The Cocoon Blog
The Internet as it should be: private, secure and virus free

I’m a coffee shop connoisseur; the most frequent mistake I see with fellow java-lovers is the ease with which they leave their iPhones or iPads lying on the table when they go to retrieve their order. My iPhone is like a third hand when I am in public space; I never let it out of my sight.

When I am in the city (or a high crime rate area), all my devices are carefully concealed. I never give criminals an open invitation to mug me. My Jeep never announces that any semblance of technology exists within.

The lucrative secondhand market for today’s niftiest handsets has produced an explosion in “Apple picking” by thieves. A used iPad or iPhone can fetch more than $400. –ROLFE WINKLER | The Wall Street Journal

After pressure from Congress, regulators and police departments-  the FCC and four major US carriers (AT&T, Sprint, T-Mobile & Verizon) have agreed to form a national joint blacklist database so that stolen devices will not be able to obtain new service. This service should be available sometime in October 2012.

Verizon currently does not allow devices that are stolen to be operated on their network. Sprint cuts off phones that have been reported as stolen and T-Mobile suspends accounts that report stolen phones. AT&T was slow to jump on the bandwagon – but was pleased to join the blacklist initiative.

iCrime

There is a certain mindset that dances to the tune “This could never happen to me!” Get over it already because iCrime could easily happen to you. Gadget theft is big business. My daughter recently experienced the bitter reality of iPhone theft when Siri danced away from a neighborhood BBQ in the arms of a stranger. She was devastated. I couldn’t say “I told you so,” because sometimes people think that the world is made up of entirely nice people.

How can you beef up your security?

Within one hour, Mat Honan of Wired lost his entire digital life to hackers – why? Through the use of social engineering tactics, hackers tricked Apple service reps into granting access to Mat’s iCloud account. Unfortunately, two of his online accounts was daisy-chained – enabling the hackers to gain access to his Gmail and Twitter account. It was a difficult and extremely harsh lesson for Mat to learn and many of us on Twitter sympathized with his pain.

I should have been regularly backing up my MacBook. Because I wasn’t doing that, if all the photos from the first year and a half of my daughter’s life are ultimately lost, I will have only myself to blame. I shouldn’t have daisy-chained two such vital accounts — my Google and my iCloud account — together. I shouldn’t have used the same e-mail prefix across multiple accounts — mhonan@gmail.com, mhonan@me.com, and mhonan@wired.com. And I should have had a recovery address that’s only used for recovery without being tied to core services. –Mat Honan | Wired

Learn from Mat.

Security comes with a price

You are going to have to make a choice between security and convenience. I have learned that inconvenience is one giant step toward fighting iCrime. Backing up data, using complex passwords, disabling services that could open the door to stolen devices – is mandatory when it comes down to proactive versus reactive.

I never want to place myself (or my devices) in a “reactive” position!  I am the type of person that often plans ahead for security disasters. It is the same reason that I use digital surveillance (to upload real-time office images to a remote server) – I take the necessary time to configure and manage my digital assets in order to make life miserable for a potential thief or hacker.

 The Top Ten

1- Backup your iPhone and check the option to encrypt data. You won’t know how much you miss until your iPhone becomes wiped or stolen…

The simplicity of iPhone is that all you have to do is connect your iPhone to iTunes and let it do it’s magic. I use a Windows laptop to back up to the cloud and a Mac to backup locally. I don’t take any chances that either the cloud or the local backup is going to screw me over. Be paranoid – it’s worth it.

2- Use a complex password and set auto-lock on. Strong passwords are still key…

Strong passwords are the first roadblock against thieves and hackers. Don’t bother using a “simple passcode (4-digit numeric) – though there are 10,000 possible combinations for a simple passcode, the complex password offers the strength of 77 to the 37th power.

How do I do it? Navigate to your Home Menu > General > Passcode Lock On > [enter your 4-digit passcode]  Select Turn Passcode off > [enter your 4-digit passcode] Enter Your New Passcode > Click on  Next > [Re-enter your new passcode] and click on DONE.

Also, be sure to Set Auto-Lock to ON: Settings > General > Auto-Lock > Choose 1-5 minutes. Auto-lock is not a strong security function by itself, but when combined with a strong password – it becomes part of a strong security feature.

3- Enable Erase all data on this iPhone after 10 failed passcode attempts. Go to Settings > Passcode Lock > Enter Your Passcode > Click on Done > Erase Data = ON > Enable

If someone steals your iPhone and tries to brute force it, they will be out of luck on the tenth attempt, (when trying to break your passcode) and your phone will be wiped and returned to factory defaults.

