Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


July 21st, 2014

avast! is nominated the best antivirus for Windows by Lifehacker

avast! Free Antivirus was nominated by Lifehacker users as one of the best desktop applications.

avast! Free Antivirus

Lifehacker is a well-known site for its “Tips, tricks, and downloads for getting things done.” When the subject is to get protected and install an antivirus, they picked up avast! Free Antivirus and, now, last Sunday, avast! was picked again as one of the Top 5.

“It’s our pick as the best…it’s fast, lightweight,…”, says Lifehacker.

When expert people say something is the best, it is always due to a combination of factors and it varies (a lot!) among users. Lifehacker asked their users to point out where avast! excels and what they miss in the competition. They say they are confident of choosing avast! due to a lot of points.

Users  commented on the high level of usability and that it fits for common users, but doesn’t lack advanced settings for the geeky ones. If you want it, avast! has a high level of customization, fitting well for all needs, from gamers to your grandma!

“A fairly simple interface from which you can scan your computer, see statistics, update definitions, and more.”

Voters appreciate avast’s many features: Scans files, email, URLs, P2P programs, and more for malware. Automatic updates happen as soon as the virus database or program changes. In fact, the streaming updates are released each 4 minutes!

“It updates quietly in the background without fuss.”

“A plethora of on-access scanning and protection tools,” (some of which you may not want, but can be easily managed during the installation process.)

Silent mode where you can disable any and all notifications and warnings to keep performance slim and trim.”

“Others highlighted specific features, like avast!’s screensaver scan, where the application only kicks in when you’re away from the computer or the system is idle.”

Low system impact is a major consideration when choosing antivirus protection:

“avast! may be simpler and lighter weight than most other programs out there”

“The app itself is relatively resource light — you may not even notice it’s there”.

A few users highlighted the fact that avast! is cross-platform, and available for multiple operating systems.

LifeHacker says, “We personally don’t think paid antivirus are necessary in a home setting, especially if you use good browsing habits.”

And the #1 reason people choose avast! Free Antivirus?

“Best of all, it’s completely free.”

What are you waiting for? Install these avast! security products on your devices.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.


July 18th, 2014

Spearphishing scams hope you’ll take the bait

avast! Internet Security protects you from phishing and email scamsYesterday on our blog, avast! Virus Lab researcher Jaromir Horejsi, explained a banking Trojan called Tinba. The cybercrooks behind Tinba use a social engineering technique called spearfishing to target its victims.

You have probably heard about email scams that use phishing. This classic technique uses authentic-looking emails to lure the victims to fake websites, then trick them into revealing personal information. Also this week, we told you about an email that AVAST evangelist, Bob G. received claiming that he won money in a World Cup lottery. The cybercrooks behind that scam cast a wide net, hoping to catch a few people then ask them to provide banking information so they could deliver the prize.

Other high profile phishing attempts, like the DHL email scam that ran last Christmas, preyed on the anxiety of the holidays. An email that looks like the real thing was sent, offering all sorts of urgent and legitimate-sounding explanations as to why they need your personal data. It’s not hard to understand why busy people can be fooled.

Spearphishing is similar in every way except that the net is drawn in much tighter. The FBI says that cybercrooks target select groups of people with something in common—they work at the same company, bank at the same financial institution, attend the same college, order merchandise from the same website, etc. The emails are seemingly sent from organizations or individuals the potential victims would normally get emails from, making them even more deceptive. This is what is happening with the Tinba Trojan right now in Czech Republic.

In both social engineering schemes, once the victim clicks, they are led to a phony but realistic-looking website, where they are asked to provide passwords, account numbers, user IDs, access codes, PINs, etc.

How to avoid becoming a spear phishing victim

  • Most companies, banks, agencies, etc., don’t request personal information via e-mail.
  • If in doubt, give them a call (but don’t use the phone number contained in the e-mail—that’s usually phony as well).
  • Use a phishing filter. Both avast! Internet Security and avast! Premier include anti-spam filters to detect phishing and scam emails.
  • Never follow a link to a secure site from an email; always enter the URL manually.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.


July 17th, 2014

Tinybanker Trojan targets banking customers

Tinba Trojan specifically targets bank customers with deceitful debt notice.

The Tinba Trojan is banking malware that uses a social engineering technique called spearfishing to target its victims. Recently, targets havebeen banking customers in Czech Republic, AVAST Software’s home country. Tinba, aka Tinybanker,  was first reported in 2012 where it was active in Turkey. A whitepaper analyzing its functionality is available here (PDF). However, the spam campaigns against bank users in Czech Republic are still going on and have became more intensive. Here is an example of what Czech customers recently found in their email inbox.

