Windows 7 is no longer secure

Windows 7 stops receiving updates today, so it will be more vulnerable to cyber-attacks. Here’s what to do if you’re still using it.

windows 7 ya no recibe actualizaciones

As of January 14, 2020, the Windows 7 operating system stops receiving updates, which means that security holes discovered from now on will not be patched.

In this way, cybercriminals will find this operating system a target for their attacks. According to Net MarketShare figures, Windows 7 is still the second most used version on computers today (32.74%), only behind Windows 10 (47.65%) and even surpassing MAC and Linux.

Users who still use Windows 7 on their computers should consider upgrading to the latest version of Microsoft. Since it will be the only way to remain protected against the types of malware that use security holes to sneak into devices.


These holidays take precautions when buying smart toys

Smart toys are a new target for cybercriminals. Follow these tips to buy and configure them safely.

juguetes inteligentes

In Cybersecurity we can say that any device that can connect to the Internet is likely to be attacked. Therefore, smart toys should be treated like any connected device in terms of security settings. Both in the choosing and buying process as in its configuration once removed from the package.

With a few simple tips we will prevent our children’s data from being processed and used for advertising purposes. Or, worse still, being stolen by cyber attackers.

This is especially important when it comes to devices that store information about children. Data that can even be videos or photographs, as with some cameras and smart watches for children.

Before buying smart toys…

When we buy a toy we can recognize if it is a connected device, if it has a camera or microphone and uses the Internet, either because the toy has a WiFi connection or because it has a mobile application that connects to the Internet.

elementos de riesgo en juguetes inteligentes. OSI
Risk elements in connected toys. INCIBE

If the device has any of these characteristics we must perform a series of checks:

Check the Privacy Policy

The privacy policies of IoT (Internet of Things) devices should explain what data is collected and the purpose of collecting them. In this way, we can choose not to use the ‘smart’ features if we see that the toy aims to offer targeted advertising to the child or sell family personal data to third parties. Something that could also go against data protection laws.

Check if it requests registration on a web page or application

Some connected toys allow you to extend the playing experience by using the manufacturer’s website or an application. In this register the manufacturer may request personal data and other valuable information. It can also happen that this extension of the game is about cloud storage of the information collected (audios, photographs, videos, interaction data …).

In these cases, we must bear in mind that these services can be attacked by cybercriminals, as has happened with the smart toy company VTech, from which credentials, photographs and personal data of 5 million users were captured.

If we have to register in order to use the toy, we can take measures like these:

  • Use invented data, as far as possible
  • Do not use real photos that allow to identify your children.
  • Consider using a specific email account for this type of record and not the one you use daily.
  • Use a strong password that you have never used before and do not reuse it in other services.
  • Change the access password to the portal or application if the company ever alerts of a security breach.
  • If you need to save payment data, use a prepaid card provided by your bank.
  • If the toy uses cloud storage, check that the website has an adequate level of encryption and change the default password.

See if it has reported any security issues:

We will investigate on the Internet if the smart toy we are going to buy has suffered security breaches before and if they have been solved. This will reveal to us whether the company cares about the privacy and safety of children.

Check that it has Security Settings:

Being an electronic device, the company should offer information on security measures. So we can know if it has a default password, if it receives updates, if it has parental control or if its ‘smart’ features can be completely shut down.

Configure your connected toy safely

A smart toy is not like your child’s other knick-knacks. Before connecting and playing with the device, we must open it with the child and explain what we are going to do next: configure it safely.

This is a great way to raise awareness among young people about the importance of keeping their data safe. By setting up the toy together, he can familiarize himself with the safety of the devices.

  • Change the default credentials: this is the first security measure we must take when buying any device with a predefined password. In this way, we prevent cybercriminals from finding out easily.
  • Check the privacy settings: If the toy has a configuration screen, go to it and disable the privacy features that the device does not need for it to work. If it uses an application, deny permissions in the phone settings and go to the app’s privacy settings as well.
  • Check security settings: enable automatic security updates and other useful features to protect your family’s information.
  • Disable features: if the settings allow it and you prefer that the toy not use the microphone, the camera, the location or the Internet connection, disable them in the settings.
  • Check the data storage: if the toy stores information or a history of interactions, check them periodically and delete the stored data.
  • Turn off the toy: if the device has a total shutdown mode, use it every time the child finishes playing. This will stop the data collection.

With these tips, playing with smart devices will be a safer activity for your children. And, if you need more information about connected toys, you can consult this Guide from the National Cybersecurity Institute (INCIBE) and its Safe Internet for Kids (IS4K) initiative.

It’s not a DGT fine, it’s a hoax to steal your passwords

Cybercriminals attempt to infect computers by simulating a notification of a DGT fine. When you download it, a malware tries to steal the passwords of the victims of this phishing.

multa de la dgt

Phishing attacks are the most used by cybercriminals to steal data from users. In fact, according to the latest Email Fraud Landscape report, more than 6,400 fraudulent, fake or dangerous emails are sent every day. Many of them are phishing attacks.


Mobile malware is skyrocketing, don’t you have your phone protected yet?

Mobile malware keeps growing. In the last year, banking trojans specific to devices have shot up by 56%, according to a study by security company Kaspersky.

malware móvil

Malware is not just about computers. We’re not only talking about computer viruses, but about all kinds of malicious programs.


Protect your bank details on the Internet

In the middle of the sale season, online purchases skyrocket. However, few users take the precaution of protecting their banking data on the Internet.

datos bancarios

Online shopping is revolutionizing the way of consuming. In fact, even some clothing stores are innovating in their physical stores to adapt to this change. For example, Zara has already tested the concept of a physical store solely for online order collection in London, and has also robotized and computerized some of its stores to facilitate this task.


Scan your Samsung TV for viruses

Samsung Smart TVs have a function to search for malicious programs and the company recommends periodically activating them.

samsung smart tv

In our homes there are more and more devices connected to the Internet. At first it was computers, then mobiles, tablets, video game consoles … until, little by little, other everyday objects also began to have intelligent functions, such as televisions.