Did you know your antivirus software might be collecting your data and selling it to marketers?
It could be happening if you use the free antivirus program Avast.
“By default, Avast not only collects your browser activity, but it also sells it to marketers,” writes cybersecurity expert Craig Petronella. “If you use Avast, companies can view your ‘clickstream data’ to learn your online behaviors, down to the literal millisecond.”
Stay up-to-date on the latest cybersecurity trends through Alta Pro Lawyers RPG, a risk management program offered exclusively to lawyers who purchase professional liability coverage through Alta Pro Insurance. Here’s how to join.
Below are two blogposts on the latest cyber news from cybersecurity expert Craig Petronella.
A lot of people use Avast’s antivirus to protect their computer. It costs you nothing out of pocket and it’s a pretty effective little cybersecurity tool.
Sound too good to be true right? That’s because it is.
And while the company buying your data doesn’t have access to your other personal information, you are assigned a “Device ID,” which is a number assigned to your browser data.
And, think about it… If they can see what you’re doing and you go to Facebook or any other social media site, it wouldn’t take a rocket scientist to figure out who you are.
So even though Avast states that your data is anonymous, if you go to a personal site or check your email, they’ll be able to figure it out pretty quickly.
Did you install Avast with the default settings and click “I agree” without looking at what you’re agreeing to? If yes, then at the very least your browsing history is being sold via Jumpshot. That being said, it’s the main desktop app that collects your data, not the browser extension.
Our best advice to you is to: (1) Uninstall Avast. Once it’s uninstalled, they can no longer harvest your data. (2) Use more reputable cyber security software. Cyber security is no joke, especially if you run a small business.
Your Medical Secrets May Be Held Hostage
It’s a breezy but sunny afternoon. You’re going about your day, minding your own business when you receive a random text message from an unknown number saying that they have personal medical information about you that they will release, unless you pay up… Complete with photographs.
You text a few of your friends telling them, “Very funny!” but soon you get a sinking sensation in the pit of your stomach when you come to the harsh realization that this isn’t a practical joke.
Only your closest of friends knows about your embarrassing medical condition. You don’t discuss it on social media. They only way a stranger could find is through your medical records, but how could that be? Isn’t your personal medical data secured? Was your healthcare provider hacked???
You want to throw up. How can you every trust your doctors again?
Being notified by your healthcare provider that your electronic personal health information (ePHI) has been compromised is a horrible feeling all on its own. And being the provider that has to inform their patients is also harrowing. But imagine that YOU are the one notified by a PATIENT that this has occurred, after they received a ransom from the cybercriminal! Is there much worse of a feeling than losing the trust of your patients because of your own negligence?
Could this really happen?The sad reality is that, yes, it could. And it has.
As of today, it’s not exactly a common occurrence, but it’s happening more and more often as healthcare providers are targeted with more frequency. Not only are the hackers demanding a ransom from the medical practice, but also from the patients themselves.
This is precisely the scenario that The Center for Facial Restoration (TCFFR) of Miramar, FL found themselves in late last year. TCFFR’s lead physician, Dr. Richard Davis, MD, received a ransom demand after their server was breached on November 8, 2019. This, in and of itself is (unfortunately) NOT an uncommon occurrence.
What IS uncommon, however, is what they discovered next, that the hackers were ALSO ransoming the individual patients, as well. They claimed to have complete access to patients’ PHI and threatened to release the data, complete with photos, if their demands weren’t met… by the patients. This has had a massive impact on not only the patients, but the company, as well, whose fate is still up in the air.
If you have professional liability coverage through Alta Pro Insurance, you’re invited to attend a free CLE webinar on Cybersecurity 101 coming in March. Stay tuned for more details. Free webinars are one of the many benefits of being a part of the Alta Pro family. Here’s how to join.
About the Author
Craig A. Petronella is the CEO of Petronella Technology Group Inc, a cybersecurity group that specializes in helping law firms with security and compliance. With 30 years of experience, he is the author of “How Hackers can Crush your Law Firm,” Peace of Mind Computer Support” and other titles. MIT Certified: AI, Blockchain & Hyperledger. Phone: 919-601-1601; Helpdesk Support: 919-422-2607. For more information about a cyber-crime risk assessment call: 1-877-468-2721
