Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘General’ Category
September 16th, 2014

‘Win iPhone 6’ scams fool Facebook users, pad scammers pockets

It only took Apple 24 hours to get 4 million pre-orders of the new iPhone 6, and scammers were right there with them to cash in.

FB iPhone 6 scam

This example of a like-harvesting scam page promises an iPhone 6 giveaway.

In the newest iteration of a scam used every time a new product is launched with fanfare, Facebook pages have been popping up claiming that people who like, share, and comment on a post can win an iPhone 6.

This type of scam is referred to as like-harvesting. The scammer makes the page popular by collecting likes and then sells the page to other scammers. The offer of a new device, like the iPhone 6, entices people to click the like button then spam their friends with the bogus promotion. Thousands of likes can accumulate within a few hours, making the page quite valuable on the black market. The new owner rebrands it to peddle more questionable products and services with their built-in audience.

A variation on this scam is the Survey Scam. As with like-harvesting, you must first like the Facebook page. The difference is that you need to also share a link with your Facebook friends.

This link takes you to a page where you are instructed to download a “Participation Application.” Generally, a pop-up window leads you to participate in a survey before you can download the application. Some surveys will ask for personal information like your mobile phone number or name and address. If you provide those details, you open yourself up to expensive text-messaging services, annoying phone calls, and junk mail. In some cases, the download contains malicious code. The only thing you can be guaranteed not to get is an iPhone 6! Meanwhile, the scammer earns money for every survey through an affiliate marketing scheme.

What to do if you liked a ‘Win iPhone 6′ page

If you fell for the scam, then learn from it and don’t do it again! Make sure you unlike the page, delete comments that you made, and remove the post from your news feed. You may also want to alert your friends to the scams, so they don’t fall for it.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

September 15th, 2014

Tiny Banker Trojan targets customers of major banks worldwide

The Tinba Trojan aka Tiny Banker targeted Czech bank customers this summer; now it’s gone global.

After an analysis of a payload distributed by Rig Exploit kit, the AVAST Virus Lab identified a payload as Tinba Banker. This Trojan targets a large scope of banks like Bank of America, ING Direct, and HSBC.

 hsbc_bank

In comparison with our previous blogpost, Tinybanker Trojan targets banking customers, this variant has some differences,  which we will describe later.

How does Tiny Banker work?

  1. 1. The user visits a website infected with the Rig Exploit kit (Flash or Silverlight exploit).
  2. 2. If the user’s system is vulnerable, the exploit executes a malicious code that downloads and executes the malware payload, Tinba Trojan.
  3. 3. When the computer is infected and the user tries to log in to one of the targeted banks, webinjects come into effect and the victim is asked to fill out a form with his/her personal data.
  4. 4. If he/she confirms the form, the data is sent to the attackers. This includes credit card information, address, social security number, etc. An interesting field is “Mother’s Maiden Name”, which is often used as a security question to reset a password.

Read more…

Comments off
September 12th, 2014

AVAST invites you to the WebExpo 2014 in Prague!

WebExpo_EN

WebExpo is the largest Central European conference focused on topics related to the digital world. Among many topics, this year’s focus is security and big data. AVAST Software is not only a proud general sponsor of this event, but also an active participant.

One weekend, over 1,400 online professionals, presentations, workshops, and lots of fun.

WebExpo is a great networking and knowledge exchanging opportunity, and those here in Prague will get a chance to meet AVAST experts from various areas. You can meet the AVAST team at our booth, as well as on the stage. The AVAST booth is located at CEVRO Institut. 

Our team plans some fun for you at the booth, including testing new revolutionary glasses Oculus Rift – virtual reality headset for 3D gaming, and Android Wear. UX experts can try Card Sorting. For the most active expo-goers we will have prizes, so stop by to play and say Ahoy! :)

For the less technically-oriented, we also offer some fun and prizes. If you spot someone wearing an AVAST T-shirt, grab a selfie with this person and post it on Twitter or Instagram with the hashtag #AVASTselfie.  Come to our booth and show us the tweet or instagram post and you will receive a 1-year free license of avast! Premium Mobile Security!