4- Enable Find My iphone.  You can download Find My iPhone from the app store or access it through iCloud. You will need to enter your Apple ID and password to access it.

5- Keep your iPhone updated at all times! Simply plug it in to iTunes or download Lookout Mobil Security from the app store.

6- Download apps that come from reliable sources - Such as the App Store. If your phone is jailbroken, Cydia might be the only answer.

7- Disable Bluetooth. Only turn it on when you need it.  Go to Settings > General > Bluetooth > Off

8- Turn off SMS preview. This option is not critical but it can stop a thief from viewing your incoming messages!

9- Manage location settings. Use location settings on a per-application basis only. Go to Settings > Location Services > Turn off all unnecessary apps.

10- Secure your Internet connection . Public Wi-Fi may appear convenient but an unsecure connection can leave you vulnerable to attack. Never allow your iPhone to automatically connect to a wi-fi network. Go to Settings > Wi-Fi > Ask To Join Networks > OFF

Risky behavior on potentially unsecure wifi

67% access personal email
63% access their social network acct
31% shop online
24% access their bank account

Cocoon and its iOS app GetCocoon create a barrier between the user and the Internet, leveraging secure, SSL-encrypted connections to each Internet activity (similar to what banks use). Cocoon eliminates tracking, “man-in-the-middle” attacks, and WiFi sniffers.

Airports, restaurants, coffee shops, businesses, dentists, libraries and even public parks offer public access to Wi-Fi for free. Surfing unsecured hotspots can open your data pipeline to some very unsavory characters.  Whether you use it for convenience or because there is no other Internet connection available — the bad guys still have all kinds of tools to gather and steal information from you.

Let’s say you find yourself sitting at a local coffee shop taking advantage of the available Wi-Fi. You’re searching the web for an affordable gift to give your loved one for their birthday next week. Credit cards in hand, you chat with friends on Facebook pleading for any last-minute ideas before making a purchase. Not only are there many things that could go wrong with your unsecured shopping experience, but anything else requiring your login info while you’re on that free Wi-Fi connection (i.e. social networking sites). This is precisely the type of situation that could lead to identity theft, access to files on your computer’s hard drive, or full disclosure of any private information you send or receive over that network.

A common approach to intercepting private data and opening the door to identity theft is the “Man In The Middle Attack.” In the past, free programs like Firesheep have made it possible for even less tech savvy people to perform such an attack. The program could, for instance, hijack an active Facebook, Twitter, or even bank account session if the victim is using an unencrypted network. This applies to many of your online accounts, so think about it before logging on Facebook, accessing your bank portal, or making a purchase via public Wi-Fi.

 Here are a few of the ways you can reduce the risks of using public Wi-Fi:

•   Encrypted Wi-Fi - Wherever possible, choose a password-encrypted network to help you increase your protection. Always make sure to set a password for your home network to keep undesirables out. 

•   HTTPS - Using websites that utilize HTTPS (rather than standard HTTP) may help you in some scenarios, but this remains limited. While on Facebook, check the address bar to make sure you see “https” and not just “http”. If you are not in https mode, check your Facebook Preferences page and make the change.

•   Avoid Firefox password saving - If you’re using Firefox, it is recommended that you do not use the browser’s built-in password saving tool, because it is unencrypted to anyone who has access to your computer. To see any of the passwords that Firefox has saved for you, simply go to your Firefox Preferences in the Firefox menu; click on the Security tab; then go to ‘Saved Passwords’ in the bottom right corner. If you have passwords saved, we recommend deleting them while in this menu. Once there, all that’s needed to show your full passwords is to highlight a website and click ‘Show Passwords’.

•   Unknown public Wi-Fi networks - Avoid joining unfamiliar public networks, as they may be bait set up by hackers looking to steal your personal information. In airports, for instance, hackers have been known to create networks such as “Free Wi-Fi” designed to steal travelers’ passwords, bank account information, and any other data being accessed through the network. 

•   File sharing - Disable file sharing while you travel to prevent hackers from stealing private data from your device.

•   Disable automatic Wi-Fi connecting - Ensure that your laptop, tablet or smartphone is not configured to automatically connect to open networks within its range.

If you found this article helpful or have more ideas to add – leave us a comment!  You can also visit us on Twitter and Facebook. –Vernon | GetCocoon

The majority of Internet security risk factors for the back-to-school-gang can be controlled with the right online tools, the right attitude (a willingness to learn and apply the necessary strategies) and the desire to become proactive versus reactive.