Czech version:

VÝZVA K ÚHRADĚ DLUŽNÉHO PLNĚNÍ PŘED PROVEDENÍM EXEKUCE

Soudní exekutor Mgr. Bednář, Richard, Exekutorský úřad Praha-2, IČ 51736937, se sídlem Kateřinská 13, 184 00 Praha 2
pověřený provedením exekuce: č.j. 10 EXE 197/2014 -17, na základě exekučního titulu: Příkaz č.j. 077209/2014-567/Čen/G V.vyř.,
vás ve smyslu §46 odst. 6 z. č. 120/2001 Sb. (exekuční řád) v platném znění vyzývá k splnění označených povinností, které ukládá exekuční titul, jakož i povinnosti uhradit náklady na nařízení exekuce a odměnu soudního exekutora, stejně ták, jako zálohu na náklady exekuce a odměnu soudního exekutora:

Peněžitý nárok oprávněného včetně nákladu k dnešnímu dni: 9 027,00 Kč
Záloha na odměnu exekutora (peněžité plnění): 1 167,00 Kč včetně DPH 21%
Náklady exekuce paušálem: 4 616,00 Kč včetně DPH 21%

Pro splnění veškerých povinností  je třeba uhradit na účet soudního exekutora (č.ú. 549410655/5000, variabilní symbol 82797754, ČSOB a.s.), ve lhůtě 15 dnů od
doručení této výzvy 14 810,00 Kč

Nebude-li  uvedená částka uhrazena ve lhůtě 15 dnů od doručení této výzvy, bude i provedena exekuce majetku a/nebo zablokován bankovní účet  povinného ve smyslu § 44a odst. 1 EŘ a podle § 47 odst. 4 EŘ. Až do okamžiku splnění povinnosti.

Příkaz k úhradě, vyrozumění o zahájení exekuce  a vypučet povinnosti najdete v přiložených souborech.

Za správnost vyhotovení Alexey Mishkel

 

English translation:

Distraint notice
———————
Bailiff [Academic title] [First name] [Last name], Distraint office Prague-2 ID: 51736937 at Katerinska 13, 184 00 Prague 2 was authorized to proceed the execution 10 EXE 197/2014 -17 based on execution Order 077209/2014-567/Cen/G according to §46 paragraph 4, 120/2001 law collection in valid form which impose you to pay these costs:

Debt amount: 9,027.00 CZK ($445.00)
Distraint reward: 1,167 including 21% TAX
Fixed costs: 4,616 CZK including 21% TAX
Total: 14,810 CZK ($730.00)

To bank account 549410655/5000, variable symbol 82797754, CSOB a.s.

For the correctness of the copy warrants Alexey Mishkel

Using the spearfishing social engineering tactic, the attackers attempt to scare their victims with a specially designed email message explaining that there exists a debt which needs to be paid.

Read more…


July 15th, 2014

AVAST evangelist allegedly wins World Cup 2014 Lottery

AVAST evangelist Bob G. received a notification in the mail yesterday from, of all organizations, FIFA! How nice! Only hours after Germany earned the title of World Cup 2014 champs and was awarded with a grand trophy, Bob was also promised a reward of prize money.

Too bad, it’s a scam.

Email scams like this are a form of social engineering designed to trick people into giving away vital personal information. The email generally informs the recipient that they have been selected as lottery prize winners and have won substantial sums of money. Recipients are then persuaded to submit personal information or to part with money as an upfront payment, or forward money to enable them to enter the tender process.

Since Bob is aware of these types of scams, instead of falling for it, he made a video to inform all avast! users. Here it is.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off

July 14th, 2014

Common passwords inspire uncommon dress

password dress

Lorrie Cranor models her famous Password dress in front of the “Security Blanket” quilt.

Weak passwords make for creative design.

If you use 123456 or password as your password, you may as well wear it for all to see. It’s THAT easy to crack.

To illustrate this point, Lorrie Cranor, quilt artist, and oh yeah,  director of the CyLab Usable Privacy and Security Laboratory at Carnegie Mellon University, designed fabric based on the extensive research she and her students conducted on the weaknesses of text-based passwords. The quilt she made is aptly named “The Security Blanket,” and is designed from a word cloud of the 1,000 most commonly found passwords from the 2010 RockYou.com hack. Professor Cranor made a Password dress to go with the password quilt. The fabric is available for purchase from Spoonflower.

Iloveyou, you little monkey

The most popular password, 123456, forms a backdrop across the whole quilt. But what intrigued Cranor was not the “the obvious lazy choices,” but what else people choose as passwords. She went through the list and organized the passwords into themes. Many passwords fell into multiple themes, so she tried to think like a RockYou user and extract some meaning from their choices.

Love is a strong theme, and the research found that love-themed words make up the majority of non-numeric passwords. Iloveyou in English and other languages is common. The names of pets are common, and Princess showed up in the top 1,000 and simultaneously on lists of popular pet names. Chocolate is the most frequent of the food-related passwords, with chicken and banana(s) coming up often.

Chicken was a surprise to me, as was monkey, the 14th most popular password. Could RockYou users have an affinity for monkeys because of a game, or do they just like monkeys? Is it related to bananas? Do gamers eat more bananas?

Some things we’ll just have to speculate about…

Swear words, insults, and adult language showed up in the top 1000 passwords, “but impolite passwords are much less prevalent than the more tender love-related words,” wrote Cranor in her blog.

Numbers are even better. Three times as many people chose 123456 over password, and 12345 and 123456789 were also more popular choices. It seems that when required to use a number in a password, people overwhelmingly pick the same number, or always use the number in the same location in their passwords.