The best part of WebExpo is all the knowledge sharing from AVAST specialists. Here is a list of our colleagues and the topics they will be presenting:

If you can’t attend personally, we have good news for you. Our team will be commenting during the event on social media, so you can join the conversation by following our accounts and special hashtags. Follow us at Twitter and Instagram at

or follow comments with hashes:

  • #AVASTdevs
  • #AVASTbooth
  • #webExpo
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.
Categories: General Tags: , ,
Comments off
September 11th, 2014

Leave your credit cards at home; Apple Pay lets you buy things with your phone

source: CNET.com

In the wake of the Target, and now Home Depot, security breaches, Apple Pay wants to provide a safer way to make a purchase.

Nestled in-between this week’s announcements of the iPhone 6 and the Apple Watch, Apple CEO Tim Cook announced a new mobile payment system called Apple Pay. New iPhone and Apple Watch owners can leave their credit and debit cards at home because the devices come with a chip that lets them tap-to-pay at major retailers.

When you are in one of 220,000 participating stores, like McDonald’s, Walgreens, Disney, or Macy’s, you use the magic of near-field communication (NFC) to hold your phone by a terminal to pay. It also requires that you place your finger over a sensor to verify your fingerprint. The Apple Watch works the same way, without the added security of the fingerprint, and syncs to your iPhone 5, iPhone 5c, and iPhone 5s. The payment system will work with American Express, Mastercard, and Visa.

Sounds pretty good. But, Google Wallet, PayPal and other NFC systems have failed to really take off; will Apple give us a better way? I asked mobile malware analyst Filip Chytrý to share his thoughts about the security of Apple Pay.

Deborah: From a security perspective, what do you think about Apple Pay?

Filip: I have some concerns. Communications between your device or watch is through Bluetooth, and we have already seen many incidences of intercepted communication between two devices using a man-in-the-middle attack. Generally, anytime you use a pay system there is communication between the phone or watch over Bluetooth. This communication works over a much longer distance than NFC, so payment interception would be easier.

Deborah: I understand the convenience of paying with Apple Pay, but how is this more secure than paying with a credit card? Read more…

Categories: General, Technology Tags: , ,
Comments off
September 3rd, 2014

Survey shows the person you trust the most may be spying on you

People expect that they are being watched online in cyberspace, but who would expect to be spied on by the people closest to them? You better watch out – your partner may be spying on you more than the NSA: One in five men and one in four women admitted to checking their partner’s smartphone in a survey with 13,132 respondents conducted by AVAST in the United States.

shutterstock_198273875

Playing detective

The survey found that while the majority of women check their partner’s device because they are nosey, a quarter of married women suspect their spouse is cheating on them and want to find evidence.

Married women are not the only ones who suspect their partner is cheating on them. The reason why most men pry on their partner is because they too are afraid their better half is being unfaithful and want to confirm their suspicions – especially if the relationship is fresh.

Caught red handed

One may think that people who snoop on their significant other to find evidence of cheating or lying are being paranoid. Unfortunately, the majority of them are not paranoid–their gut feeling is often correct. Seven out of ten women and more than half of men who turn to their partner’s device to find proof their partner is deceiving them, have found evidence. Which of the two sexes is more likely to confront their partner regarding their findings? Women. The survey revealed that women are 20% more likely than men to confront their partner with the facts.

