8/18/2024: iOS Devices can support DNS over HTTPS through this simple provision file addition.

8/1/2020: Netgear has major issues with many of its wireless routers.  Update now. Some will never be updated, if you have one of these obsolete routers, buy a new one.

7/23/2020: C-Data networking (Cdata, OptiLink, BLIY) equipment has multiple back doors. – The company says these are counterfeit versions.

1/22/2020: SIM Swap compromises using your smartphone to get text messages to authenticate with websites. Avoid using text messages to do rescue logins.  A new paper from Princeton researchers shows how easy it is to pull off a SIM Swap against AT&T, Verizon, T-Mobile and others.  Send text messages to a VoIP number such as Google Voice  instead. Do not allow Google Voice to forwards Texts/Calls to your main number.

1/20/2020: Virtually all Cablemodems have the Cable Haunt critical vulnerability. Call you cable operator an ask them to upate your cablemodem’s software now. You cannot do it on your own.

12/10/2019: Google Smart Lock is also a great way to generate second factor authentication but using your iPhone or Android phone and their app.

10/1/2019: iOS 13 has a handy feature to stop unwanted calls.  You can set the phone to send unknown callers straight to voicemail! (Those not in your contacts) – Settings – Phone – Silence Unknown Callers

5/12/2019: Thrangrycat Attacks Cisco Switches, Firewall and routers.  Update and patch now

3/19/2019: Windows 10 is loading more and more crap.  These scripts let you uninstall the junkware and reclaim privacy.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page!  Update your Android software right away.  If your phone no longer gets updates, please consider buying a new one.

1/2019: Marvell’s Wi-Fi chip is used in millions of devices.  Unfortunately, it has a major security flaw. Look for updates soon.  Devices that have no way to get updated are worrisome.

12/2018: Marriott – Starwood Hotels got hacked, leaking a ton of data. Change your credit card if you booked there.

10/4/2018: Bloomberg reports that China has infiltrated major tech companies by compromising servers from their Chinese factories.  Never trust your hardware!

8/24/2018: HP Inkjet printers with Fax capability have a Faxploit exploit where someone could fax you a special page and take over your entire network. Patch now.

6/11/2018: The FBI has asked users to reboot your wireless router in an effort to prevent infection from the VPNFilter malware.   You should do more than this, write down its settings, reset it to default settings, and updated it to the latest software.

Always update the software for your router to the latest version.  If no update has occurred in the last 6 months, BUY a new one!  Affected devices include: (Expanded List)

Asus Devices:

RT-AC66U (new)
RT-N10 (new)
RT-N10E (new)
RT-N10U (new)
RT-N56U (new)
RT-N66U (new)

D-Link Devices:

DES-1210-08P (new)
DIR-300 (new)
DIR-300A (new)
DSR-250N (new)
DSR-500N (new)
DSR-1000 (new)
DSR-1000N (new)

Huawei Devices:

HG8245 (new)

Linksys Devices:

E1200
E2500
E3000 (new)
E3200 (new)
E4200 (new)
RV082 (new)
WRVS4400N

Mikrotik Devices:

CCR1009 (new)
CCR1016
CCR1036
CCR1072
CRS109 (new)
CRS112 (new)
CRS125 (new)
RB411 (new)
RB450 (new)
RB750 (new)
RB911 (new)
RB921 (new)
RB941 (new)
RB951 (new)
RB952 (new)
RB960 (new)
RB962 (new)
RB1100 (new)
RB1200 (new)
RB2011 (new)
RB3011 (new)
RB Groove (new)
RB Omnitik (new)
STX5 (new)

Netgear Devices:

DG834 (new)
DGN1000 (new)
DGN2200
DGN3500 (new)
FVS318N (new)
MBRN3000 (new)
R6400
R7000
R8000
WNR1000
WNR2000
WNR2200 (new)
WNR4000 (new)
WNDR3700 (new)
WNDR4000 (new)
WNDR4300 (new)
WNDR4300-TN (new)
UTM50 (new)

QNAP Devices:

TS251
TS439 Pro
Other QNAP NAS devices running QTS software

TP-Link Devices:

R600VPN
TL-WR741ND (new)
TL-WR841N (new)

Ubiquiti Devices:

NSM2 (new)
PBE M5 (new)

Upvel Devices:

Unknown Models* (new)

ZTE Devices:

ZXHN H108N (new)

4/24/2018: Windows Defender System Guard is now installed by the latest Windows 10 Updates. Make sure you are up to date.

3/21/2018: 1.1.1.1 is a free DNS Domain Name Service that helps hide the sites you goto. Cloudflare runs it and promises no logging.

3/15/2018: ID Thieves are using the IRS and filing fake tax returns. Remember that the IRS never calls or sends email to you.  They use old fashion US mail. Sign up for an IRS PIN if possible.

2/8/2018: Lenovo PCs with fingerprint readers need to be updated. Lenovo laptops with certain Broadcom Wi-Fi chips also need an update

1/12/2018: Laptops for Business use may have Intel AMT. You need to configure it or else your open to Intel AMT attacks.

1/5/2018: Meltdown and Spectre are 2 new processor chip bugs that affect most modern computers, smartphones, and tablets.  They will need software updates to mitigate this bad bug. More Details – Older system without updates are dangerous to continue to use. Time to buy new hardware.

11/21/2017: Quad9 is a free DNS Domain Name Service that helps prevent users from accessing malicious sites.  Run by IBM Security, Packet Clearing House (PCH) and The Global Cyber Alliance (GCA)

11/1/2017: Windows 10 controlled folder access anti-ransomeware is part of the Fall Creators Update.  It works well and should be used by all Windows 10 users.

10/16/2017: KRACK attack on Wi-Fi. Attackers can use this novel attack technique to read information that was previously assumed to be safely encrypted.  Virtually ALL Wi-Fi equipped devices need to be updated.  The attack is particularly bad on Android 6.0 and Linux. If you have a device with no updates (eg Internet of Things), you will be open to attacks. Using a VPN helps.

10/6/2017: Kaspersky has been implicated in stealing data from the NSA.  Uninstall any of their antivirus software right away.  It is now banned in the US government. Best Buy has stopped selling it.

9/8/2017: In September 2017, Equifax got hacked affecting 143 Million customers. (Almost everyone!) Equifax is offering complimentary identity theft protection. – Do more! Setup a Credit Freeze.

9/1/2017: Arris NVG589, NVG599 and possibly other modems, routers, gateways sold for AT&T’s U-verse service have a major security hole. If you have one, you need to update it as soon as possible to software newer than 9.2.2 or apply this fix.

5/12/2017: Wanna Cry ransomware is spreading fast.  It exploits a Microsoft bug that was patched in March 2017.  It is more infectious because it can spread throughout a local network.

WannaKiwi – Decrypts files WannaCryp ransomware. Do not reboot after getting infected.

