asks for money online is more likely to break your heart than mend it.
  • Tech support scams
    These imposters offer remote assistance to fix nonexistent problems with your laptop or devices while gaining access to your sensitive data. Remember: legitimate tech support doesn’t come knocking unsolicited. If in doubt, just delete the email and seek help from trusted sources.

Equipped with this knowledge, you’re ready to navigate the digital minefield with confidence. You can also be a good internet citizen by forwarding these scams to the U.S. government’s Cybersecurity & Infrastructure Security Agency (CISA) at phishing-report@us-cert.gov.

Your 7 tips to stay safe online

  1. Use strong passwords
    Let’s kick things off with the basics. Your password is the digital key to your castle, so make sure it’s not something as flimsy as ‘123456’ or ‘password.’ Get creative! Mix uppercase, lowercase, numbers, and special characters like a mad scientist concocting a secret potion. And don’t reuse passwords across multiple accounts unless you want to throw a welcome party for cybercriminals.
  2. Keep your devices updated
    Newsflash: Cybercriminals love exploiting vulnerabilities in outdated software like it’s Black Friday at the cybercrime emporium. Stay one step ahead by keeping your devices and applications updated. Those pesky software updates aren’t just about adding a new emoji, they often contain vital updates to fix security issues.
  3. Lockdown your privacy settings
    Your online profiles are like open books to cyber snoops unless you lock them down. Take a few minutes to review and adjust your privacy settings on platforms like Facebook, Instagram, and YouTube. Limit who can see your posts, tag you in photos, or slide into your DMs without an invitation.
  4. Safeguard your privacy with a trustworthy VPN
    In the digital-verse, protecting your online privacy is paramount, like guarding the secret recipe to your grandma’s famous carrot cake. That’s where a virtual private network (VPN) swoops in like a digital superhero to save the day. By encrypting your internet connection and masking your IP address, a good VPN shields your online activities from prying eyes, hackers, and nosy advertisers.
  5. Use two-factor authentication
    Two-factor authentication (2FA) adds an extra layer of security for your account logins by having you not only enter your password but also provide a second form of verification, such as a one-time code texted to your phone. It’s like having two bouncers screening out any shady characters trying to hack into your accounts.
  6. Backup your data
    Picture this nightmare scenario: Your laptop is suddenly hijacked by a malware infection or a ransomware attack encrypting all your files and holding them hostage. But fear not! By regularly backing up your data to the cloud or an external hard drive, you can rest easy knowing that your digital treasures are safe and sound.
  7. Safeguard your loved ones
    Internet scams can be devastatingly effective when targeting vulnerable groups such as the elderly, children, or those less tech savvy. So it’s crucial to designate someone as the cybersecurity leader within your family. One of your top priorities should be to ensure that everyone’s devices are equipped with robust identity protection and antivirus software. Think of it as fortifying your digital fortress, shielding your loved ones from the threats lurking in the internet world.

Congratulations, you’ve just leveled up your digital defense game! By implementing these seven cyber safety tips, you can protect yourself and your loved ones from cyber scammers. Stay safe out there!

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

9 tips to protect your family against identity theft and credit and bank fraud

Did you know that more than nine million Americans have their identity stolen each year?

Your data is stored across countless databases for various purposes, making it a prime target for criminals. With access to your personal information, bad actors can drain your bank account and damage your credit—or worse.

But that doesn’t mean you and your family have to become victims. By taking the right steps, you and your loved ones can enjoy the peace of mind that comes from identity protection.

Check out the nine tips below to discover how you can enable family protection and help prevent identity theft and credit and bank fraud.

1. Be protective of your personal information

If criminals get ahold of your personal information—such as your name, address, date of birth, and social security number—they can use it to commit identity theft. This can impact your credit score, your savings, and your reputation—or even result in criminal records. Protect yourself by shredding documents with any personal information, and, when possible, avoid sharing this information over the phone or via email.

2. Use strong and unique passwords

Passwords are your first line of defense to protecting your online accounts from hackers. That’s why your passwords should be strong: at least eight characters long with a combination of uppercase and lowercase letters, numbers, and symbols.

But it’s just as important you don’t use the same password for multiple accounts. If you’ve been compromised in a data breach, hackers can use your stolen email and password to try and enter thousands of other sites—and if you keep using the same credentials, they’ll be successful.

