Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for October, 2012
October 10th, 2012

How do I avoid becoming a victim of cybercrime?

Question of the Week: I hear so much on the news about identify theft, scams and fake emails. How does a regular person with limited computer skills protect themselves?

Cybercriminals use a variety of tactics which can cause major inconvenience and hassle in your life – identity theft, financial fraud, stalking, bullying, hacking, email spoofing, information piracy and forgery, intellectual property crime, and more.

Many cybercrimes start with malware—short for “malicious software.” Malware is considered an annoying or hostile type of software intended for secretly accessing a computer without your knowledge or consent. It includes Trojans, worms, viruses, spyware, most rootkits, and other such unwanted intruders. Malware can be used to monitor your online activity, cause your device to crash damaging hardware, software or data in the process, and it can spread through networks of machines to infect others.

Where does malware come from?
Malware is most commonly delivered through the internet and by email messages. There are so many varieties that it can also come in through hacked webpages, game demos, music files, toolbars, software, free subscriptions, and other things you download from the web. Read more…

October 9th, 2012

AVAST is the only Free Antivirus to receive Advanced+ Award from AV Comparatives

AVAST Software received the highest ADVANCED+ Award Certification in the latest published independent tests by Anti-Virus Comparatives. The awarded avast! Free Antivirus 7.0 was the only free antivirus solution to achieve this result, competing among traditional paid-for antivirus tools.

AV Comparatives awards the certification based on a combination of high detection score and avoidance of so-called False Positives. “We did very well in both categories,” said Vincent Steckler, CEO of AVAST Software.  “I’m pleased to say that since 2010, when we decided to submit our free version to compete against the paid solutions, we have achieved the highest award every time but once.”

 

Comments off
October 8th, 2012

Fake “Bad Piggies” infect Google Chrome users

Bad Piggies, the spin-off game to Rovio’s wildly popular Angry Birds, hit the online stores last week, and following in its sizable wake were fake versions designed to install an aggressive adware program into Chrome browsers. Reportedly, over 83,000 Google Chrome users have been infected.

Cybercrooks found a niche because Bad Piggies is only available for Android devices on Google Play (free) or Apple devices ($0.99 for iPhone and $2.99 for iPad) on iTunes. Free versions of Bad Piggies that claimed to be from the creators of Angry Birds appeared on the Chrome web store shortly after the release. The top 3 listed are called Bad Piggies, but they are from different companies; padeba, gametc.com, and the HD version from HitsGames. They have over 13,000 downloads.

Reviews of the games reveal the anger and disappointment of Rovio fans. Read more…

October 8th, 2012

Russian Odnoklassniki spamming

Recently, we’ve noticed that there are too many legitimate domains popping up in our url filters with malware. At first we thought we had a huge false-positive (FP) problem, but after analysis we found a pattern.

All of the referring links came from the Russian Odnoklassniki server, which is a quite-popular Russian social network. Users of that network are getting fake messages with links to photos.

Read more…

October 5th, 2012

Let’s Also Make This Cybersecurity *Policy* Awareness Month

As we have recently mentioned on our blog, October is National Cyber Security Awareness Month. And I’m sure we will post more to raise awareness of the risks you personally face, the risks to the institutions you do business with, and to the government itself.

Today, though, I want you to start to broaden your outlook on this issue. While you are getting acquainted with new threats like nation-state funded attacks, cyber-terrorism, and hactivism, I’d also ask you to look at some of the things our legislatures have been proposing in the name of cybersecurity. This includes early efforts to protect critical industry sectors our energy grid or banking systems against cyberattack, and requirements that we move beyond passwords when we access Web sites where we perform transactions or access personal data. As all these initiatives come with costs, none have universal support. But some cybersecurity proposals have generated more controversy than others, including: like the SOPA and PIPA bills that coddled the media industry by conflating digital piracy with cybersecurity and whose proposed remedies would have create a regime of censorship, or the federal development and control of a so-called “Internet Kill Switch“.

There will continue to be a lot going on here legislatively, and anything that changes the government’s role in the Internet will affect you as well. So let’s make also do our job as responsible, informed citizens. Let’s make October National Cybersecurity Policy Awareness Month. Let’s get educated, and involved.