A basic lesson in patching right away and stop running old Operating systems.  Microsoft took the unusual step to put out a Windows XP, 8 , Windows Server 2003 patch to help stop this. If you use any of these OS’s, upgrade to Windows 10 now.

4/12/2017: 2 easy ways to increase your security and not have to constantly update are:

• Uninstall Adobe Flash
• Uninstall Adobe Reader

4/4/2017: Google Project Zero has found a major flaw in a WiFi chip that is used on many Android and iPhones. Hackers can run malware on devices. Apple iOS 10.3.1 and newer fixes the bug. Android patches are rolling out soon. Make sure you update your device. Any phone that does not get security updates any more, should be recycled and replaced.

3/16/2017: Matthew Green, a well respected cryptographer and professor at Johns Hopkins has a great article discussing Secure Computing – Desktops vs Smartphones, iOS vs Android and more..

2/16/2017: Apricorn makes a secure USB flash drives that require a pin code to be entered before they function.  No software or drivers required, so it works with any operating system. Dust and water resistant durable aluminium housing

2/2/2017: Laser Printers are vulnerable to security issues. Popular printer models manufactured by Dell, Brother, Konica, Samsung, HP, and Lexmark are all affected.

2/1/2017: Netgear has updated firmware for many routers that fixes a major security hole.

1/30/2017: Security minded people use VPNs to secure their communications. Many Android VPN clients have privacy and security risks.  Be careful which you use.

12/12/2016: 26 different low cost Android devices on the MTK platform have Trojan horses built in.

12/8/2016: Keyless Car Entry: Security minded folks would never buy a car that has this feature. The National Insurance Crime Bureau has a post on how a Mystery Device is used to relay your key fob’s signal to steal cars.  It is best to wrap your key fob in foil or some RF blocking shield when you are away from the vehicle.

11/30/2016: Gooligan Malware has infected over 1million Android phones, most of which downloaded apps outside the official Google Play store.

11/15/2016: Some Cheap cell phones made in China have spyware that sends all your texts to China. This includes the $50 BLU R1 HD sold by amazon! Update the firmware of this device NOW.

10/2/2016: D-Link DWR-932B  and Quanta 4G LTE QDH routers have major security holes- Upgrade it to the latest firmware. Details

9/22/2016: Do you run a website? If so make sure you test it for security vulnerabilities. Tinfoil Security has a nice free 90 day trial.

9/21/2016: Yahoo finally admits to a biggest breach ever. It happened back in 2014 of 500 million accounts. Change your passwords, never enter ‘real’ information into security questions. Use a Yahoo Account Key instead of a password.

9/18/2016: The Rowhammer memory vulnerability is getting important everyday. See if your hardware is vulnerable using Memtest86.

7/29/2016: No More Ransom.org (Kaspersky Lab in collaboration with Europol, the Dutch National Police and Intel Security) has a new site to help vicitims.  It has a page with Decryption Tools. Beware of this company though.

7/12/2016: Kanguru makes a fast USB 3.0 flash drive with physical write protect switch and a digitally signed secure firmware to protect against Badusb.  One of the first to do this. Get item to put a Linux Live CD like Ubuntu on and keep it from getting modified by malware.

5/20/2016: ID Ransomware helps you figure out which ransomware you are effected by, so you can look for remedies other than paying. Bleeping Computer has a Support forum for Ransomware

• ESET has a decryptor for TeslaCrypt infections

2/24/2016: MouseJack is a new security vulnerability that allows a malware to be remotely downloaded onto a computer via a hijacked wireless mouse or keyboard connection. A hacker could remotely type in commands or move your mouse. Update the firmware on your wireless mouse/keyboard if possible, otherwise use a wired mouse – keyboard.

Logitech Update – Worked for us, but required several tries.

2/5/2016: Netgear Wireless routers do not automatically add passwords to hard drives that are plugged into them, leaving them accessible to anyone on the Internet. Make sure you change the default password. Hackers can use Shodan to find you quickly.

1/19/2016: The Wall Street Journal commissioned a security researcher to test 20 popular internet Wireless Routers. 10 had known security weaknesses. 4 had old firmware that when upgraded could contain undocumented security problems.  Keep your router’s software update and if it is older than 2 years, you should buy a new one. Most networking companies’ stop updating them after a year or two. How to setup a Secure Wireless Router was updated.

11/17/2015: Several tutorials have updated lists of secure instant messaging apps. Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

• Silent Circle
• Redphone
• OSTel
• Chat Secure
• Signal (Formerly Textsecure)

7/24/2015: First of its kind. 1.4 Million 2013-2015 model year Chrysler, Dodge, Jeep Vehicles are vulnerable to remote hacking that can cause the vehicle to be controlled remotely. Get the special USB drive and update your car now.

4/28/2014: A new Internet Explorer Vulnerability that has no patch, is being actively exploited by malware. US Computer Emergency Readiness Team suggests people stop using Internet Explorer. Windows XP users need to use an alternative browser like Chrome or Firefox.

If you have to run Internet Explorer, you should install the Enhanced Mitigation Experience Toolkit or unregister the VGX.dll as mention in Microsoft’s Security Bulletin

4/10/2014: Heartbleed Security Hole. Servers that use certain versions of OpenSSL software to create secure connections are vulnerable to a major bug. Lastpass has a page that can help you test websites for this bug. Flippie.io has one too.

4/7/2014: Users should change their passwords for the following sites due to the Heartbleed Internet Security Bug: fitbit.com, github.com, rememberthemilk.com, yahoo.com. Cnet has a nice list.

2/1/2014: If you own an Asus or Linksys E-series wireless router, make sure it has been updated to prevent the Moon worm. How to setup a Secure Wireless Router was updated.

Check out our Facebook Settings How To Privacy Page

Why should I be concerned about Internet privacy?

• Do you like online ads following you around from site to site?
• Can you discuss your health problems online without fear of losing insurance?
• Do you worry about publishing private information that could lead to stalking, surveillance, or identity theft?
• Does your work place monitor your Facebook or Twitter? Could you be fired over a post?
• Do you live in a country where you could be arrested or tortured based on what you post online?
• Did you know that third-parties collect information the government is not allowed to collect? The government has purchased this information too.
• Companies such as FinFisher are selling hacking software to countries and corporations to break into people’s computers and monitor them.
• Visit the EFF’s Panopticlick site to see what you are telling the world right now, before using the tools below.
• Tactical Technology Collective has tips for journalists and activists on how to increase their privacy.

60% of people polled by the WSJ.com were tremendously worried about the loss of online privacy.

The Internet appears to facilitate privacy and anonymity, but in recent years has been a battleground that pits advertisers on one side and users on the other. It has become increasingly difficult to maintain privacy on the Internet because money has gotten into the game. As online advertising has grown, companies have sprouted up, attempting to optimize Internet advertising performance by combining advertising with profiling. While individual users may not be known by name, they have become ghost profiles that are increasingly matched up with appropriate advertising. If you have found Internet ads following you from site to site, you have been profiled and are seeing the results. In this article, we will examine many methods to enhance our Internet privacy and perform operations anonymously.