Instead, use a password manager to easily generate and use strong passwords without having to recall them all. They’ll be stored in a secure vault, so you only need to remember the main password to the password manager app.

3. Monitor your accounts regularly

Detect unauthorized transactions early by regularly checking your bank and credit card statements. If you notice any unauthorized transactions, immediately report them to your bank or credit card company.

4. Be wary of phishing scams

Many criminals will send emails or text messages that appear to be from a legitimate source, like your bank or credit card company. Known as phishing scams, these messages will typically ask you to provide personal information or click on a malicious link. To avoid falling victim, always double-check the source of any message and never click on links or provide personal information unless you’re certain the message is legitimate.

5. Use two-factor authentication

Two-factor authentication adds an extra layer of security to your online accounts. With two-factor authentication, you’ll need to provide a second form of identification—such as a code sent to your phone—in addition to your password. Even if your account information is compromised, bad actors won’t be able to access your account without this secondary identification.

6. Secure your devices and connections

Without the right precautions, your computers, smartphone, and other devices can be easily hacked or compromised. To secure them, make sure your devices are up to date with antivirus software and are password-protected. Avoid using public Wi-Fi to access sensitive information—as these networks are often unsecured—or use a VPN to hide your identity and stay anonymous.

7. Keep an eye on your credit reports

Did you know you’re entitled to a free credit report once a year from each of the three major credit bureaus? Check your credit report regularly to help detect any suspicious activity, such as accounts you didn’t open or loans that you didn’t apply for. You can also use a reputable credit monitoring service—which often includes SSN monitoring—for real-time alerts and protection.

8. Stay on top of the latest scams (especially with the rise of AI)

Criminals are adopting new AI-powered scam tactics as the technology becomes more accessible. For example, it’s now possible to impersonate a friend or family member, even over the phone or by a video call. Keep informed of the latest scam techniques by following reputable cybersecurity experts and checking reputable news outlets. Because new tactics can pop up faster than they can be reported, be extra vigilant—be wary of unsolicited emails and messages and always verify a person’s identity before you share personal information.

9. Get your family covered with an identity protection package

For the best identity protection, you should invest in a comprehensive protection plan. Webroot™ Premium with Allstate™ Identity Protection, for example, includes:

  • Protection against viruses, malware, scams, and other cyber threats.
  • Password management to keep your credentials safe.
  • Protection for 10 family members, including you and your partner, your children, and seniors aged 65+ you wish to protect.
  • Identity, credit, and financial accounts monitoring and alerts if potential fraud is detected.
  • Advanced dark web monitoring that notifies you if your personal data is found in a data breach or your credentials are compromised.
  • 24/7 US-based support with remediation experts that help you restore your stolen identity or mitigate fraud on your accounts.
  • Up to $1M reimbursement1 for:
    • Fraud expenses like out-of-pocket costs associated with identity restoration, including legal fees, lost wages, child or elderly care, replacement of identification cards, driver licenses, and passports.
    • Stolen funds in case identity fraud led to fraud on your saving accounts—including up to $150,000 for 401 (k)/HSA.

Get family protection today

To protect yourself and your family against identity theft and bank fraud, you need to be vigilant and commit to good security practices. By following the nine tips, you can help reduce your likelihood of becoming a victim and safeguard your personal and financial information.

Do you want to make identity protection even easier?

Discover Webroot.

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

1Identity theft insurance covering expense and stolen funds reimbursement is underwritten by American Bankers Insurance Company of Florida, an Assurant company. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Product may be updated or modified. Certain features require additional activation. The aggregate limit for an individual or family plan is $1,000,000 in one year.

Navigating the Web of Romance Scams: A Guide for Businesses and Consumers

In the digital age, the quest for love has moved online, but so have the fraudsters, with romance scams reaching record highs. These scams don’t just harm individuals financially and emotionally; they can also pose significant risks to businesses. Let’s explore how these scams work, their impact, and how both businesses and consumers can protect themselves.

Understanding Romance Scams

Romance scams involve fraudsters creating fake profiles on dating sites, social media platforms, or apps to establish relationships with victims, gain their trust, and eventually, scam them out of money. In 2022, nearly 70,000 people reported such scams, with losses totaling a staggering $1.3 billion. The median loss per victim was around $4,400, highlighting the severe impact on individuals​​.