1. Weak Passwords
2. Privacy 
3. Malware
4. Mobile App Risks
5. Unsecured Wi-Fi

The web is often the perfect playground for cybercriminals’ to snare victims. Social media houses the glitter with connections, apps, games and traps. Major search engines feed the curious, but can also circumvent legitimate searches and replace them with offensive content.

1. Weak Passwords

Using the same weak password across multiple sites gives a hacker an entrance to highjack all your online accounts; has the potential to steal bank login information and potentially wipe your bank account out.

A weak password such as 123456, password,  abc123, or using your first name or pet’s name as your password is the Achilles heel of online security.

Passwords are your first line of defense against cybercriminals. Create complex passwords for each site (do not share the same password at multiple sites), change them frequently and create accounts at sites that use good encryption.

The weakest link on social media sites is the use of weak (123456)  or common passwords (password). If you use passwords that can be traced directly back to you (Example: getcocoon) or use the name of your family pet (Example: cocoonpuppy) – these type of passwords can easily be figured out with a bit of social engineering and access to your Facebook page. Never use passwords that are associated with something that can be traced directly back to you.

How long would an online attacker using a password cracker at 1,000 guesses per second take to figure your password out? Let’s take a look at how effective your password is at GRC:

If your password is 5 characters long and uses:

*Just numbers, the time to “crack” = 1.85 minutes (Example: 12345).

*The full alphabet but doesn’t mix upper and lowercase, the time to “crack” = 3.43 hours (Example: alpha).

*The full alphabet and numbers 0 through 9 but doesn’t mix upper and lowercase, the time to “crack” = 17.28 hours (Example: alp12).

*The full alphabet and numbers with mixed case, time to “crack” = 1.54 weeks (Example: Alp12).

Use a combination of uppercase, lowercase, numbers and symbols

*If we combine the alphabet, numbers, mixed case and use 6 characters instead of 5, the time to “crack”  jumps to 1.84 years (Example: Alph12).

*If we go to 8 characters and throw in symbols like # % & *, the time to “crack” jumps to 2.13 thousand centuries (Example: Alph12*!).

 2. Privacy : Online Tracking

There are a number of companies that track your movements on the web and sell the information to the highest bidder in real time bidding…

“Already, the web sites you visit reshape themselves before you like a carnivorous school of fish, and this is only the beginning. Right now, a huge chunk of what you’ve ever looked at on the Internet is sitting in databases all across the world. The line separating all that it might say about you, good or bad, is as thin as the letters of your name. If and when that wall breaks down, the numbers may overwhelm the name.” –The Atlantic

Acxiom has a reputation of collecting data better than anyone else. They collect everything including websites, loyalty programs, retail point-of-sale data, self-reported sources, public records,  employment drug testing data, background checks, criminal histories, birth records, education data, vehicle identification numbers, driver’s licenses, marriage  licenses, and you can bet that they know what you feed your dog too.

Internet users should be informed that there are tools available, such as Cocoon, which give Internet users control of their private information and places a roadblock against online tracking.

3. Malware

Malware, otherwise known as malicious software is created by cybercriminals for the sole purpose of bringing some type of harm to your computer or mobile device. Whether it is used for spying on you, stealing your passwords or personal data, holding your computer or device for ransom, conducting financial theft, or targeting you for membership in a botnet - the final outcome is never intended to be in your favor.

Malware is a blanket term that can include viruses, Trojans, spyware, root kits, adware, worms, key loggers, web hijackers and other malicious scripts. It can be hostile, intrusive, insidious, annoying; or lay dormant for a time.

Malware is no longer a threat that is exclusive to desktop operating systems. The RSA 2012 CYBERCRIME TRENDS REPORT white paper stated that 2011 marked the year of new advanced threats on a global basis. In 2012, cybercriminals are finding new and innovative ways to monetize non-financial data, while hacktivism is on the rise. They predict that “InfoStealers” for the mobile platform will emerge with Trojans that are designed to “keylog touch-screen input and monitor data traffic through the mobile device.”

4. Mobile App Risks

From unregulated practices in mobile advertising to cell tower dumps, our mobile privacy is under constant attack. We’ve come a long way since Martin Cooper’s Dyna-Tac 2.5 lb brick (1973); but in 2012 mobile users are still shaking at the short end of the mobile privacy stick.

Cyber-crooks develop rogue apps to steal private data such as passwords, credit card information and piece together personal information in order to commit identity theft.