One of the main goals of Internet privacy is to make that people have the ability to make informed decisions about how they act online. Users should be told ahead of time how their personal information is used and shared.

The Real Cost of Free Content

While many users assume that most content sites are free, there is a hidden price being paid, the users private information. Most online advertising companies are tracking web browsing activity across many websites in order to build profiles of users. They cross-reference and trade information to generate revenue and better target online advertising and promotions.

Hide your phone number

Once a cybercriminal gets your phone number, they can wreak all sorts of havoc including SIM Swap your phone and take over many accounts.  Hide your number or at least used a VoIP number such as Google Voice. Do not allow Google Voice to forwards Texts/Calls to your main number.

• Google
  • Remove your phone number from myaccount.google.com – Personal information
• Microsoft
  • Remove your phone number from account.live.com
• Facebook
  • Select Settings under the drop-down arrow at the top right. First, click on Mobile in the right-side menu, and remove your phone number
• Twitter
  • Click your avatar, go to Settings and Privacy, and navigate to Mobile on the right hand menu. Remove your number and use an authenticator app

Android

Turn off your advertising ID.  This is attached to all you apps, search history, purchases, recent locations and much more.

• Settings > Privacy > Ads > Delete Advertising ID

Older Android versions may have Opt Out of Ads Personalization

Chrome

Turn off 3rd party cookie tracking on both Chrome for computers and Chrome App

Settings > Security & Privacy > Block third-party cookies

Privacy Oriented Browser

brave is a browser from a mozilla co-founder, which is focused on privacy.

Internet Browser Cookies

In the past, users have been able to delete their Internet browsers’ cookies and thereby foiling efforts to track the user. Here are instructions for clearing the browser cache in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Below is how to set browsers to not accept third-party cookies. These cookies are typically generated by tracking and advertising companies when you visit a website. Occasionally this technique will cause a website to malfunction, particularly if it uses a third-party to handle tasks like commenting.

To optimize third-party cookie privacy settings in Firefox do the following:

• Select Options… from the Tools menu
• Select Privacy tab
• Select Use custom settings for history
• Uncheck Accept third-party cookies
• Optionally select Keep until: I close Firefox – This will delete cookies after every browser session, which you may not want to happen.

To optimize third-party cookie privacy settings in Internet Explorer 9 do the following:

• Select Internet Options from the Tools menu
• Select Privacy tab
• Check Never allow websites to request your physical location under Location
• Select Advanced
• Check Override automatic cookie handling
  
• Check Block under Third-party Cookies
• Press OK

CCleaner is useful Windows utility to clear out unnecessary files including temporary files, and cookie files.

Identity Finder helps you remove personally identifiable information from your computer’s files. They have a free Windows and Mac version.

While this technique is still somewhat helpful, the advertisers have gotten smarter and utilize other tracking techniques. Consult our guides to Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox for information.

IRS Tax Filing IP PIN

An IRS IP PIN is a six-digit number assigned to eligible taxpayers that helps prevent the misuse of their Social Security number on fraudulent federal income tax returns.

In 2019, they expanded the states that support this protection.

HTML5 and Privacy

HTML5 represents the latest standard for web design that significantly increases the flexibility and interactiveness of websites. Along with these impressive new features, comes a major privacy issue. HTML5 local storage allows data to be stored in your browser. It can potentially be used to track your movements and regenerate any cookies that you delete. New methods of blocking need to be created to block this intrusive technology.

Google Chrome and Firefox clear HTML5 local storage whenever you clear your cookies. Safari clears this when you select: Preferences -> Privacy tab -> Cookies and other website data -> Remove All Website Data

You can set Firefox to warn you whenever a website is attempting to use HTML5 local storage by selecting: Options -> Advanced -> Network -> Tell me when a website attempts to store data for offline use.

Flash Cookies

Adobe Flash also generates cookies that have been used for tracking and are difficult to remove. Adobe has a special page that requires Flash, in which you can delete your Flash cookies. Also visit this Flash configuration page to prevent 3rd parties from storing Flash content on your PC. You can install a Flash blocker to prevent these cookies from being installed on your system. Flush for the Mac, removes Flash cookies.

Adjusting Google Privacy Settings

In 2018 Google Created this Activity Tracking page to enhance privacy.

To clear Google’s “web history” which includes a log of all your searches, follow the instructions on this page.

To see and revoke access to your Google account by third-party sites, follow the instructions on this page. Also turn on Do Not Track.

To get a copy of everything Google has stored about you, visit Google Takeout. Additional Google services not covered by Takeout are located at Data Liberation.org. To delete the information, you must visit each Google service and delete your data manually.

Privacy App

Jumbo Privacy iOS App helps set Google, Facebook, Ad settings that we have mentioned

Adjusting Facebook Privacy Settings

Our article on Facebook security covers how to adjust Facebook’s privacy settings. Keep in mind that privacy settings only prevent others from seeing your profile. Advertisers and Facebook still have access to your private profile.

AVG Privacyfix.com helps you manage your Facebook privacy settings by showing you which ones need to be fixed.

Logging Off for Privacy

Intentionally logging off a site helps preserve your online privacy. If you were on Amazon, Facebook, or Google, we recommend you log off the site and not click away to a different site. This will help prevent ads from following you.

Fact: When a someone has more information about us, we are more likely to trust them. If your personal details leaked in a company’s data breach, criminals could use that information to craft emails that look more credible.

Minimize your personal information on Facebook, Twitter, Instagram, etc. Also cleanse or set to Private your Amazon wishlists and eBay bidding history.

 Anonymous Browsing

Most modern Internet browsers have options to perform anonymous browsing. You can utilize this function to help hide your identity. Here are instructions for anonymous browsing in Google Chrome, Microsoft Internet Explorer 9, and Mozilla Firefox.

Optional third party browser plug-ins are also available to help enhance Internet privacy.

• Adblock Plus is a plug in to block ads. Firefox – Chrome
• ChromeBlock is a plugin to help increase privacy. Chrome
• Cookie Master is a Firefox plug-in to manage cookies
• Disconnect.me is a plugin to help increase privacy. Firefox – Chrome – Safari
• Do Not Track Plus is a Firefox plugin to help increase privacy.
• Ghostery is a free plug-in to view and block what trackers and advertisers a website uses. Available for most web browsers
• NoScript is an extension for both Firefox and Chrome which prevents scripting from automatically running
• PrivacySuite is a plugin to help increase privacy. Firefox – Internet Explorer (Soon)
• Trackmenot is a Firefox plug in to prevent tracking. Chrome version

Opting Out of Online Ad Personalization – Do Not Track

Advertising companies that are members of the Network Advertising Initiative (NAI) and other self-regulatory efforts allow users to opt out of personalizing ads that are shown. Here are instructions for opting out of online ad personalization in Google Chrome, Microsoft Internet Explorer, and Mozilla Firefox.