Key Trends to Watch

The reported losses to romance scams were up nearly 80% year over year, showing a rapid increase in both the frequency and effectiveness of these scams​​. This trend underscores the evolving threat landscape and the importance of continuous awareness and education on cybersecurity threats, including those that initially appear to be personal in nature.

  • Rise in Cryptocurrency Payments: Fraudsters are increasingly asking for payments in cryptocurrency, exploiting its semi-anonymous nature. In 2021, losses to romance scams involving cryptocurrency were reported at $139 million​​. Expect this to avenue of fraud to consistently escalate as crypto prices and adoption increase.
  • Social Media as a Starting Point: Around 40% of romance scam victims in 2022 reported that the scam started on social media, a significant increase that highlights the broadening tactics of scammers​​.
  • Increased Use of Gift Cards: Despite the high losses associated with cryptocurrency, gift cards remain a preferred method for scammers, given their ease of use and difficulty in tracing​​.

The Business Angle

When employees fall victim to these scams, the emotional and financial distress can lead to decreased productivity and increased susceptibility to further scams, including those targeting the workplace. Fraudsters may use personal relationships to extract sensitive information or gain access to company networks. Thus, an employee compromised by a romance scam can inadvertently become a weak link in the company’s cybersecurity defenses.

How Romance Scams Affect the Workplace

  • Distraction and Distress: Victims of romance scams often experience significant emotional and financial distress. This state of mind can lead to increased susceptibility to other types of scams or malicious attacks. When employees are distracted or stressed, they’re more likely to make mistakes, such as inadvertently clicking on phishing links or downloading malicious attachments.
  • Credential Compromise: In some cases, romance scammers may directly target individuals to gain access to their professional credentials. A seemingly innocuous request for information from a “trusted” romantic partner could actually be a ploy to infiltrate company networks.
  • First Line of Defense: Employees are often considered the first line of defense against cyber threats. When their judgment is clouded by personal issues, such as those stemming from a romance scam, this line of defense can weaken, exposing the organization to increased risk.

Protecting Yourself and Your Business

  • Educate and Train Employees: Awareness is the first step in prevention. Businesses should include the risks of social engineering scams, like romance scams, in their cybersecurity training programs, highlighting how personal security practices impact professional security.
  • Encourage Open Communication: Create an environment where employees can report personal security breaches without fear of judgment. This transparency can be crucial in preventing security risks to the business.
  • Encourage Healthy Skepticism: Teach employees to question unexpected requests for information or money, whether from strangers, online acquaintances, or even romantic partners they have not met in person.
  • Regular Security Assessments: Continuously evaluate and improve security practices to safeguard against evolving threats. This includes ensuring that personal devices used for work purposes are also secure.
  • Monitor Financial Transactions: Look out for unusual financial requests or transactions, especially those involving cryptocurrency or gift cards.
  • Verify and Validate: Encourage employees to verify the identities of individuals they interact with online and to use reverse image searches to check the authenticity of profile pictures.

Romance scams are a multifaceted problem with both personal and professional ramifications. By staying informed, fostering open communication, and implementing robust security measures, businesses and consumers alike can better protect themselves from these emotionally and financially devastating schemes. Remember, cybersecurity is not just about technology; it’s about understanding human behavior and the various ways it can be manipulated.

For more detailed information on how to protect yourself from romance scams, visit the Federal Trade Commission’s website.


Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

Tax season alert: Common scams and cracked software

OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One trend that has recently caught our attention is the notable spike in malware-infected cracked software, particularly as we enter tax season. This post aims to shed light on the dangers of using cracked software, share best practices for a secure tax season, and highlight our latest intelligence on the surge in cracked tax software threats.

The bidden cost of cracked software

Cracked software, often touted as a cost-free way to access games and expensive software, carries a significant risk far beyond legal and ethical concerns. These unauthorized versions are frequently loaded with malware, from trojans and keyloggers to ransomware. The allure of free access blinds users to the dangers, turning their devices into gateways for cybercriminals to steal sensitive information, encrypt files for ransom, or enlist computers into botnets.