A recent study on Mobile Privacy Policies from the Future of Privacy Forum, stated that out of the free apps surveyed, 66 percent had privacy policies, while only 33 percent of the paid apps had privacy policies.

Many mobile apps need advertising in order to continue offering “free” apps. Some ads are invasive and take too much data from a user’s phone or they may install software in the background without user knowledge. Many mobile apps also routinely send data to marketing companies and use the collected data to compile dossiers on mobile phone users.

*Only download apps from well-known and trusted sources.

*Avoid downloading apps that have only been downloaded a few times, have few or no ratings, and no privacy policy.

*If a free app that you like has an upgrade and a no-advertising version is available – purchase it!

Mobile malvertising is another vector for attack. The ads look genuine, but when the user clicks on a malvertised ad they end up at a malicious site that downloads malware to their device.

Aggressive ad networks are much more prevalent than malicious applications. It is the most prevalent mobile privacy issue that exists,” Kevin Mahaffey, Lookout’s technology chief and co-founder, told Reuters in an interview.

5. Unsecured Wi-Fi

Airports, restaurants, coffee shops, businesses, dentists, libraries and even public parks offer public access to Wi-Fi for free. Surfing unsecured hotspots can open your data pipeline to some very unsavory characters.  Whether you use it for convenience or because there is no other Internet connection available — the bad guys still have all kinds of tools to gather and steal information from you.

Conclusion

Browsing the Internet with Cocoon will route all of your traffic through our encrypted servers, so prying eyes cannot see it. This is especially valuable on a public WiFi network where man in the middle attacks commonly occur.

The use of Cocoon while surfing Facebook, banking, or shopping on a public network will keep lurking predators from hijacking your private session.

Cocoon’s encrypted tunnel will ensure that viruses and malware never reach your computer. This highly decreases your chances of becoming part of a botnet, having your personal data stolen, or worse. Don’t give cyber criminals the advantage, stay safe and be vigilant.

The potential for you or me to become the next victim of cybercrime is something that we both need to think about. I’ve been a victim a few times and I can tell you that it is frightening to be on the short end of the cybercriminal stick.

My heart was pounding…

Late one afternoon (in early 2011) my bank balance appeared to be dropping fast, and the only connection I could see was that it involved Megaupload Limited and PayPal. I contacted both PayPal and the 800 number to my bank, but I honestly did not feel as though they were doing enough to resolve my situation. The theft was happening in real time! So I did the next best thing and jumped on Twitter and tweeted that an account using  Megaupload Limited was draining my bank account via paypal! (At that time my main bank account was still back east in New Hampshire).

Twitter can be used as a powerful forum to get your point across if you know who to tweet to and the correct hash(#) tag(s) to use. It wasn’t long before I was on the phone with managers from PayPal and the bank and all was made good again. A story like mine does not always end as sweetly.

The victims of cybercrime suffer…

For victims like Michelle Marsico who owns a small business based in Redondo Breach, California; logging into her bank account one day turned into her own personal horror flick when she realized that half a million dollars was hauled off by money mules. Cybercriminals will stop at nothing to get what they want and they do not care if they take your grandparents life savings or rob your child’s college fund. If the money is there and they can find a weakness in security, a vulnerability in a web app, or an open door that lets them in – your money will become their money.

According to Bloomberg Businessweek: Online banking fraud is primarily carried out in two ways. In a phishing attack, criminals impersonate bank websites in order to get unsuspecting users to provide their login credentials. The other modus operandi of online banking frauds is to install keystroke-logging malware.

Of course there are other banking attack vectors such as man-in-the-middle attacks, man-in-the-browser attacks, cross-channel attacks and pharming (Trojan horse/virus on the victim’s computer). At times Internet  threat possibilities can become quite overwhelming.

Time for the geek-gal stuff…

I use desktops with Vista and Windows 7, an iMac, a laptop (Win 7), a Linux server, an iPhone and an Android. I find myself layering different operating systems with whatever flavor works for me. On Windows and iMac I generally use Cocoon in varying capacities and also use Cocoon on my iPhone as my primary browser of choice. On my Linux machine I am mainly inside my terminal and rarely use a browser. If I am on public Wi-Fi – Cocoon is my top choice for browsing the Internet.

I also find times that I use other services such as TorProject, Abine, and Hotspot Shield. It all depends upon the nature of what I need to do online when I am away from home or traveling. I am a very strong advocate of Internet security and privacy and appreciate having a multitude of online tools to choose from!

