Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘General’ Category
July 23rd, 2014

Should small and medium-sized businesses be worried about PoS attacks?

Customers are vulnerable at the moment of purchase.

Most U.S. merchants cannot detect fraud at the point of sale.

One of the most dangerous places in America is your local retailer. Before you leave the building with your purchases, you run the risk of having your identity stolen.

No doubt you recall the 2013 security breaches at Target, Michael’s, and Neiman Marcus where millions of records were compromised by Point-of-Sale (PoS) attacks. PoS occurs when the customer makes a payment to the merchant. That last exchange is the most vulnerable.

Large retail merchants lead the list by 50% of organizations where consumers’ data was compromised in 2013, followed by credit card issuers and consumer banks, according to the #DataInsecurity Report done by the National Consumers League, in cooperation with Javelin Strategy & Research. The #DataInsecurity Report also revealed that 61% of data breach victims reported the breached information was used to commit fraud against them.

This should not come as a surprise. According to the Nilson Report, approximately $4 trillion dollars was paid with credit, debit, and prepaid cards in the U.S. last year. Add to that the ready availability of code to execute PoS attacks available on underground forums and you have the perfect storm of a large victim pool for cybercriminals. The U.S. is an easy target since EMV cards (cards with chips embedded) have not been widely adopted. EMV, conceived between Europay, MasterCard and Visa, is a standard securing payments in other countries.

Cybercriminals don’t care about the size of your business

U.S. banks are slow to upgrade to "Smart cards" with embedded chips

U.S. banks are slow to upgrade to “Smart cards” with embedded chips.

Although most of the PoS attacks highlighted in the media were against large retailers, cybercrooks don’t care how large or small your business is. You would think they would, but cybercriminals are more interested in raking in the money rather than caring about the fame they could possibly receive from attacking a large and popular business. Regardless of its size, if your business has a PoS system to charge customers for products or services, you should be protecting your system to save yourself from a possible attack. PoS attacks not only steal valuable customer information, they can damage your business’s reputation.

The #DataInsecurity Report shows that only 10% of retail fraud victims are confident that retailers can protect their information in the future.

How PoS attacks work

The biggest PoS Trojans, like Dexter, BlackPOS, Minerva, and vSkimmer, have targeted systems and networks running Windows. Read more…

July 21st, 2014

avast! is nominated the best antivirus for Windows by Lifehacker

avast! Free Antivirus was nominated by Lifehacker users as one of the best desktop applications.

avast! Free Antivirus

Lifehacker is a well-known site for its “Tips, tricks, and downloads for getting things done.” When the subject is to get protected and install an antivirus, they picked up avast! Free Antivirus and, now, last Sunday, avast! was picked again as one of the Top 5.

“It’s our pick as the best…it’s fast, lightweight,…”, says Lifehacker.

When expert people say something is the best, it is always due to a combination of factors and it varies (a lot!) among users. Lifehacker asked their users to point out where avast! excels and what they miss in the competition. They say they are confident of choosing avast! due to a lot of points.

Users  commented on the high level of usability and that it fits for common users, but doesn’t lack advanced settings for the geeky ones. If you want it, avast! has a high level of customization, fitting well for all needs, from gamers to your grandma!

“A fairly simple interface from which you can scan your computer, see statistics, update definitions, and more.”

Voters appreciate avast’s many features: Scans files, email, URLs, P2P programs, and more for malware. Automatic updates happen as soon as the virus database or program changes. In fact, the streaming updates are released each 4 minutes!

“It updates quietly in the background without fuss.”

“A plethora of on-access scanning and protection tools,” (some of which you may not want, but can be easily managed during the installation process.)

Silent mode where you can disable any and all notifications and warnings to keep performance slim and trim.”

“Others highlighted specific features, like avast!’s screensaver scan, where the application only kicks in when you’re away from the computer or the system is idle.”

Low system impact is a major consideration when choosing antivirus protection:

“avast! may be simpler and lighter weight than most other programs out there”

“The app itself is relatively resource light — you may not even notice it’s there”.