Tax season: A cybercriminal’s playground

Tax season is inherently stressful, with individuals and businesses rushing to meet filing deadlines. It’s also a golden opportunity for cybercriminals to exploit vulnerabilities through phishing scams, identity theft, and malicious software. Our best practices for a secure tax season include:

  • Use legitimate tax software: Always download tax preparation software directly from the official provider or authorized resellers.
  • Enable multi-factor authentication (MFA): Adding an extra layer of security can significantly reduce the risk of unauthorized access.
  • Beware of phishing attempts: Be skeptical of emails, messages, or phone calls claiming to be from the IRS or tax preparation services, especially those urging immediate action or asking for personal information.
  • Seriously, the IRS will NOT email/text/call you for money: They will send you a letter to your mailbox.
  • Keep software updated: Ensure that your operating system and all applications are up to date with the latest security patches.
  • Secure your personal information: Store sensitive documents securely and only share personal information over encrypted connections. This especially means tax return forms.

The rise of cracked tax software threats

Our threat intelligence team has observed an increase in malware-infected cracked tax software. As tax season approaches, cybercriminals capitalize on the demand for tax preparation solutions, disguising malware as cracked versions of popular tax software. These malicious versions can steal personal and financial information, leaving users vulnerable to identity theft, financial loss, and potential legal consequences.

This trend underscores the importance of vigilance during tax season. The risks associated with using cracked software, especially for something as sensitive as tax preparation, cannot be overstated. Not only does this expose individuals to malware, but it also jeopardizes the integrity of personal and financial data.

The convergence of cracked software and tax season scams highlights a broader trend in cyber security threats. As cybercriminals become more sophisticated, the importance of adhering to best practices and using legitimate software cannot be overstated. Remember, the cost of using cracked software can far exceed the price of legitimate software, not just in dollars but in the potential for irreversible damage to your digital and financial well-being. Stay informed, stay secure, and let’s navigate the digital landscape safely together.

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

Uncover the nastiest malware of 2023

Our annual analysis of the most notorious malware has arrived. As always, it covers the trends, malware groups, and tips for how to protect yourself and your organization.

This post covers highlights of our analysis, including the rise of ransomware as a service (RaaS), the six nastiest malware groups, and the role of artificial intelligence in both cybersecurity and cyberthreats.

Malware shifts to RaaS

To say cybercriminals have come a long way since their humble beginnings—when floppy disks were used to spread malware infections—is an understatement. Their tactics have evolved significantly over the years, with ransomware now the malware of choice for cybercriminals.

The allure of ransomware is not surprising given the combination of financial gains and potential for anonymity. Never satisfied in their quest to scale operations and increase revenue potential, criminal actors have shifted their focus to a relatively new “business model” that is proving very successful—ransomware-as-a-service (RaaS). By removing the technical barriers for prospective affiliates, RaaS makes it easy for big players to grow their “enterprise.”

Who made this year’s malware list?

Topping this year’s nastiest malware is CI0p. This ransomware group made a name for itself with the MOVEit campaign, which drove up the average ransom payment to nearly three-quarters of a million dollars. To date, this campaign is known to have impacted more than 1,150 organizations and over 60 million individuals, putting its global cost at close to $11 billion.

Also on the list are four new ransomware gangs—Black Cat, Akira, Royal, and Black Basta—believed to be the next generations of previous big players. They join a familiar name on the list, Lockbit.

We ranked these six malware groups accordingly:

  1. Cl0p, a RaaS platform, became famous following a series of cyberattacks that exploited a zero-day vulnerability in the MOVEit file transfer software developed by Progress Software.  
  2. Black Cat, believed to be the successor to the REvil ransomware group, built its RaaS platform on the Rust programming language. Black Cat made headlines for taking down MGM Casino Resorts. 
  3. Akira, presumed to be a descendant of Conti, primarily targets small- to medium-sized businesses. Most notably, Akira ransomware targeted Cisco virtual private network (VPN) products to breach corporate networks, steal data, and encrypt it. 
  4. Royal, suspected heir to Ryuk, uses whitehat penetration testing tools to move laterally in an environment and gain control of the entire network. A unique partial encryption approach allows the threat actor to choose a specific percentage of data in a file to encrypt.
  5. Lockbit 3.0, a main stain on the list and last year’s winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.  
  6. Black Basta, one of the most active RaaS threat actors, is considered to be yet another descendant of the Conti ransomware group. It has gained a reputation for targeting all types of industries. 

An intelligent future: artificial intelligence and machine learning

For six years, the OpenText™ Cybersecurity threat intelligence team has witnessed a steady increase in the number and sophistication of malware attacks—which show no signs of slowing down. Threat actors are creative and resourceful in their attempts to trick users and exploit software and computer vulnerabilities. And while the use of artificial intelligence (AI) and machine learning (ML) in cybersecurity is still in its early stages, it is rapidly evolving. This is good and bad news.