The Network Advertising Initiative also has a page that allows you to opt out of online ad personalization from a variety of member advertising companies.

Other Opt-out pages:

• AOL
• Apple iAds
• Mastercard
• SelectOut – Optout of almost 200 trackers
• Self-Regulatory Program for Online Behavioral Advertising
• Yahoo

Using Linux for Internet Privacy

Linux can be utilized to enhance our Internet privacy. We can set up a bootable Linux USB key or CD, which allows us to start up our computer into a totally clean operating system, devoid of cookies and the like. Use one that has a write lock physical switch. Consult our article Creating a Bootable Linux USB Key or CD for more information.

Using a VPN for Internet Privacy

A VPN or Virtual Private Network allows you to tunnel your Internet traffic through a third party provider, making your traffic appear to come from a different location. While this option is more complex to implement, when combined with the suggestions listed above, a VPN connection forms a very powerful tool to protect your privacy. Consult our article How to Use Wireless Networks or WiFi Safely in Public for more information. Make sure you select one that is located outside the USA and which does not logging.

Email Snooping

Yahoo was exposed in 2016 to having scan all its customer’s emails looking at incoming email streams for a digital signature associated with a known terror organization.

The ultimate way to prevent email snopping is by running your own email server.  This has a cost and can result in your emails not going through.

Credit Card Privacy

Privacy.com creates secure virtual credit card numbers, hiding your real card.

Secure Instant Messaging

Privacy relates to how easy it is to ease drop into a messaging client.  Can the government listen in?  Is it encrypted?

The EFF has a great Secure Messaging Scorecard page.
Forget about using popular ones like Whatsapp, Line, Viber, WeChat, they have all been monitored.

Try ones like:

Silent Circle
Redphone
OSTel
Chat Secure
Signal (Formerly Textsecure)

Anonymous Registration

It is annoying registering for forums and many content sites where your real information is not necessary. When asked for personal information, we suggest you enter bogus information if you wish to remain anonymous. Create an email address that is tied to this information and save this information as a profile within password management utilities.

MySudo helps you create temporary emails address and phone numbers. Free Trial.  You can also this by create multiple gmail and google voice accounts.

Removing Yourself from Online Databases

There are several large databases that contain personal information that is culled from telephone books, court records, and other third parties. You can opt out of their data by visiting the following links.

• BeenVerified
• Family Tree Now
• Intelius
• PeekYou
• PeopleSmart
• Pipl
• Spokeo
• Whitepages
• ZabaSearch

A paid service DeleteMe helps automate this for $129/year

Identity Theft Protection

If you are a Comcast subscriber, you are eligible for free Identity Guard (discontinued). Consult your ISP to see if they have any free identity theft programs.

Social Security Account Setup

While we are on the subject of protecting you from identity theft.  If you have not already setup your Social Security Account, you should set one up before a thieve makes one before you.

Or better yet, block Electronic access to your Social Security Record.

TV Privacy

If you have a Smart TV, it may be watching or listening to you.  In March 2017 a Wikileaks CIA leak indicated that they are listening in on those with Samsung TVs.

• Turn off any Smart TV Functions on your TV
• Use an external Roku or AppleTV box instead
• Use a power strip and turn off the TV’s power that way

Opting out of TV data

Many TV content suppliers log your viewing habits and sell them to other companies.  Opt-Out of this madness! Cable and satellite television networks have their own opt-out for anonymous-viewer information.

• DirectTV – Contact the company by phone, email, or mail to opt-out.
• TiVo
• Optimum.net – They removed their opt-out page.
• Comcast
• AT&T
• Vizio – Vizio TVs spied on what people were viewing, causing the FTC to sue them.  The company provided consumers’ IP addresses to data aggregators, who then matched the address with an individual consumer or household. Vizio’s contracts with third parties prohibited the re-identification of consumers and households by name, but allowed a host of other personal details – for example, sex, age, income, marital status, household size, education, and home ownership.

Turn off iPhone Diagnostic Log Sending

To turn off sending of diagnostics data to Apple do the following:

• Open Settings
  
• Select General
• Select About
• Select Diagnostics & Usage
• Click on Don’t Send

Color Laser Printer & Color Copier Privacy Issues

The Electronic Frontier Foundation (EFF) discovered that most color copiers and color laser printers have been adding invisible tracking codes to every single printed page they produce. The government asked printer makers to do this in an effort to prevent counterfeiting. The dots help track what type of printer and its serial number as well as when the document was printed.

This relativity little known tactic can undermine anonymity for political, religious, or any other reason. Users need to understand this and tell printer manufacturers that they do not like this hidden invasion of privacy. For more information, take a look at this webpage and support their efforts.

If you are purchasing a new color laser printer, try to purchase one that does not print these invisible codes.

Kindle eBook Privacy issues

Reading in the new age via eReaders such as the Kindle expose users to additional privacy issues. Previously, with physical books, it was difficult for bookstores and publishers to know whether you had really finished a book, highlighted specific passages in the book, or what book you purchased next.

With eReaders such as the Kindle your privacy has gone out the door. Kindle users have to agree to allow Amazon to store information on the device and Amazon’s servers including where you left off in the book, notes, highlights, bookmarks, and more. With all of this information, the Electronic Frontier Foundation (EFF) is pushing for legislation to prevent eBook sellers from reveling people’s reading habits without a court’s approval.

If you are concerned about your privacy, you may want to steer clear of eReaders or utilize an eReader that does not any have Internet connectivity. Find one that allows eBooks to be downloaded to a computer and manually added to your eReader.

More Resources

privacy tools.io – Lists many resources that can help you reclaim your privacy

With some leg work, we can significantly improve the privacy of our online activities.

Google’s Android operating system powers many popular cellphones including the popular Samsung Galaxy S10. Most Android Smartphone users as well as most of the pubic at large do not think very much about security.

If your phone is not running the latest Android Monthly security patches or is Android 6 or older, you are open to attack. A recent Wall Street Journal article showed that only 2.8% of Android devices have the latest security patches. Compare that to 79% of iPhones, due to Apple’s more uniform eco-system.

As of February 2019 only Android 7 to 9 receive security updates now)

Most Up to Date Android Smartphones

• Google Pixel 3

This flagship phone runs the latest Android version and is patched regularly. Sold directly from Google or from a couple wireless carriers.

You can check this Google Support page that shows when updates will be available for Google devices and when devices stop getting updates.

Keep in mind that some companies claim to have all the latest security patches but may not.

We will cover some techniques to enhance your Android phone security.