A few users highlighted the fact that avast! is cross-platform, and available for multiple operating systems.

LifeHacker says, “We personally don’t think paid antivirus are necessary in a home setting, especially if you use good browsing habits.”

And the #1 reason people choose avast! Free Antivirus?

“Best of all, it’s completely free.”

What are you waiting for? Install these avast! security products on your devices.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

July 18th, 2014

Spearphishing scams hope you’ll take the bait

avast! Internet Security protects you from phishing and email scamsYesterday on our blog, avast! Virus Lab researcher Jaromir Horejsi, explained a banking Trojan called Tinba. The cybercrooks behind Tinba use a social engineering technique called spearfishing to target its victims.

You have probably heard about email scams that use phishing. This classic technique uses authentic-looking emails to lure the victims to fake websites, then trick them into revealing personal information. Also this week, we told you about an email that AVAST evangelist, Bob G. received claiming that he won money in a World Cup lottery. The cybercrooks behind that scam cast a wide net, hoping to catch a few people then ask them to provide banking information so they could deliver the prize.

Other high profile phishing attempts, like the DHL email scam that ran last Christmas, preyed on the anxiety of the holidays. An email that looks like the real thing was sent, offering all sorts of urgent and legitimate-sounding explanations as to why they need your personal data. It’s not hard to understand why busy people can be fooled.

Spearphishing is similar in every way except that the net is drawn in much tighter. The FBI says that cybercrooks target select groups of people with something in common—they work at the same company, bank at the same financial institution, attend the same college, order merchandise from the same website, etc. The emails are seemingly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive. This is what is happening with the Tinba Trojan right now in Czech Republic.

In both social engineering schemes, once the victim clicks, they are led to a phony but realistic-looking website, where they are asked to provide passwords, account numbers, user IDs, access codes, PINs, etc.

How to avoid becoming a spear phishing victim

  • Most companies, banks, agencies, etc., don’t request personal information via e-mail.
  • If in doubt, give them a call (but don’t use the phone number contained in the e-mail—that’s usually phony as well).
  • Use a phishing filter. Both avast! Internet Security and avast! Premier include anti-spam filters to detect phishing and scam emails.
  • Never follow a link to a secure site from an email; always enter the URL manually.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 15th, 2014

AVAST evangelist allegedly wins World Cup 2014 Lottery

AVAST evangelist Bob G. received a notification in the mail yesterday from, of all organizations, FIFA! How nice! Only hours after Germany earned the title of World Cup 2014 champs and was awarded with a grand trophy, Bob was also promised a reward of prize money.

Too bad, it’s a scam.

Email scams like this are a form of social engineering designed to trick people into giving away vital personal information. The email generally informs the recipient that they have been selected as lottery prize winners and have won substantial sums of money. Recipients are then persuaded to submit personal information or to part with money as an upfront payment, or forward money to enable them to enter the tender process.

Since Bob is aware of these types of scams, instead of falling for it, he made a video to inform all avast! users. Here it is.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off
July 14th, 2014

Common passwords inspire uncommon dress

password dress

Lorrie Cranor models her famous Password dress in front of the “Security Blanket” quilt.

Weak passwords make for creative design.

If you use 123456 or password as your password, you may as well wear it for all to see. It’s THAT easy to crack.

To illustrate this point, Lorrie Cranor, quilt artist, and oh yeah,  director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University, designed fabric based on the extensive research she and her students conducted on the weaknesses of text-based passwords. The quilt she made is aptly named “The Security Blanket,” and is designed from a word cloud of the 1,000 most commonly found passwords from the 2010 RockYou.com hack. Professor Cranor made a Password dress to go with the password quilt. The fabric is available for purchase from Spoonflower.

Iloveyou, you little monkey

The most popular password, 123456, forms a backdrop across the whole quilt. But what intrigued Cranor was not the “the obvious lazy choices,” but what else people choose as passwords. She went through the list and organized the passwords into themes. Many passwords fell into multiple themes, so she tried to think like a RockYou user and extract some meaning from their choices.