AI and ML have the potential to make the world a safer place, but they could also be used for malicious purposes. Rather than taking a wait-and-see approach, businesses of every size must take steps to protect themselves and mitigate the risks.

For a more detailed analysis of the 2023 malware landscape and tips from OpenText Cybersecurity threat experts on how to protect against ransomware attacks, visit: Ask your question | Webroot Community

Building a cyber resilient business: The protection layer

Cybercrime is on the rise. The number of ransomware attacks has increased by 18%, while the worldwide volume of phishing attacks doubled to 500 million in 2022. Depending on the size of the business, one-third to two-thirds of businesses suffer malware attacks in any given year.

And those attacks are costing companies a lot of money. In 2022, American businesses lost $10.3 billion to data breaches and cybercrime.

This is all happening while companies are spending trillions digitizing their business operations and trying to obtain secure cyber insurance while keeping up with regulatory changes in GDPR, HIPAA, and Sarbanes-Oxley.

The best way to weather these challenges is to become a cyber resilient business. That means implementing a layered security and data management strategy that encompasses prevention, protection, and recovery so that your data, your bottom line, and your reputation remain secure.

In this article, we’ll discuss the importance of data security and protection.

How to protect your data

A sophisticated, layered security strategy will already have prevention tools like endpoint and DNS protection in place as well as security awareness training to stop threats before they reach your network.

Unfortunately, that’s not enough. Attacks are becoming increasingly sophisticated and complex, and that first line of defense may not catch them all.

If a threat can penetrate the prevention layer, protection-layer tools kick in to neutralize the threat or minimize the damage of an attack.

Here are two tools that can protect your data:

1.   Email threat protection and email continuity

Email is one of the most common entry points for attacks, from phishing links to ransomware and business email compromise (BEC) to malicious attachments. Cyber criminals can mimic trustworthy senders so you need a tool that helps you tell the difference between a safe email and suspicious one.

Tools like Webroot’s Advanced Email Threat Protection analyze the links and attachments in messages to detect malware and keep your systems secure against threats. Webroot Email Continuity can continue to send and receive emails for up to 30 days even if the infrastructure is down.

2.   Email encryption

Companies rely on email to distribute important information, but when that information is confidential and sensitive, you need an encryption tool to protect it. If a cyber criminal gets access to emails, they won’t be able to access that sensitive data if it’s encrypted.

Webroot Advanced Email Encryption powered by Zix is an industry-grade encryption tool that runs in the background, without disrupting workflows or requiring any input from the user. It’s invisible to the user and requires no extra training, while keeping your communications confidential. Also, default and customizable Data Loss Prevention (DLP) policies are available at no additional cost to prevent unauthorized users from emailing sensitive data to parties outside the organization.

Customer stories

When Spitzer Automotive’s new Chief Information Officer joined the company in 2019, he realized there was a big problem that affected the company’s security and employee productivity: employees were spending too much time reviewing emails for spam. One phishing attack slipping through human review could cause big problems for the company in downtime, financial loss, and reputational damage.

Spitzer chose Webroot’s Advanced Email Threat Protection and Email Continuity as a cloud-based solution to pair with Microsoft 365. Not only were they able to save money by bundling the two together, but it also allowed the company to automate email protection by reducing the number of email threats and quarantining malicious emails.

Allery, Asthma, and Sinus Center had a different reason for using Webroot Email Threat Protection and Email Continuity. As a healthcare group, they had sensitive patient data to protect and a ransomware attack from malicious emails could put that at risk.

Once they put the Webroot system in place, they were able to focus on other IT matters while knowing that patient data was safe. It also allowed them to be HIPAA compliant.

To learn more about building cyber resilience with layered security, download our guide.

How easy is email encryption? You’d be surprised.

When it comes to keeping sensitive data safe, email encryption is a necessity. But it doesn’t have to be a necessary evil.

Too many employees and IT experts have experienced the pain of trying to use a needlessly complicated email encryption solution. There’s the endless steps, the hard-to-navigate portals, and the time-consuming processes that add up to a frustrating experience for most.

If this is the experience you’ve come to expect, Webroot Email Encryption powered by Zix is here to surprise you. Webroot simplifies, streamlines, and secures the encryption process making email security easier than ever.