“Picking” the mobile lock

Cracking their partner’s device passcode wasn’t necessary for the greater number of snoopers. A shockingly high percentage of respondents claimed they didn’t need a passcode to gain entry to their significant other’s device. Women did, however, have an easier time with 41% reporting their partner’s device did not have a passcode compared to the 33% of men. Coming in at a high second, both male and female respondents claimed to know their partner’s device passcode because their partner had shared it with them in the past, unknowingly setting themselves up to get caught. Read more…

Categories: General Tags: , ,
Comments off
August 28th, 2014

Bad news for SMBs: Target’s “Backoff” malware attack hits 1,000 more businesses

PoS attacks

avast! Endpoint Protection can protect your network

U.S. merchants advised to protect themselves against same PoS hack that hit Target and Neiman Marcus last year.

More than 1,000 U.S. businesses have had their systems infected by Backoff, a point-of-sale (PoS) malware that was linked to the remote-access attacks against Target, Michaels, and P.F. Chang’s last year and more recently, UPS and Dairy Queen. In the Target breach alone, 40 million credit and debit cards were stolen, along with 70 million records which included the name, address, email address, and phone number of Target shoppers.

The way these breaches occur is laid out in BACKOFF: New Point of Sale Malware, a new U.S. Department of Homeland Security (DHS) report. Investigations reveal that cybercrooks use readily available tools to identify businesses that use remote desktop applications which allow a user to connect to a computer from a remote location. The Target breach began with stolen login credentials from the air-conditioning repairman.

Once the business is identified, the hackers use brute force to break into the login feature of the remote desktop solution. After gaining access to administrator or privileged access accounts, the cybercrooks are then able to deploy the PoS malware and steal consumer payment data. If that’s not enough, most versions of Backoff have keylogging functionality and can also upload discovered data, update the malware, download/execute further malware, and uninstall the malware.

General steps SMBs and consumers can take to protect themselves

  • You should use a proper security solution, like avast! Endpoint Protection, to protect your network from hacking tools, malicious modules, and from hackers using exploits as a gateway to insert malware into your network.
  • Regularly monitor your bank and credit card statements to make sure all the transactions are legitimate.
  • Change default and staff passwords controlling access to key payment systems and applications. Our blog post, Do you hate updating your passwords whenever there’s a new hack?, has some tips.
  • Monitor your credit report for any changes. You’re entitled to one free report per year from each of the three reporting agencies.

Read more…

Comments off
August 26th, 2014

U.S. schools give an F to 2014-15 IT budget

AVAST Free For Education saves school IT money

AVAST Free for Education protects schools while significantly decreasing IT costs for security.

The beginning of the 2014/2015 school year is here. Parents and children are ready after a long summer break, but are schools prepared for the start of the new academic year?

AVAST surveyed more than 900 school IT professionals who participate in the AVAST Free for Education program and found that in terms of technology, schools are not as well equipped as parents expect.

  • 8 out of every 10 schools surveyed by AVAST said they do not feel they have adequate funding to keep up-to-date with technologies
  • 1 out of 5 schools still run Windows XP, and 12% of these schools said they do not intend to upgrade the unsupported operating system

Failing to upgrade to the most up-to-date software not only makes machines vulnerable to attacks, but also hinders the amount of programs that can be used by teachers and students. Keeping up with the most current technology is vital, as it has become ubiquitous in daily life, making it a valuable skill for children to have for the future. Despite technology’s important place in education,

  • 4 out of 10 school’s IT budgets are slashed for the upcoming school year
  • More than a quarter of schools have a $0 IT budget for this year

Technology in schools is not limited to instruction. Sensitive information about faculty, staff, and students is stored on administrative computers. This information needs to be protected from cybercriminals, which is difficult for schools with little to no IT budget. Schools without adequate protection put local families, faculty, and expensive hardware at risk.

AVAST Free for Education helps schools by providing them with enterprise-grade antivirus protection for free, saving school districts an average of $14,285 a year. The AVAST Free for Education program saves school IT departments money they can spend on software and hardware upgrades or use for supplies and salaries.

EDU infograph August 2014

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off
August 9th, 2014

Our pressing need for ‘now’ does not translate to a want for security breaches

instant-gratificationRecode is running a series leading from its “I want it now” piece about people who have grown accustomed to having their desires met on a whim through the aid of savvy entrepreneurs and tech innovators eager to cash in.