 

October 5th, 2012

Facebook charging for basic membership?

You ever heard the Peter Allen song “Everything old is new again?” Just like the Stranded Traveler scam that gets tweaked slightly as it makes its way through cyberspace, a recycled Facebook hoax is appearing on walls lately.

Viral status updates claiming that Facebook will start charging membership fees because of the new profile changes may have passed through your wall in the last week or so. The newest  variant is a claim that Facebook is moving to a “price grid” costing as much as $9.99 per month for a “Gold” membership. The message encourages users to copy and paste the message and share with friends before midnight. Other variations warn that your account will be deleted if you do not pay and that your fee will increase, depending on the number of friends you have, messages posted and sent, and pictures/videos/ games put on a user’s page.  The monthly fee will be capped at $50.00 per month at the high-end. Just to be clear – this is a hoax.

 

When in doubt, throw it out: Links on your Facebook wall, email, tweets, posts, and online advertising are often the way cybercriminals compromise your computer. If it looks suspicious, even if you know the source, it’s best to delete or if appropriate, mark as junk email.

Avast Software is proud to be a champion that supports National Cyber Security Awareness Month with news and tips on how, together, we can make a safer digital society.

Categories: Uncategorized Tags:
October 4th, 2012

“Stranded Traveler” scam still going strong

source: http://abcnews.go.com

It mostly happens in London, but I have seen it happen in Manila and Madrid too. My friends seem to travel a lot, and according to the tear-drenched emails, they have a tendency to get mugged. You might have seen it too – the “Stranded Traveler” message from a friend that goes something like this:

I’m writing this email with tears in my eyes, I came down to London for a program unfortunately, i was mugged at the park of the hotel where i stayed, all cash, credit and cell were stolen off me but  luckily for me i still have my passport with me, I have no access to my account. I have been to the embassy and the police here but they are not helping issue at all and my flight leaves tomorrow night but i am having problems settling the hotel bills and the hotel manager won’t let me leave until i settle the bills. Am freaked out at the moment. I need about 2,250 pounds or any amount you can lend me to sort-out the bills, i will refund you as soon as i get back home.

I remember the first time I saw the message. It alarmed me with its urgency, and I felt compelled to help my friend get out of the mess. Questions about how to wire money to her darted through my mind. But then I remembered that I had just seen her post something on Facebook hours before, and she was most definitely not in London getting mugged.

Here’s what happened: Cybercrooks hacked into my friend’s  Facebook and Yahoo accounts. They stole her identity, address books, changed her passwords, then sent out a message to all of her contacts using her email address.

This scam has happened so frequently, and there have been so many complaints, that the FBI issued a warning – over 2 years ago! Amazingly, the scam is still making its way through cyberspace (our CEO received one the other day), and the FBI says that they now have about 150,000 complaints on file. ABC’s Nightline actually answered one of the emails this summer and tracked what happened next. Read their account and watch the video here.

To avoid being a victim of this scam

  • Secure your passwords on all your email and social media accounts. If you have lots of user names and passwords to remember, you might like a password management system like avast! EasyPass.
  • Avoid clicking attachments in unknown emails.
  • If you get an email like this, call your friend to verify the authenticity of the message.
  • Scam victims should file a complaint with the FBI at www.ic3.gov.
Categories: General Tags: , ,
Comments off
October 4th, 2012

Avast! Mobile Security protects against USSD attacks

Last week we told you in the avast! blog about the nasty attack against Android smartphones which could lock the SIM cards or completely wipe all of the data and reset to factory settings. We are pleased to confirm that the newest update of avast! Free Mobile Security protects against USSD attacks, without having to install additional tools.

“The benefit of our solution is that we do not require the user to install an additional tool, as the newest update of avast! Mobile Security already contains the protection,” said Reinhold Holzner, Managing Director of AVAST Software Austria. “All you need to do is to accept the program update on your smartphone.”

Avast! Free Mobile Security is a full-featured anti-theft and anti-malware app for Android smartphones and devices. With special “stealth” and remote-access features, including lock, wipe and siren, as well as an abundance of remote text commands, smartphone users are protected against the loss or misuse of their device.