Transparent delivery simplifies the recipient process

The recipient process has historically been one of the biggest pain points for email encryption software customers. It’s often complicated and cumbersome, filled with portals, secret passwords, and extra steps. It shouldn’t be that difficult just to read an email, and now it doesn’t have to be.

Webroot Email Encryption drastically simplifies the email recipient process. When both the sender and the recipient are Webroot clients, the software will encrypt the outgoing email from one customer, and send it to the recipient completely transparently—regardless of the email content. No portal, no passwords, no extra steps – just a blue bar at the top of the email confirming it was sent securely. From there, the recipient can reply to the email exactly as they would a regular email.

Even without transparent delivery, Webroot’s Email Encryption makes the recipient process intuitive for non-Webroot clients. The recipient secure email portal is designed for non-technical people to be able to access, read, and reply to encrypted emails easily.

State of the art filters enable automatic encryption

Security tools only work when people use them, and even with the best IT policies in place, it’s difficult to stop employees from sending sensitive information without encryption. While many organizations have increased their employee training amid an increased threat landscape, training only goes so far.

Exposing sensitive information isn’t just an organizational problem, it’s also a regulatory one. The Health Insurance Portability and Accountability Act (HIPAA) requires that all patient data is kept secure and private. With traditional email encryption solutions, this burden falls on employees every time. For healthcare organizations, this is an added layer of complication on top of an often hectic landscape for employees.

Thankfully, Webroot’s Email Encryption offers automatic encryption, removing the burden from employees of having to remember to encrypt sensitive emails every time they send one. Webroot Email Encryption provides out-of-the-box automatic policies for HIPAA, Social Security numbers, and financial information. When a policy is triggered—whether the sender has elected to encrypt the email or not—emails can be encrypted, blocked or quarantined.

The result? Any email containing sensitive information is automatically encrypted, saving both employees and the organization at large from the threat of a security breach.

Purpose-built add-ons make integration seamless

Email encryption is just one piece of the cybersecurity puzzle. Every organization has a unique set of security needs, and a threat could severely affect operations at any time.

That’s why it’s important to ensure your email encryption solution comes along with purpose-built add-ons and can also seamlessly integrate with other security solutions. Webroot Email Encryption can be easily integrated and is also part of a larger network of threat protection that keeps your organization safe.

OpenText Cybersecurity brings together a number of product families (Webroot, Carbonite and Zix) that can be brought in to improve and enhance the overall user experience, like:

Single sign-on with SAML 2.0: Allows a user to login to their Webroot Secure Message Portal with their own credentials they’ve already created through the customer’s website. Without having to login again, users click a link to be taken directly to their secure inbox. This feature is implemented in using SAML 2.0, which authorizes user access to web services across organizations.

Webroot Email Threat Protection:  Email Encryption provides multilayered filtering for both inbound and outbound emails that lets the right emails through while blocking malicious threats such as phishing, ransomware, impersonation, business email compromise (BEC) and spam. It also offers attachment quarantine, link protections, message retraction, and a round-the-clock live threat analyst team.

Ready to learn more?

Seeing how simple email encryption can be is surprising, we know. And we’ve only just scratched the surface. If you want to learn more about how OpenText Cybersecurity can help make email surprisingly secure and simple, you can request a demo here.

Educating girls on how to be their own cyber hero

No matter how old you are, it is important to learn how to stay safe online! According to a study conducted by Learning Innovation, more than 93% of students have access to smartphones and laptops. Cyber threats show no sign of slowing down, which is why it is important to stay up to date on security best practices.

That’s one of the many reasons why we are so passionate about partnering with the Girl Scouts of Greater Chicago and Northwest Indiana to help girls be more cyber aware. Girl Scouts is a volunteer led organization that stretches from coast to coast to help girls bring their dreams to life and build a better world.

Together, we aim to educate Girl Scouts through lessons that focus on simulations of existing and emerging cyber threats, how to safely preserve important files and memories and what to look out for when browsing online.

Becoming a cyber hero

Our Cyber Resilience patch program provides Girl Scouts with the opportunity to engage in fun and educational hands-on activities that ignite awareness and create better online behaviors.

Last month, we joined the Girl Scouts at their annual Cookie Rally that had over 2,000 girls and their families in attendance. We shared cybersecurity and safe online practices with the girls before they kicked-off their cookie season. While selling cookies is done primarily via in-person buying, selling cookies online has grown in popularity.