We can all relate to “I want it now”.

I feel myself growing impatient in coffee shops when someone has found a spot to connect their laptops or mobile devices to power points – and I have not. As we often spend hours in the one coffee shop sipping from the same latte we ordered more than an hour ago, it’s inevitable from time to time that we’ll want to check our personal affairs.

What’s happening on facebook? I should message my friend. Let’s browse my favorite news and music sites – that concert looks good, I think I’ll buy a ticket. What, my credit card has been rejected? Best do some online banking.

This type of activity in public spaces can be open playing field for the ill-intentioned: The hacker or the “steal your data” money or identity thief.

We would all agree the “I want it now” mentality does not include: ‘I want’ cyber snoops and criminals ‘now’.

We’ve heard the warnings about our mobile devices – the smartphone is a walking computer in your back pocket, and yet one that can easily be lost or stolen. The plethora of text messages, contact lists, photos, online search history – all this information can be found and used against us if it falls into the wrong hands – even when wiped (as our recent blogpost shows).

Hackers are also targeting our mobile devices with malicious malware. Read more…

Comments off
August 7th, 2014

Russian hackers steal 1 billion passwords – now what?

Change your passwords every six months or after news of a breach

Change your passwords every six months or after news of a breach

Reports on “the biggest hack ever” recently surfaced. A Russian hacker group allegedly captured 1.2 billion unique username and password combinations.

With this latest security breach, AVAST encourages consumers to take necessary precautions. Change your passwords immediately and if you’re using the same password somewhere else, you must change it there, too. Choose complex passwords so it will be more difficult for hackers to de-encrypt them. In general, we recommend changing passwords every three to six months, or after news of a breach.

A password manager like avast! EasyPass helps encrypt and protect personal information online, with random, strong passwords. avast! Easy Pass generates complex passwords and removes the inconvenience of having to remember them.

If financial and credit card data is compromised in an online threat, AVAST advises users to monitor and check their accounts for unauthorized charges and to immediately report any suspicious activities to their bank or card provider.

Interested in reading more?

Try our articles on creating strong passwords:  Do you hate updating your passwords whenever there’s a new hack? and My password was stolen. What do I do now?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

August 6th, 2014

How to find the right avast! customer care option for you

howto2_enAVAST has built a business out of protecting people and their devices from cyberthreats for 25 years. In fact, nearly 220 million PCs, Macs, and Androids are entrusted to our safe-keeping. Our goal is to keep our customers safe, so if you ever need assistance with an avast! security product, we are available to help you. Whether you like to do-it-yourself or if you need someone to talk you through it, there are several ways that we provide customer care and satisfaction.

The support page on our website is the place to start.

For the do-it-yourselfers

FAQs

If you want to better understand how avast! products work, then visit our Frequently Asked Questions (FAQs) to find quick answers for yourself. There are guides to our antivirus products for computers and mobile devices, plus FAQs for our business products and programs such as avast! GrimeFighter.

Videos

The avast! Antivirus channel on YouTube has tutorial videos that show you how to purchase, install, and activate avast! products. The avast! Customer Support playlist has video tips and tricks that will help you when using avast! security products.

If you have a need or suggestion for a video tutorial, let us know in the user comments and we will create it.

Blog

The avast! blog is a good resource for how-to posts along with product news. You can search for your topic or look in the different categories for articles. The blog is available in multiple languages. Just like the videos – if there is something you want us to write about, please let us know.

When you need more help

Community Forum

The avast! Community Forum is frequented by experienced avast! users, developers, product managers, and sometimes even our COO, Ondrej Vlcek. You can search the forum for similar issues to yours or ask a question, even get assistance cleaning malware. This is a great source of information, but remember you are talking to real people, most of them volunteers, so be polite. Read more…