Avast! Free Mobile Security is completely free and available through Google play. Protect your devices now, and please tell a friend about it too.

October 3rd, 2012

STOP. THINK. CONNECT.

Avast Software is proud to be a champion that supports National Cyber Security Awareness Month with news and tips on how, together, we can make a safer digital society.

One-fourth of Americans victims of data breach

A survey by the National Cyber Security Alliance found that twenty-six percent of Americans have been told their personal information, such as password or credit card number, may have been exposed by a data breach. Almost 100% agree that a safe and secure Internet is crucial to economic security and they do not feel completely safe from viruses, malware and hackers. But the same survey found that 64% said they have never installed security software or apps to protect against viruses or malware!

Cybersecurity begins with STOP. THINK. CONNECT. These three simple steps are the starting point for staying safer and more secure online.

  • STOP: Before you use the Internet, take time to understand the risks and learn how to spot potential problems. An obvious step is to install antivirus protection. We suggest avast! Free Antivirus.
  • THINK:  Take a moment to be certain the digital path ahead is clear. Watch for warning signs and consider how your online actions could impact your safety or your family’s. Avast! WebRep can help you determine if a website is trustworthy, for example.
  • CONNECT:  Enjoy the Internet with greater confidence, knowing you’ve taken the right steps to safeguard yourself and your computer.
Categories: Uncategorized Tags:
October 3rd, 2012

Will major banks continue to be victims of DDoS attacks?

source: http://newsone.com

See update below

For the past three Tuesday mornings, DDoS (distributed denial of service) attacks have caused online outages at major U.S. banks, including Bank of America, Chase, Wells Fargo, U.S. Bank and PNC. The attacks end by Friday afternoons. A DDoS attack causes the site or service to be temporarily unavailable by flooding the targeted website with traffic until the site’s servers are overloaded. Yesterday, customers started reporting on SiteDown that they were having trouble accessing the Wells Fargo and Bank of America websites.

The banks that experienced outages have confirmed that no sensitive financial information or personally identifiable information about customers was exposed, supposedly because the attacks were motivated by politics, not fraud.

A hacktivist group called “Cyber fighters of Izz ad-din Al qassam” are taking credit for the attacks, but experts  say that this group has not historically been affiliated with hacktivism. The variety and scale of the attacks have experts doubting that the group was involved, citing the massive bandwidth used in the attacks.

Collaboration among banking institutions, online-banking platform providers, other vendors, industry associations and the government, has been stronger than ever because of these attacks, reports BankInfoSecurity. “There definitely seems to be more of a community effort for the first time here to address this issue. And now we are seeing a real-life situation where we’ve had to pull together and be prepared,” says a security and fraud executive at a $4 billion banking institution in the U.S. who wishes to remain unidentified.

Early warnings about attacks aimed at these institutions were issued by the FBI and the FS-ISAC benefiting the entire industry. However, there is criticism that banks have not done enough to communicate with consumers about what is causing the outages. They might be legally barred from releasing details, however, since an ongoing investigation is in progress. The best you can expect is a “Sorry for the inconvenience.”

At this point it doesn’t appear that the DDoS attacks put your money in danger besides being unable to access your account for periods of time. Once you can access your bank’s website, check the security of your account. For those of you wanting to take precautions when conducting online financial transactions, Avast offers extra protection to keep your transactions private.  Avast! SafeZone (available in avast! Pro Antivirus and avast! Internet Security) creates full desktop isolation so that other applications don’t see what’s happening – perfect for secure banking or online shopping– and leaves no traces once it’s closed. Check out the Deal of the Week for savings on our premium protection.

Update, October 12: Regions Bank was attacked today and Capital One and SunTrust were hit earlier this week. Izz ad-din Al qassam, the group taking credit for the attacks, warned about them in advance, saying it expects to spend the weekend developing plans for more attacks next week. The group claim the reason behind all this mischief is because of a YouTube movie trailer believed by the group to be anti-Islam. If the group repeats their established pattern, banks could expect more attacks next Tuesday, Oct. 16. No fraud activity has been reported by the banks.

Comments off