The AVAST forum is one of our largest and most active communities, with more than 300,000 users. The most active people on the forum are called Evangelists. They spend quite a lot of their free time helping and solving issues for our users, not only related to AVAST, but also with overall security. We asked them to share their top tips for keeping your computer and other devices safe from cybercrime while traveling. Let’s go!
1. Use your own devices (mobile phone, laptop, tablet) to go online rather than a public library’s or café’s computers. Some of the new smartphones allow password tethering. Always enable the SSL connection in your online accounts when offered, for example by Facebook, Twitter, and Google. You can enable it in many other sites using special add-ons which encrypt your communications when using Firefox or Chrome.
2. Connect to a VPN when traveling for business to get a secure, encrypted, and anonymous connection. Avoid free VPN due to ads and adwares like mentioned in our previous blog article. AVAST users can subscribe to avast! SecureLine through both free and paid-for versions of avast! Antivirus. If you’re not a continuous traveler, you can go for a single month license. Learn more about VPN and avast! SecureLine, here.
3. Never do your online banking while using a free/open or ad-hoc WiFi connection. To be more secure, remove any insecure/open WiFi connections in your network connections. If you’re on a Mac, take care of any Bonjour discovered items on the public network. It’s also a good practice to setup your own home network with an unique name. Read more…
Many internet users employ simple tricks when they want to find some interesting software or computer game. They type the desired program’s name into the search bar, add the word “download” and hit enter. In most cases, the first few results from the search engine usually belong to free download servers.
I recently followed some of these links to visit the web pages hidden behind the words “free download” and was amazed at the techniques used to manipulate users. It’s not only the advertising pages you are forced to visit the instant you load the page, but if you are not careful, various sorts of malware or adware are installed to your computer without your notice. Let’s take a closer look at the shady practices you can expect from free download servers.
Download what? They really want you to look at the advertising!
On the screenshot below, you see a standard download page, but if you click anywhere else on the page, a large advertising window will pop up in the background. The big DOWNLOAD button on the top part of page will redirect you to another advertising page. The only way to get close to the actual download you want is to click on the gray button named “Slow Speed Download”. After that you must wait 45 seconds. The only reason for the delay is to give you time to think about using premium account for a “High Speed Download” and look at banners. How nice of them…
The next screenshot displays a page where you are supposed to write a CAPTCHA code. CAPTCHA is used to verify that the page visitor is human and not a computer bot seeking information, but in this case the only reason for CAPTCHA is to show you yet another advertising popup window. If you click on the input labeled “Your Answer”, a popup will be displayed automatically. Now we are closer to our desired file download, just not using the traditional way. Let me recap:
- Just ignore the large download button
- Type the text from the CAPTCHA picture
- Click the “Send” button
But don’t think you’re done, because the advertising nightmare is not over.
On the last screenshot from this page you see the final download button. There is however another catch. Not surprised, are you? Read the last line beside the checkbox carefully. This means that when you click the download button, it will start a download, just not your file. It will download only their manager, where you will install more adware directly to your computer. Oh goody.
TIP: Every time you start a file download from the internet, check if it has the right name and extension.
When I inspected similar sites to this one, many executable files popped up, even if I was looking for a RAR package. They are disguised as Archivers, Codec packages, or Download managers and had one thing in common – they try to confuse the user with clever sentences and hidden check boxes.
Everything but the download
I tested several dozen of these fake download buttons and not surprisingly, acquired a few new executable files. The download buttons redirected me to pages containing a registration for a game, an online casino, all sorts of medical products, and once, a chance to win a free iPhone in exchange for my mobile phone number. I did not gave them my phone number because the only thing I could win would be SMS advertisements or an attack on my privacy from some sort of mobile-oriented malware.
One big download button redirected me to page where an automatic download started. The page stated that this is an installer for a well-known archiver. As this screenshot shows, there is simple tutorial on the page which shows the user how to execute the file without thinking further. But what this tutorial really shows is how to ignore a security warning and let a potentially dangerous application install onto your computer!