Obsolete Hardware

Most hardware vendors like Samsung stop issuing updates after 3 years of release.  Need a good reason to upgrade to a new phone?  This is it. Incapacitate then recycle your old phone to prevent reuse.

Samsung has a page that lists which devices are still getting updates, as does Google.

Samsung SmartSwitch helps you update phones on Windows or Mac.

If you have an Phone or Tablet that no longer gets updates, we would recycle it and buy a new one RIGHT away. Keep in mind that Android Patch in July 2017 is the first version that fixed a Huge Broadcom Wi-Fi bug. Without that fix, you can get hacked by just having a Wi-Fi signal nearby.

Google Play Protect

• Be sure your device is running Google Play Protect.  It scans for Malware and bad apps. This was release in July 2017 and runs on Google Play Services 11 or higher. This is a unification of Android security systems like Verify Apps, browser protection, and anti-theft measures.

You need to test your Android Device for Vulnerabilities

Here are the major security holes that you need to test your phone against.  If your phone fails any of these, get it updated or buy a new phone.

2/1/2019: Google has patch a major bug in Android where you can get hacked just by looking at a picture in a SMS, Email, or web page!  Update your Android software to Patch Level February 2019 or later, right away.  If your phone no longer gets updates, please consider buying a new one.

QuadRooter – Learn more about this issue. August 2016

DroidJack Remote spying – Learn more about this issue. August 2015

Stagefright MMS Flaw- Learn more about this issue. August 2015

Shellshock – Learn more about this issue. September 2014

Why is Android more susceptible to attack?

• Older Smartphones with unpatched old versions of Android
• Many phones never being given latest updates
• Bigger audience to attack due to market share
• Chipset vendors fixes slow to reach public
• Multiple App stores
• Apps are not thoroughly vetted
• Bloatware, trialware from handset makers
• Malware introduced in production chain

The Android Smartphone is part of Android’s open ecosystem, making viruses and malware more possible than closed platforms like the iPhone. As the Android Smartphone has grown in popularity, the smartphone has become more of a target by hackers and criminals. The DroidDream and Plankton Android malware infected over 250,000 phones before anyone discovered their malware. Google removed over 58 malicious apps from this single malware. A recent survey has shown that only 30% of Android Smartphone users installed security software on their phones. Malware can grab private data or use the phone to communicate externally.
Carrier IQ is a controversial piece of software that can show you what certain Android phones and spyware can do if the carriers allow it.

It is important that Android Smartphone users immediately become more vigilant about smartphone security. Our tutorial covers the Android Smartphones running most versions of the Android operating system.

Android Vulnerabilities.org gives a snapshot of how many devices are insecure.

The NSA and Android

Did you know that the NSA has been programming for Android and has inserted its code into the operating system? This has been happening since 2011 and has been focused on adding code to prevent hackers and marketers from accessing personal data on your Android device. Devices including the Samsung Galaxy S4 and HTC One have NSA code embedded, but not enabled by default. Apple does not accept code from government agencies. Android is open source, so programmers can more easily scrutinize every line of code that is in it. Hopefully the NSA will not add monitoring code in the future.

1. Android Smartphone Software Updates

Google upgrades the Android software for the Android Smartphone all the time. Montly Updates include additional functionality as well as security bug fixes. It is important that users apply updates immediately. Yes, updates take a while to install, but you do need to do it right away. Contact your smartphone vendor for the latest Android software update to your handset.

Some handset makers take their time to release Android updates.  Beware. This is the MAIN reason why millions of Android phones go unpatched.  Buy a phone that use plain Android and can take updates directly from Google, like the Google Nexus or Pixel line.

90 percent of Android devices two years or older have an operating system that’s vulnerable.

Replacing an Android Phone due to Lack of Updates

If you have an Android Smartphone that does not get the latest Android updates, we highly recommend you REPLACE the smartphone with a new one that does. Unfortunately you will need to switch phones every 2-3 years to keep up to date. Recycle the phone, do not give it away.

This Google support page  shows you the status of Google Nexus Software updates and security updates.

These Nexus phones, tablets are have no guaranteed security updates after October 2017!

• Nexus 10
• Nexus 9
• Nexus 7
• Nexus 6
• Nexus 5
• Nexus 4

If you Root your Android Smartphone, you need to be extra careful with regards to security as updates are much more difficult for you. Be careful where you obtain your Android Apps as malware is much more prevalent. Rooting also exposes your device’s internal hardware to software much more so than normal. This is the equivalent of running your PC as Administrator.

2. Android Smartphone App Security

Apple’s App Store reviews all submissions before adding them, but Google does not thoroughly review Apps added to their store. Google does run a security scanner on apps to ensure that they do not include known malware. There have been several occasions where Apps containing malware have entered the Google play formerly known as Android Market.

Neither App Store technique is full proof, users need to be careful when installing apps.

Apps are prone to security vulnerabilities that are fixed by updates. Keep apps updated regularly and remove apps that you do not use. To update applications do the following:

• Tap the Notification menu at the top and drag it downwards. If there are App updates available, they will be shown
• Tap on App updates to bring you to Google play formerly known as Android Market
• Tap the App to be updated
• Repeat the process for all Apps

Google has the ability to remotely remove malicious apps from your Android Smartphone. This is NOT true if you buy from 3rd party App store.

When installing new Apps, we suggest you install well known Apps from Google play formerly known as Android Market or Amazon App Store with positive reviews, and avoid brand new Apps from unfamiliar companies, and unofficial 3rd party App stores like mmoovv.com or samsunggalaxy-s.ru.This becomes a problem when the official App Market is blocked, such is the case in China.

It is fairly easy to repackage free Apps into a clone of the App. Repackaged Apps that also include Malware or Spyware have been encountered on 3rd party Android Markets. Free pirated versions of paid Apps are also found on 3rd party sites. Download only from the official App Market and give new Apps time to build trust and to allow others to help test the App for malware and security risks.

Users also need to be aware that scareware where apps are displaying advertisements for battery saving apps have been tied to malware. If the user taps on the ad, your phone’s browser launches and proceeds to download the apps file. These apps could endanger your privacy by stealing your address book, or cause money to be withdrawn from your accounts via costly phone calls or SMS messages.

3. Suggested Android Smartphone Settings for Security

Below are several suggestions for Android Smartphone settings to increase security on the smartphone. If you use swipe patterns to unlock the phone, make sure you clean your Android devices’ screen regularly otherwise people can see how your pattern looks.  Doing repeated circular or square patterns helps foil thieves.

Enable Passcode

• Open Settings
  
• Select Security
• Select Screen Lock
• Select Password
• Enter a Passcode – Do not select an obvious passcode like 1234a or 1111a

Google automatically encrypts its Nexus smartphones, but other companies are not required to do this. As of 2016, less than 10% of Android phones had encryption enabled. 80% of iPhones had encryption turned on. Android 6 Marshmallow requires encryption to be enabled by default.