In a nutshell…

 There is no all-in-one solution for online privacy and security. 2012 is the year of layering. We are at a point in our digital lives where we need to steer the ship away from the hacker-reef. We need to take account of all of the solutions that are currently available to us for online security and privacy and utilize them via layering so that we can enjoy our online experience instead of fearing it.

A little bit of Cocoon history…

Cocoon began in 2008 with co-founders Jeff Bermant and Brian Fox. Jeff had a really bad experience when his server was toasted by a virus that spammed friends and colleagues with 30K messages a day. CTO, Brian Fox – (we all know him as the original author of the GNU Bash shell) teamed up with Jeff and founded GetCocoon from Virtual World Computing (VWC). In October, 2011 – Vernon Irvin, became the President and COO of VWC – and continues to nurture and lead the Cocoon service into avenues that will protect us and the most vulnerable  among us- our children, teenagers and grandparents.

How did ‘Teksquisite’ enter the mix…

The VP of Marketing, David Washburn approached me on Twitter in early 2011, possibly around the time I was tweeting about my PayPal account dilemma! I agreed with their company vision and have consulted with them since January 2011. They are a great team and work really hard to bring online privacy and Internet security to everyone. It is not always an easy endeavor.

Stay tuned for more cybercrime blog posts soon

My question to you: How do you stay safe online?

AppPicker’s mission is to provide a better way to discover iOS and Mac apps that are best for you…

You can read their full review here and you can also follow AppPicker on Twitter and like them on Facebook.

We’re very excited to announce that Cocoon is now available on Apple’s iPad and  iPhone devices! Now you can enjoy the same level of privacy and protection that Cocoon has brought to your computer, while on the go! With smartphone malware, public wi-fi sniffing, and mobile identity theft on the rise, it’s essential that Cocoon users are able to browse securely from any location.

Why it’s Important

A recent survey by Javelin found that 7 percent of U.S. adult smartphone owners have been victim of identity fraud. Furthermore, it is said that as much 24 percent of mobile devices reported malware infections in 2011 (PC Advisor). Mobile malware, like its desktop counterpart, has been known to send malicious text messages, location, or even log keystrokes. The Cocoon app will help protect users from a growing mobile concern: the drive-by malware download.

Perhaps the most alarming issue posing a threat to those browsing from a mobile device is the man-in-the-middle attack. This type of attack is carried out on public wi-fi networks, where users generally browse the Internet over an insecure network with a roomful of strangers. Any one of those strangers could potentially intercept sensitive data and information through what is called a man-in-the-middle attack. In addition to intercepting bank login info, email messages, or credit card details, the attacker may hijack your online accounts; giving them access to all of your personal information.

This is why Cocoon has brought it’s encrypted browsing technology to the mobile platform. With the amount of mobile browsing increasing at the rate it is, it’s becoming very important that we protect ourselves wherever we go.

Fun Tip

Did you know that the Cocoon app will allow you to create disposable email addresses on the go? Just think, you’re signing up for something online, but you really don’t want to be barraged by all that spam mail. When prompted to enter an email address on your iPad or iPhone, simply tap the email field a second time and the “Mailslot” option appears. Hit the button and voila, Cocoon has presented you with a disposable, fully anonymous email address just for that website. Now all the mail that site sends you will be delivered to its own Mailslot box available on all of your Cocoon apps, wherever you go!

Airports, restaurants, coffee shops, businesses, dentists, libraries and even public parks offer public access to Wi-Fi for free. Surfing unsecured hotspots can open your data pipeline to some very unsavory characters.  Whether you use it for convenience or because there is no other Internet connection available — the bad guys still have all kinds of tools to gather and steal information from you.

In a recent Cyber-scary contest that we featured in mid November one of our entrants realized that the hotel that they stayed at in Las Vegas did not even have a public Wi-Fi connection available! But her husband was able to easily connect to a rogue Wi-Fi hotspot to enter his credit card information:

“Haven’t been on vacation in 20 years…… We get to our hotel in Vegas. First thing my husband does is, to try to go online, to check his work email. He gets a wireless signal called Luxorhotel_guest. Clicks on it, and enters in our credit card information. We then find out that the LUXOR only offers wired internet service! GREAT!”

At Virtual World Computing, we offer free cloud-based “Cocoon” security software that automatically encrypts unsecured Wi-Fi communications. While logged into Cocoon, all your online activities beccome routed through our “secure tunnel” to a safe server that blocks the bad guys from getting to your data. You won’t have to spend your time worrying about online banking or stolen credit card information, because we keep the bad guys away.