This installer had other applications bundled, so when I started to install it, the first screen offered me a toolbar for my internet browser. There are only a few things less useful than a toolbar, because all its functions are already available in every internet browser.
On the next screenshot you can see what happens if you don’t want to install this toolbar. Another dialog designed to discourage you from skipping the installation by implying that this will abort the whole install.
If you think you want a toolbar installed, I suggest you read the license agreement which often offers very amusing content. In section 4. it states that the toolbar is not considered secure, and I can tell you why! Because the only thing that matters to the author of applications like this one is profit.
At the end of the installation, where I choose only to install the packer and nothing else, all the files listed in the last screenshot were downloaded to my computer and executed. None of these files were removed after installation and some of them are set to start automatically after the computer starts.
There is also a proxy server enabled and updated in my windows registry and program which I did not agree to install. Except for 7z and sweetim, there was not even a notice about the other programs. I don’t think this is the way a normal application installer should work.
Many free download servers are active on the internet today, but none of them give you anything actually for free. You will pay for them with your personal data or computing time when malware attacks. You should always bear in mind that there are just a few really free things on the internet, fortunately avast! Free Antivirus is one you can count on.
The application I just described can be found on Virus Total under the following SHA256:
The AVAST forum is one of our largest and most active communities, with more than 300,000 users. The most active people on the forum are called Evangelists. They spend a great deal of their free time answering user questions and helping to sort out issues of all kinds. You can meet them on the AVAST forum, where you can get assistance and support any time.
Because of the Evangelists’ extensive experience and knowledge, we asked them to share their top tips on maintaining a secure computer or device. Here are their main tips:
- Keep Windows and all other programs up-to-date (especially browsers and avast! Antivirus) and use only official sites for updating. For more convenience, you can use the avast! Software Updater feature to do it. Avoid P2P, cracks, patches and pirated software. On Android, use Google Play as the app source.
- Don’t be a happy clicker, especially on social media sites and while installing programs. Always install programs via the custom mode and read the screens before clicking next. If something looks fishy, it probably is.
- Take care about the sites you visit, knowing that legitimate websites can also be hacked. Use avast! SafeZone for web browsing whenever possible, especially while using online banking. AVAST also provides a full isolated environment called avast! Sandbox.
- Use different and strong passwords: Numbers, upper and lower case letters, symbols, etc. avast! EasyPass could help you manage this.
- Keep your anti-malware protection always on, for instance, while gaming and installing programs. Community games are usually safer than the supposed official games you find online. Take extra care – or avoid completely – free public cheats for multiplayer games, especially downloaded from third party URLs.
- Be alert for social engineering scams and emails. Do not open attachments from an unknown sender. Remember that not everyone is really your friend. Always use common sense.
- Have backup strategies: When, what, local and remote. Remember: Better safe than sorry. AVAST offers an online backup solution too.
- Use a firewall that manages the access of applications to the internet. Take care on open WiFi hotspots. At home, be sure to use strong WiFi passwords.
Special thanks to our AVAST forum members who have contributed these tips: Bob, Charyb, Essexboy, Omid, George Yves, Iroc, Donovan, Polonus, Ylap, Mac, Para-Noid, Coolmario, Dwarden and Jeffce. If you ever have a question, please log on to the AVAST forum and ask. Our forum evangelists are happy to assist you.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun, and contest information, please follow us on Facebook, Twitter, Google+ and Instagram.
Millions of people use social networks like Facebook and Twitter every day to share photos, comments, and ideas with their friends and followers. These popular platforms have become magnets for cybercrooks and are used to spread different types of scams. Hackers take advantage of the easy accessibility of data we put online to manipulate or steal them.