This past October we kicked off our first patch program for the Brownies (grades 2-3) and Juniors (grades 4-5) and through a series of fun activities, the girls can learn how to navigate online dangers and stay safe online.

This is just the beginning! We are in the process of rolling out more programs to teach more girls (and age groups) about the importance of cybersecurity and being safe online.

Interested in learning more about our security products? Visit us at webroot.com.

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

Online romance scams take aim at your heart and identity. Avoid these red flags

Online dating scams are on the RiseAccording to the FBI, Americans lost $1 billion in 2021 due to online dating scams; 2022 numbers are expected to be higher.  

Romance scammers are masters of disguise. They lead people on with talk of love and then attempt to trick them into giving money or personal data. As demonstrated by The Tinder Swindler, anyone at any age can be manipulated into a romance scam. 

Dating sites and apps are a convenient and easy way to find a match. They also present an ideal opportunity to fool unsuspecting hearts with common scams like:   

Of course, not all tactics are as obvious as the above. Be suspicious of someone who asks you to move your communication off the dating site/app to a different platform; this could be a sign that the person is trying to avoid detection, being flagged or that they want to share a malicious link for you to click on. 

To protect your heart, data and identity while online dating: 

Webroot Antivirus with Allstate Identity Protection provides the much-needed extra layers to protect your data and identity from scammers looking for more than your heart.  To learn more visit webroot.com

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

Forget the gym – start 2023 right by getting your digital life in shape

The welcoming of a new year also welcomes the return of one of the most overused sayings in our shared lexicon: “New Year, New Me!” While there are countless overused resolutions like starting a workout regimen, the new year does provide an opportunity for additional self-improvement that most people never consider – bolstering cybersecurity protections.

If the beginning of the new year follows the trends of the last, there’s a good chance phishing will spike in the first four months of 2023. Rather than take a vacation to spend their holiday earnings, cybercriminals are using the new year as a prime opportunity to access bank accounts, install malicious software, and steal identities to commit fraud. These threats are especially prevalent as millions of people set up new devices, facilitate online shopping returns, and shop online with money and gift cards received throughout the holiday season.

Fortunately, through its new partnership with Allstate Identity Protection (AIP), Webroot will help you easily protect your devices, identity, and privacy. The partnership combines Webroot’s digital device protection with AIP, which shields the personal information and data you share online. Together, the two services offer multi-layer protection against cyber threats to protect your digital life.

Webroot Premium with AIP includes anti-virus protection for up to five devices, identity protection for one individual with up to $500,000 in fraud expense reimbursement*, up to $50,000 in stolen funds reimbursement*, and a password manager and secure browser for privacy. But the protection doesn’t stop there; additional benefits include:

Device protection:

Identity protection:

Privacy protection:

As we kick off this new year, don’t sweat the gym or stress about a resolutions list. Start 2023 off right with comprehensive device and identity protection. To learn more, visit Webroot Premium with Allstate Identity Protection.

*Allstate Identity Protection Legal Disclaimer

Identity theft insurance covering expense and stolen funds reimbursement is underwritten by American Bankers Insurance Company of Florida, an Assurant company. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Product may be updated or modified. Certain features require additional activation.

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

The 5 most important rules for online shopping

The end of year holidays mark the busiest time of the year for online shoppers. We’re all rushing around trying to find the right gift that doesn’t break the budget. Throw in family time and stress can get out of hand.

Sadly, this time also marks one of the busiest times of year for online hackers. With the flurry of activity online, they know they’ve got ample targets.

Of course, not all targets are equal. Hackers would rather make a quick buck than spend their time forcing their way through in-depth security. That’s why it’s so important to follow the 5 most important rules for online shopping.

1. Strengthen your passwords

There’s no reason to still use the same password you came up with in high school. It’s a dirty truth that big businesses suffer data breaches – that means the longer you use a password the more likely it’s been hacked. Even if you’re not using that old website, hackers might know your information and will try logging in to common sites using your old email + password combination. We know it can be a pain to keep track of everything, and that’s why we recommend using a password manager service.

2. Visit reputable sites

We all want to score the best deals on holiday shopping, but the old adage is true – if it seems too good to be true, it probably is. You don’t need to go to sketchy sites to find the best prices. The biggest retailers have deals all season long. Plus, when you use a big site you don’t run the risk of getting a knockoff product.