Love is a strong theme, and the research found that love-themed words make up the majority of non-numeric passwords. Iloveyou in English and other languages is common. The names of pets are common, and Princess showed up in the top 1,000 and simultaneously on lists of popular pet names. Chocolate is the most frequent of the food-related passwords, with chicken and banana(s) coming up often.

Chicken was a surprise to me, as was monkey, the 14th most popular password. Could RockYou users have an affinity for monkeys because of a game, or do they just like monkeys? Is it related to bananas? Do gamers eat more bananas?

Some things we’ll just have to speculate about…

Swear words, insults, and adult language showed up in the top 1000 passwords, “but impolite passwords are much less prevalent than the more tender love-related words,” wrote Cranor in her blog.

Numbers are even better. Three times as many people chose 123456 over password, and 12345 and 123456789 were also more popular choices. It seems that when required to use a number in a password, people overwhelmingly pick the same number, or always use the number in the same location in their passwords.

Top 10 worst passwords

Security developer SplashData published the Worst Passwords of 2013. Check the list to see if you use any of these:

Rank Password Change from 2012
1 123456 Up 1
2 password Down 1
3 12345678 Unchanged
4 qwerty Up 1
5 abc123 Down 1
6 123456789 New
7 111111 Up 2
8 1234567 Up 5
9 iloveyou Up 2
10 adobe123 New

Tips and tricks

1. Use a random collection of letters (uppercase and lowercase), numbers and symbols

2. Make it 8 characters or longer

3. Create a unique password for every account

Read more from the AVAST blog

Do you hate updating your passwords whenever there’s a new hack?

Are hackers’ passwords stronger than regular passwords?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off
July 8th, 2014

Tens of thousands of Americans sell themselves online every day

The Internet has become a virtual flea market, with online consumer-to-consumer sites like Amazon, eBay, and Craigslist selling millions of products every day. Used smartphones are a popular sales item on eBay – more than 80,000 people list their phones for sale each day. It seems like a smart way to make some extra money, but AVAST has found out that many fail to protect their identity in the process. 

AVAST recovers an abundance of personal data from used smartphones 

Most sellers delete all of their personal data prior to selling their used devices… or so they think. We purchased 20 used Android phones off eBay and used simple and easily available recovery software to restore deleted files. The amount of data we were able to retrieve was astonishing and proves that simply deleting is not enough.

Our analysts found the following:

  • More than 40,000 stored photosUsed Smartphones for Sale
  • More than 1,500 family photos of children
  • More than 750 photos of women in various stages of undress
  • More than 250 selfies of what appear to be the previous owner’s manhood
  • More than 1,000 Google searches
  • More than 750 emails and text messages
  • More than 250 contact names and email addresses
  • Four previous owners’ identities
  • One completed loan application

One phone even had a competitor’s security software installed, but unfortunately it did not help the former owner as it revealed the most personal information out of all the phones we analyzed. 

No one cares about my old photos, messages and Google searches, right?

Wrong! As the old saying goes, a picture is worth a thousand words. Now add private Facebook messages that include geo-location, Google searches for open job positions in a specific field, media files, and phone contacts. Put all of these pieces together to complete the puzzle and you have a clear picture of who the former smartphone owner was. Stalkers, enemies, and thieves can abuse personal data to stalk, blackmail and steal people’s identities. They can use this information to watch people’s every move, exploit their strange fetishes, open credit cards in their name, or even continue what they started by further selling their personal information online. 

How to permanently delete and overwrite data from your Android phone 

Deleting files from your Android phone before selling it or giving it away is not enough. You need to overwrite your files, making them irretrievable. To do so, install avast! Anti-Theft from the Google Play Store for free. Once you have the app installed, turn on the “thorough wipe” feature within the app. You will then need to create a my.avast account to connect to the phone (this allows users to remotely wipe their phones in theft cases as well). The final step is to wipe the phone clean, which will delete and overwrite all of your personal data. 