Encrypt your Android Smartphone and require a PIN or password to decrypt it every time you power it on. It takes an hour or longer to initially encrypt your Smartphone. Older Android phones many operate slower when encryption is enabled. Launching apps might take a second or two longer. Turning on encyption requires a full battery or the phone connected to a charger.

• Open Settings
  
• Select Security
• Select Encrypt phone
• Click Encrypt phone

Lock SIM card makes your phone require a PIN before becoming enabled.

• Open Settings
  
• Select Security
• Select Set up SIM card lock
  
• Select Lock SIM card

If you are not using any Bluetooth devices, disable Bluetooth to increase battery life and prevent security risks.

• Open Settings
  
• Select Wireless and Networks
• Uncheck Bluetooth

Backing up your Android Smartphone regularly is an important task. If you have a rooted Android Smartphone use the ROM Manager and Titanium Backup root.  Regular Android Smartphones need to pay for backup Apps like MyBackup Pro. There are free Apps to backup individual areas like SMS, images, or Applications.

4. Android Smartphone Email Security

It is important that email accounts accessed from a smartphone are setup utilizing encryption when available. Many email providers including Google’s Gmail, Microsoft Exchange, AOL Mail and Yahoo Mail support SSL (secure sockets layer) when accessing their mail servers. If SSL is not used, your emails as well as your password can be read by hackers. Most major email providers automatically activate SSL if you let Android setup your email account.

If you are setting up a new email account, make sure that you have enabled SSL or TLS in the Security type field for both the incoming and the outgoing mail server.

To check an existing Mail Account for secure SSL access, do the following:

• Open Email application
  
• If Combined Inbox is shown, Select a mail account by tapping Accounts then Select the email account. Otherwise, hit Menu then Account Settings
• Check Incoming settings and Outgoing settings
• Examine the Security Type field
• Verify that it is not set to None

If it is set to None, check with your email provider to verify their SSL support and enable it if possible.

Also, make sure your email account has been cleansed with a good spam filter. This is a basic requirement of any solid email provider. If your email vendor needs spam filtering assistance, consider accessing the email account via POP inside a Gmail account.

OpenKeychain – public key encryption for emails and files, to make sure your emails are only read by who you sent them to and others can send you messages only you can read.

5. Find a Lost Android Smartphone, Erase a Lost Android Smartphone

Andrdoid 5.1 and higher includes a Device Protection feature. This is required on all phones manufactured after June 30, 2015 and sold in California. You can set it up in the Lock screen settings. It requires you be signed into your Google account.

Find My Device is a helpful feature made by Google, so you can locate, ring, or wipe your device remotely.

If you are running an older version of Android, you need a 3rd party app to handle finding a lost phone. Here are some options:

• Android Lost – Locate, wipe, lock, take pictures, and much more
• Prey – Open source, cross-platform, lost phone or tablet protection
• Wheres My Droid – Find your lost phone, password protection, notification of changed SIM card. Paid Pro version includes remote phone erasing

When you lose your device utilize the lost device App you installed. If you cannot access the device, make sure you contact your Wireless carrier so they can disable the device. If you recover your Smartphone, make sure you change all passwords.

Also consider creating a special graphics file with your emergency contact information that can be used as your lock screen. If you are having a life threatening emergency, people could still access this information. If your Android Smartphone is lost and password protected, people could still contact you.

6. Using WiFi securely

When accessing a wireless network outside the home, exercise caution. Any information sent over an external wireless may be subject to eavesdropping. Unless you know the Wi-Fi network is secure, we would recommend against connecting to it.

If you really want to use an unfamiliar wireless connection, limit usage to non-critical apps, email, and web. Do not e-mail, online shop, online bank, or online trade from public wifi hot spots or cyber cafes. Many of these locations provide little to no security and are prone to snooping or malware.

The Android Smartphone can remember wireless networks by name and automatically log into them. This convenience function turns into a security problem because the Android Smartphone will automatically send the same password to a wireless network of the same name. So if you name your wireless router, Linksys, if you encounter another wireless router with the same name, the Android Smartphone will automatically use the password. A hacker could exploit this to obtain your wireless router’s password. We suggest you do not enable any automatic joining to wireless networks. The Android Smartphone is very good at transparently switching from a cellular data network to a Wi-Fi wireless network. You can turn off Wi-Fi auto connect by the following:

• Open Settings app
• Choose Wireless & Networks
• Select Wi-Fi Settings
• Uncheck auto connect

When accessing the Internet on a smartphone or tablet, using the built in 3G/4G connection is a lot safer than connecting via a local wireless internet hotspot. This warning applies to both apps and mobile internet browsers.

The safest way to use a public wireless network is by employing a VPN (virtual private network) which securely tunnels all of your Android Smartphone’s traffic through a secure server. There are many paid services that sell VPN access.

Disable WiFi when you are not accessing wireless networks. This will extend your battery life and increase security.

7. Secure Browsing with Android “Browser”

Force websites to use secure connections – It is important to utilize secure connections or HTTPS whenever possible. Several large websites have configuration options to force these secure connections. Here is more information on configuring HTTPS with: Gmail, Facebook, Twitter, Google. Google.com defaults to HTTPS if you are signed into your Google Account, if you are not, just manually add the s after http to force a secure connection i.e – https://www.google.com

Use a password manager to create, use, and store passwords for websites. See our password manager guide for details.

8. Careful Link Clicking and Attachment Opening

As we have learned on computers, clicking on links in email can lead to viruses or malware being installed. We need to take the same precautions and more, on an Android Smartphone. Avoid clicking links in email, text messages, and websites that are unfamiliar to you.

Email attachments require the same amount of caution. Only open attachments when they are expected. Avoid opening your email provider’s spam folder and do not open any attachments in your spam folder.

Opening Attachments Safely with Gmail

Forward the email with attachment to a Gmail account.  From there, you can use Google Docs to open Word Processing, Spreadsheets, etc.  No need to endanger your own computer.

9. Android Smartphone Free Antivirus and Internet Security Software

Android Smartphone anti virus software is available and highly recommended because of the open Android Market for Apps. Be aware that fake anti-malware Apps have appeared, so stick to brand name antivirus Apps.

Antivirus Free – free antivirus App for Android

AVG Antivirus – free mobile security and antivirus App for Android

DR. Web Anti-virus Light – free antivirus App for Android

Lookout – free mobile security and antivirus App for Android

Norton Mobile Security – free mobile security and antivirus App for Android

Webroot Secure Anywhere Mobile – Free Mobile Phone and Tablet security antivirus protection.

Android Smartphone security Apps

Orbot: Tor on Android – Enhance your privacy, break through firewalls and communicate more safely.

10. Android Market Password and Payment Option

You can delete the payment information in your Google account after making a purchase. You must have a payment method in order to make purchases or make refunds. If you are very cautious, remove payment information when you do not anticipate App purchases.