Cocoon Features:

• Creates a virtual firewall that keeps the bad guys away from your computer.
• Provides antivirus protection; Cocoon will alert you and stop harmful or malicious files from downloading to your computer.
• Protects your personal information and activity by preventing cookie tracking.
• Prevents malware and drive-by downloads.
• Gives you the option to remotely store history and bookmarks in the cloud.
• Encrypts all your data.
• Shields your personal identity and protects your privacy.
• Provides ad hoc email addresses via mailslots that stops spam in its tracks

Cocoon provides secure connections to safely use Wi-Fi hotspots

Travelers worried about those handy free Wi-Fi hotspots at airports or coffee houses being increasingly targeted by hackers have a new no-cost option to protect their personal data and communications, thanks to a California Internet security company.

Virtual World Computing is introducing a new layer to its cloud-based flagship “Cocoon” security software that automatically encrypts those hotspot communications. While logged into Cocoon, the user’s online activities are routed through what engineers describe as a “secure tunnel” to a safe server that blocks would-be thieves. The free software is available now at www.getcocoon.com.

“Travel troubles used to mean flight delays, hotel reservation problems, lost luggage or maybe a stolen laptop. But now, we must worry about data being stolen while the computer sits right in front of us,” said Jeff Bermant, CEO and co-founder of Virtual World Computing. “Few travelers realize how easy it is for criminals to hack into their computers while on open Wi-Fi networks.”

Bermant, who helped launch Virtual World Computing after his own experience with a security breach, also warns that even if a hotspot is password protected, it does not automatically mean it is secure.

Free hotspots have become famously easy pickings for hackers setting up fake free Wi-Fi hotspots that look like the real thing (aka an “Evil Twin”). When an unsuspecting user logs on, what they are connecting to isn’t a real hotspot – it’s the hacker’s laptop. Once that happens, the hacker can use free software from the Internet (such as Firesheep, WiFi Pineapple and WiFi Robin) to hijack much of the information sent to and from the victim’s laptop.

That means everything from personal information, to usernames and passwords, and confidential business documents can be at risk.

About Cocoon by Virtual World Computing:

Virtual World Computing introduced a new layer to its acclaimed free Cocoon Internet privacy and security software. Operating in the cloud, the Cocoon service provides safety to anyone utilizing Wi-Fi for an Internet connection. While logged in to Cocoon, your online activities will be encrypted, creating a secure tunnel between you and our safe server to protect your information from being hacked by thieves, a quickly growing problem. The software will be immediately available for users of the company’s free Firefox plug-in and soon will be available in an Internet Explorer version.

VWC’s core business model is built on ensuring the highest levels of privacy, security and protection. The company’s flagship product, Cocoon, provides consumers with a better way to browse with greater privacy protection, computer security and browsing convenience. Cocoon puts the user in control of the Internet experience by ensuring that their computer and personal information are protected from malicious attacks, unwanted spam or phishing, cookie tracking and many other invasions of privacy.

According to MSNBC: San Antonio, Tampa, Fla., Atlanta, Dallas, Oklahoma, Charlotte, N.C., Detroit, Denver, Washington, D.C., and Sacramento, Calif., are the most vulnerable to online threats and the  most likely to be digitally duped. In an AVG survey of 8000 American consumers, 23% did not back up their pc, 38% shared passwords online with at least one person, 41% never ran a manual antivirus scan and 67% did not use an identity monitoring service.

In a recent AVG press release, JR Smith, CEO of AVG Technologies stated:

Recent news demonstrates that consumers need to be more vigilant than ever about safeguarding the personal information sitting on their PCs and mobile devices...Consumers are getting smarter about online threats but still fail to connect the dots when it comes to understanding that today’s climate requires users protect any device that is internet enabled. 

If you do not live in one of the top 10 cities listed above, you should still take online precautions to protect your PC or mobile device. Using a home network Wi-Fi connection with the default password or using public Wi-Fi over an unencrypted Internet connection can lead to unsavory consequences.

Owing to their poor security practices, such as sharing passwords and failing to back up their PCs, Internet users in the top 10 cities run the highest risk of falling victim to identity theft, fraudulent credit card charges, email breaches and lost or stolen personal data. -MSNBC

Cocoon, a Firefox plug-in encrypts your connection to the web and makes every site you visit as safe as visiting your online bank, even on open Wi-Fi networks –  hackers can’t get to you either.