AVAST Used Smartphone Infographic

Read about our investigation:

Android Forensics, Part 1: How we recovered (supposedly) erased data

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 7th, 2014

#AVASTstories shared by the Community

The AVAST community has proven its amazing loyalty and support over and over.  Every day we receive messages from around the world. Your comments - positive and negative -  help us improve our products and services.  Your messages of appreciation for delivering a free antivirus solution prove that we are helping millions of people stay secure, and motivate us   even further. For example, last year we have received a real handwritten letter from 9-year old Polish boy living in Ireland, and just this week, we received a “CV” from young Lucy, who wishes to work for AVAST Software.

Our community also contributes to the success of AVAST. Evangelists help us translate software, and plenty of avast! users volunteer to support others on the avast! forum. Kudos to our Superstars including BobLisandro, and Paulius!

We appreciate your #AVASTstories and are pleased to share some of them here!

 I just changed from Windows Essentials when I rebuilt my system. I love freeware and Avast has protected me from ad-ware and other stuff that escaped my eagle eye. Five stars for Avast free! ~ Sharon L. (Facebook comment) 

Avast all the way, have been using avast for years, and major improvements and step ups over the years just makes avast number 1. I’ve suggested avast to many people, and installed avast on several systems. ~ Morgan N. (Facebook comment)

 

I am using avast for the PC (from 4 years) & smartphone (from 2 years). It’s great and free. I liked it so much, I am gonna purchase the premium version. Thank you avast for the quality products and services.  ~Prashanth K (Google+ comment)

 

 

Keep writing us on here on our blog, our Facebook page, Twitter, Google+, YouTube or LinkedIn.

If you don’t use antivirus protection yet on your PC, Mac or Android device, it is high time to install avast! Antivirus for free.

For Android OS, get avast! Mobile Security & Anti-theft.

For Windows, get avast! Free Antivirus.

For Mac, get avast! Free Antivirus for Mac.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

July 1st, 2014

TextSecure reclassified as a false positive

On occasion, even the most well thought-out systems can break down. In the antivirus business, we try hard to minimize something termed false positive. A false positive is merely a mistake or a false alarm. It happens when your antivirus software erroneously identifies a file or a download as being malicious.

The AVAST Virus Lab receives more than 50,000 samples of new potential viruses every single day. There are so many that we cannot look at each individually, so we use techniques with super-techie names like Malware Similarity Search and Evo-Gen.  (These techniques are explained in a previous blog post, New Toy in the Avast Research Lab.) When a file is confirmed as malicious, we add it to our virus database. With this amount of new samples, every now and then a false positive occurs. There is no way to avoid it completely, but we try to limit it and its impact.

Over the weekend, avast! Mobile Security erroneously detected the TextSecure app as a Trojan. TextSecure is an app developed by Open Whisper Systems that protects your privacy by encrypting your text and chat messages, which means that they can only be read by your intended recipients. The AVAST Virus Lab discovered the error, fixed it and sent out an update.

Unfortunately, wires got crossed between our Virus Lab analyst and our social media community manager, and the wrong message was sent to people on Twitter and Facebook who inquired about the detection. You see, at the same time as the TextSecure detection was being reported, another unrelated detection was made, and it was indeed a malicious file. It was a simple case of mistaken identity. Later in the day, we discovered the mistake and followed up by communicating it across AVAST social channels.

AVAST confirms that TextSecure Private Messenger is a genuine and safe application for Android, and contains no malicious scripts. We apologize for the inconvenience caused to TextSecure users and Open Whisper Systems.

Please be assured that AVAST does not intentionally recognize valid software as suspicious. The last thing we want to do is disrupt businesses or our customers. However, to provide maximum protection against genuine virus threats, false positive alerts sometimes arise.

howto2_enHow to report a suspected false positive

If you suspect that AVAST has incorrectly identified a file as suspicious, please submit a report to http://www.avast.com/contact-form.php?subject=VIRUS-FILE. This form will generate an email to our Virus Lab research team, and they will investigate it.

Before you do that, you may want to upload a file or a URL to online virus scanning service VirusTotal. This free online service scans the file against multiple antivirus engines and website scanners at the same time.