11. Malicious QR Codes

QR codes are appearing in print and all over the place. Be aware that malicious QR codes that lead the user to download malware have been found. Be sure you check the link the QR code points to before using it.

12. NFC – Near Field Communication

NFC has been touted as using your phone as a contact-less credit card.  It is being hyped up by smartphone manufacturers as well as credit card firms.  This technology opens up a new way of hacking your credit card info.  TURN IT OFF and avoid it.  This recent Defcon presentation shows how a security researching skimmed a NFC credit card and used it.

To disable NFC on the Samsung Galaxy S III and other phones:

1. Tap Apps
2. Choose Settings
3. Scroll down the screen and tap More Settings
4. Uncheck the NFC box
5. Close the Settings app

13. Avoid Huawei and ZTE Android Smartphones

These Chinese companies are drawing a lot of attention. Congress suggests people avoid their products due to possible suspicious equipment behavior.

We have covered many ways to improve your Android Smartphone security. Utilizing our tips will help significantly improve the already good security of the Android Smartphone.

14. Stagefright MMS Messaging Bug

August 2015. A specially crafted MMS message can cause your phone to be taken over. Many old phone may never get updated to fix this.

If you’re using Google Hangouts as your default SMS client, disable automatic downloading of media files sent via MMS:

Settings – SMS – Auto Retrieve MMS uncheck

Here’s how to protect your phone from the if you are using Google Messenger (the default SMS client for Android Version 5.0+):

Messenger – Settings – Advanced – Auto Retrieve OFF

Here’s how to protect your phone from the if you are using Messages (the default SMS client for Samsung Galaxy S6):

Messages – More – Settings – More Settings – Multimedia messages – Auto Retrieve OFF

15. Secure Messaging

Law enforcement and probably the NSA use cell phone tower simulators called Stingrays, IMSI catchers, or dirtbox made by Harris. These fake cell phone towers slurp handset identification information and can snoop on data. They deploy these in small planes to net a ton of intercepts, without getting a warrant. Cell phone users have no right to privacy in public areas.

You can fight back by using secure messaging clients like Signal or Chat Secure. Older Stingrays only support 2G, not 3G/4G included with the Hailstorm upgrade, so turning off 2G will help here.

Disable 2G On Android prior to 5.0 – Stops Stingray
1) Pull up the phone dialer and dial *#*#4636#*#* (that spells INFO)
2) This brings you to the Testing screen where can select “Device information”.
3) Scroll down a little and it should say “WCDMA Preferred” or similiar.
4) Change it to WCDMA Only.

It will now stay on 3G/4G/4GLTE and avoid the old school GSM 2G Data towers, keeping you safe from older Stingrays.

Note: Google removed this option on Lollipop 5.0.

You can detect a Stingray by running the apps SnoopSnith or Android IMSI-Catcher Detector.

16. Public Charging – Video Jacking

Do not use a public phone charging cable, it could be capturing video video HDMI recording while you charge aka Video Jacking. Always use your own charging cable.

17. Secure your mobile phone’s account from hijacking or Port-Out Scams

Hackers have been calling wireless carriers like: AT&T, Sprint, T-Mobile, and Verizon asking them to switch control of mobile phone numbers to themselves.

They will repeatedly call, hundreds of times, and make up all kinds of sob stories to get control. Once they hijack control, they will reset passwords of any device that uses that phone number as a security backup via SMS Text or two factor authentication. IE Google, Facebook, Twitter, Bitcoin accounts, etc.

How do you protect against phone hijacking?

• FTC has details
• Do not use your cell phone number in the first place!
• Use two factor authentication that uses a physical key or Google Authenticator App, not Text
• AT&T – Enable an account passcode
• Sprint – Customers setup a PIN when first signing up
• T-Mobile – Enable a customer care password
• Verizon – Setup an account PIN

T-Mobile customers can also call in to the company’s customer support line and place a separate “SIM lock” on their account, which can only be removed if the customer shows up at a retail store with ID.

Be sure to use Google Authenticator instead of Text messages for second factor authentication when possible.

If your phone stops receiving a signal and says “emergency calls only” or “no network,” even after you restart your phone, contact your mobile carrier to see whether your account has been hijacked.

Conclusion

Android is a sophisticated operating system. Because of the nature of its diverse eco-system, users unfortunately need to be proactive to keep their device secure and up to date.

Do you have any Android Security Tips?

The International Travel Security Problem

Many of us travel internationally but few realize how important computer security can be when we visit other countries. People doing business in countries like China and Russia (or any other country for that matter) need to pay strict attention to their technology security protocols to prevent the real and growing threat of high tech espionage. There have been instances of people returning from abroad and having their laptops or smartphones compromised. A mobile device used internationally and later hooked up to the Company’s network provides an excellent infection vector. The folks intent on stealing information could be government or corporate based.

Learn how to use your iPhone or Android Smartphone in China

How to Protect Yourself When Traveling

Some people might find the following list a bit paranoid, but you never can be too safe. People that work for major corporations, government, or security firms need maximum protection from attackers. There are tools that can detect the location of a mobile device to within 100 feet and can target phones by the phone number, IMEI (International Mobile Equipment Identity) number and intercept all communications from the mobile device.

• Leave your cell phone and laptop at home
• Buy a phone and SIM card in the other country
• Beware of any SMS message especially if they have links
• Do not bring any sensitive data or passwords
• Use temporary or loaner cell phones and laptops which will be erased when you get home
• Make sure all gadgets are fully up to date and have security software enabled. The best encryption should be utilized
• Never let your electronics out of your site
• If your device gets inspected at the border, it should never be connected to the Company’s network again
• Turn off Bluetooth and Wi-Fi
• Avoid public Wi-Fi altogether
• Do not use a public phone charging cable, it could be capturing video while you charge
• Disable microphones and cameras
• During meetings, turn off your devices and remove their batteries. (Prevents possible recording)
• Use a VPN with heavy encryption to connect to the Internet
• Use Google Voice to create a “throw away” voice accounts
• Do not connect to your Company’s or government’s network while abroad
• Use coded language when discussing sensitive matters
• Cut and paste passwords to prevent keylogging
• Change any and all passwords you used on the trip, immediately
• Enable two factor authentication for services that support this; Facebook, Gmail, eBay, etc.
• Two factor authentication system using SMS text messages is not secure, due to the weak SS7 routing system. We suggest only using two factor when you can use a token or a time based authenticator like Googles.

Following the safeguards listed above will help prevent hack attacks against yourself and your Company. The measures may sound extreme, but the danger is real.

We feature many different security tutorials.