The security of AVAST users is a total priority for us. Therefore we monitor and warn you about new threats we discover on social media. We have noticed that while trying to be creative, scammers also run out of ideas and certain type of threats repeat periodically. Hence, we have gathered the top 4 sneakiest scams and prepared a summary of the most typical malicious behavior recently distributed via social networks.
Facebook Photo Scams
Most of us are softies and scammers know it. Who wouldn’t “like” a photo of a child in need if it could help them? Especially if it says: Each time you like the photo, you donate one cent to…, or If I collect 1,000,000 likes my parents will… Like my photo, please! Scammers count on our sympathetic hearts to respond to these calls for help, and we do by clicking like and share. Read more…
Recently we identified a threat which uses Twitter and Facebook to spread. The origin of the infection begins by clicking malicious tweets or Facebook posts.
Football is fun! It’s exciting, it brings us together… to share, to enjoy, to be proud (or ashamed?) of our favorite teams. Simply put, it creates a spirit of community. And we at AVAST Software realize how important community is. We also know that AVAST has a community of 22,000,000 users in Brazil. Given the fact that Brazil has 200,000,000 inhabitants, shall we say that AVAST protects every 10th football fan in Brazil?
This inspired us to organize a survey in selected countries that were participating in the Confederation Cup that took place in Brazil between 15-30 July. We have asked our Spanish, Brazilian, and Mexican avast! users three questions:
1. Are you going to watch the Confederations Cup match?
2. Which team will be crowned the Confederations Cup champion?
3. Which team will have the worst result in the Confederations Cup?
Following users are awarded for participating and predicting correct results as first. Congratulations to the winners, we will contact you via email!
|Date of participation||Time of participation||Name||Country|
Now, see how the survey engaged AVAST users and how participants actually responded!
Success of the last Hashtag challenge, available across the social media platforms, convinced us to continue with this idea. This weekend, we want to introduce you to a new one. Utilize the following Hashtag: “#withoutProtection” to let everybody know what would you never do #withoutProtection. Would that be: sunbathing, travelling, leaving your kids, or maybe risking to leave your PC #withoutProtection…?:) Be creative, be funny, be free.
We will award in the following category:
- Most creative/funny comment
Rules: Read more…
Thursday is a fun day because we get to look back in time at how things were in the good ol’ days. It’s Throwback Thursday!
AVAST is the world’s most popular antivirus software because our happy users recommend avast! Antivirus to their friends. Some think of creative ways to share. Here are a few examples:
Busy people who trust AVAST to protect their valuable assets (digital or otherwise), display the logo proudly on their computers, or in some cases, on the side of their barn. Read more…
Our first “#useAVAST” Hashtag challenge is over and it’s time to announce the results. As always, YOU have proven what an engaged and creative community AVAST has. We’ve seen plenty of Facebook and Google+ posts and Tweets with your personal recommendations. It has convinced us that we should be giving you this opportunity more often, so Be free to expect some more fun.
As announced in the previous blog, we have selected winners in two categories:
- Most creative/funny recommendation
- Most convincing recommendation
All entries are valuable to us and we appreciate your inventiveness and always-willing-to-participate attitude! Congratulations to the winners! Please contact us at firstname.lastname@example.org to claim your 1-year license for avast! Premiere, our best-selling antivirus protection.
The Hashtag system, created by Chris Messina in 2007, became Twitter’s trademark. The other social networks, notably Instagram, Google+, and Tumbr followed Twitter’s “Hashtag policy”; however it was still not available on Facebook, until now! Finally, users of the biggest social platform can follow and create conversations across the world, by adding a simple Hashtag symbol (#) before the word.The AVAST Social Media team is very excited about this feature and would like to introduce you to a new #hashtag challenge available across the social media platforms.
Now the fun part: Utilize the following Hashtag: “#useAVAST” to let everybody know why you personally recommend our free Antivirus solution. Be creative, be funny, be free.
We will award in two categories:
- Most creative/funny recommendation
- Most convincing recommendation Read more…