TextSecure protects your privacy

The fine developers of the TextSecure app deserve a happy ending, so we want to throw our support behind this innovative app. We developed avast! Mobile Security to protect Android users from malware and theft and have included numerous features to protect the privacy of our users. The TextSecure app takes that further by providing end-to-end encryption when you are communicating with other TextSecure users. It also keeps your messages away from prying eyes if your phone is lost or stolen.

Install TextSecure Private Messenger for free from Google Play. Don’t forget to leave a review and a 5-star rating!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

 

 

June 30th, 2014

Community stories: 10-year old Lucy sent her CV to AVAST!

AVAST is the #1 Best Employer in our home country of Czech Republic. We have a multinational team and offices in Silicon Valley, Austin, Munich, and Hong Kong. Professionals from developers to support specialists to marketers want to join our team.

To make sure they secure a spot with our innovative company, potential employees start early. Today we spotted a Tweet complete with a CV from a future avast! Virus Lab researcher:

Lucy, we are waiting for you to graduate and join our team!

We are waiting for you, too! If you are creative like Lucy and smart like her virus-fighting Dad, looking for the adventure of a lifetime in one of the world’s most beautiful cities, and have a killer skillset, then check out the AVAST Careers page.

Here’s what it’s like to work at AVAST.


 

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

June 26th, 2014

12 angry minions

avast! GrimeFighter is one of the most popular new products among AVAST users.

However, many of you still don’t know the benefits of it or what avast! GrimeFighter does. Therefore we have prepared a series of articles with a “movie theme” to show you the functionality of our Grime-fighting minions! The first one, Learn everything you always wanted to know about avast! GrimeFighter, but were afraid to ask!, gave you an overview of product functionality. Now let’s dig a bit deeper into the subject.

12 Angry minions.

The Grime Fighter crew work together towards one goal: Cleaning and optimizing your PCs performance. They have no mercy for temporary and unwanted files and apps, including ‘bloatware’ and ‘crapware’. This is a very complicated task, therefore our 12 Angry minions analyze each element in depth before deleting anything that is actually important to you. This influences the time of the cleaning process (it takes up to 4 hours depending on the initial state of your PC), but also ensures results: A more efficient and faster machine. Although our minions make it look easy and entertaining, cleaning Grime so thoroughly is a complex task!
avast! GrimeFighter optimizes your PC better than other products.

For the same reason each minion has it’s specialization and focus on different tasks:

OFFICER PETE is head of the GrimeFighter team.

KOBAYASHI sneaks up on malware to eliminate it from your PC.

NIKITA specializes in cleaning and maintaining your web browser.

DALE JUMPSHOT JR. focuses on removing crapware and bloatware to speed up Windows load time.

BEEF strengthens the security of your applications.

TORQUE tuns up and optimizes Windows services and settings.

SIR JEFFREY investigates and analyzes your PC hardware components.

MARIO analyzes your network connection for security and speed.

DR. LIZA analyzes and classifies all of the stuff on your hard drive.

ZILCH takes out the trash on your PC to free up your drive space.

MAXIMUS analyzes and researches the newest hacking trends the instant they emerge, and  last but not least HOLMES focuses on your privacy settings.

The avast! Minions perform deep analysis, by booting your PC into Linux to identify Grime and clean every corner of your PC. Some forms of Grime are hard to remove when Windows is running, but can’t hide when we sedate your computer. Unwanted files and apps go by many names, including ‘bloatware’, ‘crapware’, and sometimes even half-jokingly using the name ‘virus.’ We define all of these as ‘Grime.’ The image below visualize Minions in action. 

Minions in actions

 

To summarize: Computer users can download avast! GrimeFighter’s scan tool to have their PC examined for free. It finds anything that slows the PC. If users then want to clean their PCs, they may buy their own GrimeFighter license, to purge Grime from the PC. GrimeFighter’s minions do all the maintenance work… while you surf the web or sip a cup a tea. For more information, please visit our website.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.