• Learn how to secure your PC, find free anti-virus software, and find Windows security software
• Secure your Mac and find free Mac security software
• Use Linux for secure online banking, online trading, and online shopping
• Secure your wireless network (Wi-Fi)
• Learn how to create, store and use secure passwords

Harden the Security of your Browser

• Chrome
• Internet Explorer 9
• Firefox

Boost the Security of your Smartphones and Tablets

• iPhone
• iPad
• Android Smartphone or Tablet

Learn how to perform the following Safely and Securely

• Online banking and online trading
• Online shopping
• E-mail

Our sister site has launch, BuyVia!

The BuyVia iOS app and website bring together the strongest smart shopping arsenal available, making it easy to find the best products/deals possible across all of the devices people own – including smartphones, laptops/desktops and tablets – without tedious and time-consuming research.

BuyVia’s iPhone & Android (coming soon) app allow users to scan barcodes, compare prices, set up alerts, and more.

The only thing worse than spam in your email box is a spam text message on your cell phone or smartphone. For the last 20 years spam has been clogging up our email, and now it is in full bloom on our phones. Spam Texting needs to stop.

How do Spammers get Phone Numbers?

There are several sources of phone numbers for text message spamming.

• Internet postings
• Random phone number generation
• Auto dialing robo calling

The Dangers in Spam Text Messages

Just like email spam, offers made in unsolicited text messages are full of bogus offers like free iPads, prizes, or gift cards, etc. Clicking on any link or calling a phone number listed in the text message can result in the following:

• Malware being installed on your phone
• Unauthorized charges billed to your phone
• Recurring items added to your phone bill
• Private information being transmitted to cyber criminals

Fighting Unsolicited Text Messages

The major wireless providers, AT&T, Verizon, Sprint, and T-Mobile try to do everything in their power to prevent these. Each person calling to complain costs them from $5 to $50. The carriers are banding together to create anti-spam and mobile security solutions. Slowly, cell phone technology will rise to the same level as email and anti-spam filters.

The Federal Trade Commission files suit against spammers to help reduce the problems.

You can complain to your wireless carrier and let them know that you are receiving unsolicited text messages by doing the following:

Blocking Text Spam

The major wireless carriers provide Free Spam blocking controls for users. However, there are restrictions.

Here is how you can access the blocking controls online for each carrier:

Verizon Wireless – They offer many different free options to block text spam.

1. Log into your My Verizon wireless account
2. Go to My Services
3. Go to Verizon Safeguards
4. Go to Spam Controls
5. Go to Internet Spam Blocking and Call & Message Blocking
6. Save desired configuration

There are 3 options for Internet Spam Blocking you can select from :

1. Block all messages from the web.
2. Block all messages from emails.
3. Block  up to 15 specific email addresses and/or web domains (i.e. domain.com).

There are 2 options for Call & Message Blocking you can select from:

1. Block all calls & text messages originated from specific numbers
2. Block up to 5 specific numbers at one time.
   1. Expires 90 days from the date of your first block.
   2. Can reestablish blocked number by adding blocking preferences after they expire.

Verizon also offers Usage Controls for $4.99/month per line. This allows you to block up to 20 contacts (i.e. phone number, email address, instant messaging screen names).

AT&T Wireless –

They provide different ways to block spam form their source:

Internet spam & email address spam:

• Respond to the spam with “BLOCK” in the body

or

1. Log in to My Messages – This site is different than the main AT&T wireless website, so it requires a separate account to be created.
2. Select Blocking Options under the Preferences section
3. Type the domain or email you wish to block in the Block List section
4. Click Submit to save changes

Create an Alias for your wireless number (Example: your-alias@txt.att.net instead of your-wireless-number@txt.att.net)

1. Log in to My Messages
2. Select Message Options under the Preferences section
3. Input your desired alias without the “@txt.att.net” in the alias option
4. Click Submit to save changes

Short Code Spam (4-digits are shown, not a phone number):

•  Reply “STOP” in the body to block sender from spamming messages to you in the future.

Wireless Number Spam – AT&T does not currently offer a Free solution to wireless number spam. The only way to block wireless number spam currently is by signing up for AT&T’s Smart Limits for Wireless. The service costs $4.99/month per line. Similarly to Verizon’s Usage Controls.

You must purchase the Smart Limits feature before configuring Smart Limit options. Afterward, you may set up Wireless number blocking by following these steps:

1. Log in to your Wireless Account
2. Click the myAT&T tab
3. Click the Wireless category
4. Click Smart Limits under Enhanced Services
5. Click Blocked Numbers under your phone
6. Enter the 9-digit phone number you wish to block
7. Click Submit to add to your Blocked Numbers list

If mobile spam continues to be a problem, you may contact AT&T’s Customer Service at 1-800-331-0500 for additional help or forward the spam to the short code “SPAM” (7726) to open an investigation. AT&T says, “There is no charge to report mobile spam. Messages forwarded to 7726 do not count toward your data usage or voice package.”

Sprint –

• They have a very complex system to manage text blocking, see this page.

or

• Forward spam directly to abuse@messanging.sprintpcs.com or call customer care at *2 (Sprint phones)/ 611 (Nextel phones). More information here.

T-Mobile –

• Forward the message to “SPAM” (7726)
• T-Mobile will send back a confirmation that they have received your message
• T-Mobile will ask you to send them the number of the original sender so they can try to identify the identity of the spammer

*Note* Sprint does not have auto-blocking available yet & T-Mobile does not currently offer a blocking from the Internet.

Remove Text Messaging Completely

If the options to fight text message spam are not versatile enough, we recommend you disable text messaging completely. You can then use a third-party app to send and receive text messages albeit to a different phone number.

Verizon –

Call *611 and ask Verizon’s Customer Support to disable text messaging for you

or

Remove text messaging completely from your phone online in your account settings by doing the following:

1. Log in to My Verizon Account
2. Go to My Services
3. Click Add/Remove Services
4. Select Messages
5. Click Remove
6. Click Next to submit request

AT&T –

You can also go to http://mymessages.wireless.att.com/ to disable text messages sent to you as email. Keep in mind, this just affects text messages sent via email and not directly to your phone number. Most of the text message spam is not sent this way. Call customer service to totally disable texting.

Sprint -Call Sprint Customer Service to disable text messages.

T-Mobile – Allows blocking incoming and outgoing text messages (SMS), picture messages (MMS), Instant Messages (IM), and e-mail to be configured online.

Apps to help you fight Text Spam Messages

These apps help you block texting spam.

smsBlocker – Android – SMS blocking & text filter tool

VeroSMS – iOS – SMS blocking & text filter tool

Free Texting Apps:

Free apps are available to send/receive Text Messages for free on smartphones. These do require you to use a different phone number to receive messages. Simply turn off texting with your carrier and use this.

Text+ – iOS, Android – Ad supported.

Google Voice

Google Voice helps you create virtual phone number to send/receive calls, messages, and texts.  It is available for iOS, Android. Simply turn off texting with your carrier and use this.

Texting spam is costly and time consuming.  There are many techniques for dealing with it, and most are free.