3. Protect your WiFi

So much of our life is on the go, and holiday shopping is no different. Did you know that WiFi networks are often targeted by hackers and scammers? Even the one in your home can be spoofed, allowing thieves to steal your information. That’s even more true when you’re connected at the local coffee shop. With a VPN (Virtual Private Network – something all the best antivirus options offer), your information is secure no matter where you connect.

4. Invest in antivirus

You get what you pay for doesn’t just apply to your shopping. If you really want to make sure you’re safe online during the holidays, you want to make sure to invest in a reputable antivirus. No one wants a knock-off gifts – they’re low quality and unreliable. So why would you settle for a knock-off antivirus? Look for an option that has lots of good reviews, or even better go to a big box store and ask their experts for recommendations.

5. It pays to be suspicious

A healthy amount of suspicion can go a long way in protecting yourself while you’re shopping online (and let’s not get started on the sketchy ads we all get on social media). It’s always important to trust your gut. It’s also important to be wary of free money, unexpected calls from financial institutions and sites asking for personal information (rather than just billing info). And let’s not get started on the sketchy ads we all get on social media.

Holiday shopping can be stressful enough, don’t let it get worse with a stolen credit card or hacked computer. Follow the 5 most important rules for staying safe online and you can shop worry free and get back to celebrating.

Interested in learning about award-winning antivirus?

Discover Webroot.

Need help deciding which Webroot product is right for you?
 
Take our short quiz to discover the ideal plan for safeguarding your devices, privacy, and identity—whether it’s for you or your entire family.

 

Webroot™ Premium: The all-in-one protection for your devices and identity

The risk of becoming a victim of identity theft has never been greater

We are increasingly living our lives in the digital realm. Whether we’re banking, purchasing or browsing, our daily activities are most likely taking place online. Not only has this sped up our efficiency, but it has also expanded our exposure to a host of cybercriminals who are eager to use our personal information.

According to the Federal Trade Commissioner (FTC), incidents of identity theft and related fraud rose nationwide in the United State in 2021. Consumers lost more than 5.8 billion, skyrocketing over 70% from the previous year. The FTC received 5.7 million fraud and identity theft reports in 2021. Over a million of these reports were consumer identity theft cases.

The rise in identity theft and fraud means it’s especially important to secure not only the devices you use but also your personal identity.

Your identity is unique to you. Keep it that way with Webroot and Allstate Identity Protection

There are many steps you can take to ensure your identity isn’t compromised:

  • Shredding bank statements
  • Securing important documents
  • Ensuring your passwords are effectively managed
  • Investing in a quality antivirus for your devices

However, these actions won’t help you regularly monitor your financial accounts, scan for emerging threats or provide fraud or stolen funds reimbursement.

That’s where Webroot can help. Webroot has partnered with Allstate Identity Protection to offer two unique ways to preserve both your devices and identity: Webroot™ Premium and Allstate Identity Protection Add-on.

The same trusted antivirus but with the added bonus of identity protection

Webroot Premium is a combination of our top-of-the-line antivirus protection and Allstate Identity Protection.

Enjoy all the great benefits of our antivirus plus these great features:

  • Dark Web, financial and identity monitoring: Credit card and bank account transactions, 401(k) and account takeover
  • 24/7 U.S.-based customer care
  • 1 bureau credit monitoring
  • 550K in fraud expense and stolen funds reimbursement*

In addition to Webroot Premium, we’re offering existing customers the chance to keep their current Webroot subscription and just add identity protection with Allstate Identity Protection Add-on.

Experience the benefits of your current Webroot antivirus plus:                                              

  • Dark Web monitoring with social security trace
  • Financial monitoring with account takeover alerts
  • Identity monitoring, including identity health status updates
  • 24/7 U.S.-based restoration
  • $25K fraud expense reimbursement*

This holiday season, ensure your online shopping purchases remain secure while safeguarding your devices and identity with Webroot and Allstate Identity Protection.

Learn more about Webroot Premium and discover what our comprehensive protection can do for you.

Allstate Identity Protection Legal Disclaimer

*Identity theft insurance covering expense and stolen funds reimbursement is underwritten by American Bankers Insurance Company of Florida, an Assurant company. The description herein is a summary and intended for informational purposes only and does not include all terms, conditions, and exclusions of the policies described. Please refer to the actual policies for terms, conditions, and exclusions of coverage. Coverage may not be available in all jurisdictions. Product may be updated or modified. Certain features require additional activation.