Top 10 worst passwords

Security developer SplashData published the Worst Passwords of 2013. Check the list to see if you use any of these:

Rank Password Change from 2012
1 123456 Up 1
2 password Down 1
3 12345678 Unchanged
4 qwerty Up 1
5 abc123 Down 1
6 123456789 New
7 111111 Up 2
8 1234567 Up 5
9 iloveyou Up 2
10 adobe123 New

Tips and tricks

1. Use a random collection of letters (uppercase and lowercase), numbers and symbols

2. Make it 8 characters or longer

3. Create a unique password for every account

Read more from the AVAST blog

Do you hate updating your passwords whenever there’s a new hack?

Are hackers’ passwords stronger than regular passwords?

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off

July 11th, 2014

Six ways to secure your smartphone

AR AMSpost-enI bet you would be lost without your smartphone. It’s your lifeline to contacts, emails, and personal information, not to mention all those apps that you use for fun, entertainment, and business. You probably have bought something using your phone, so your credit card information is there, as well as your account log ins. In other words, it would be disastrous to lose it to a thief or be infected with a data-stealing app.

Keep reading for some solid tips that will help you secure your Android smartphones and tablets.

1. Install security software

Protect your smartphone or tablet from malicious attacks. Malware targeted at Android devices is increasing daily, and we project that it will be at PC levels in the next 4 years. Even though malware is not likely to affect you (yet), avast! Mobile Security & Anti-theft protects your device , plus it helps you locate your device if it is lost or stolen.

TIP: When you upgrade to avast! Mobile Premium you get a feature called Password Check. This feature keeps nosy people and data thieves from snooping around your messages or emails. After 3 wrong attempts to break in, your phone is locked.

2. Use trusted stores to install apps

Malware may not be a huge threat yet, but cybercrooks are using apps in subtle ways, so you need to be aware of what you’re downloading onto your device. The major app stores like Google Play and Amazon are the safest places to go for apps. These have rigorous vetting procedures, so they are reliable sources. The ones you need to watch out for are the unregulated third party app stores predominantly from the Asia or the Middle East.

TIP: For an extra safeguard on your Android device, stop the installation of apps from unknown sources. Go to Settings>Security and uncheck the Unknown Sources option. Check the Verify Apps option to block or warn you before installing apps that may cause harm.

3. Use a PIN or password and lock your apps

Your Android phone has its own security settings, so we recommend that you set a PIN number with a strong number code to the lock screen. To set your PIN go to Settings>Lock screen to set a pattern or passcode.

TIP: Use avast! Mobile Security App Lock to set a PIN for apps you want to keep private, like online shopping and banking apps. You can lock any two apps with a PIN/gesture using our free product; get unlimited app locking with the Premium product.

Read more…


July 9th, 2014

Android Forensics, Part 1: How we recovered (supposedly) erased data

Introduction to Android forensics (aka CSI: Android)

Digital forensics is a branch of science which deals with the recovery and investigation of materials found in digital devices. Forensics is usually mentioned in connection with crime, vaguely similar to criminal investigations on TV shows like CSI: Crime Scene Investigation and NCIS. However, several experiments (1, 2), including this one, use methods of digital forensics as proof that people do not pay attention to what happens with their personal data when replacing their digital devices (computers, hard drives, cell phones). In this blog post series we will reveal what we managed to dig out from supposedly erased devices. The sensitive information includes pictures (even very private ones!), videos, contacts, SMS messages, Facebook chat logs, Google searches, GPS location coordinates, and more.

What happens to the file when it is “deleted”

When people want to delete a file, most will use the standard features that come with their operating system. After it’s done, they consider the unwanted data to be gone forever. However, this is not true. When a file is deleted, the operating system merely deletes the corresponding pointers in the file table and marks the space occupied by the file as free. The reality is that the file is not deleted and the data it contained still remains on the drive. With regular usage of the drive, the remaining data will sooner or later be overwritten with different data. The same thing happens on your PC.

The following screenshots show the scenario. We used the program FTK Imager to mount the image of a partition containing user data. The first figure shows a [root] directory followed by [unallocated space]. Although all the sensitive files were deleted in the regular way, something still remained in unallocated space. In this particular example, we managed to dump 251 blocks of unallocated data and to recover interesting messages, for example from a Facebook chat. The seller of this HTC Sensation cell phone thought that his personal was cleared out, but the figures below show that he/she was tragically mistaken.

ftk_imager Read more…


July 8th, 2014

Tens of thousands of Americans sell themselves online every day

The Internet has become a virtual flea market, with online consumer-to-consumer sites like Amazon, eBay, and Craigslist selling millions of products every day. Used smartphones are a popular sales item on eBay – more than 80,000 people list their phones for sale each day. It seems like a smart way to make some extra money, but AVAST has found out that many fail to protect their identity in the process. 

AVAST recovers an abundance of personal data from used smartphones 

Most sellers delete all of their personal data prior to selling their used devices… or so they think. We purchased 20 used Android phones off eBay and used simple and easily available recovery software to restore deleted files. The amount of data we were able to retrieve was astonishing and proves that simply deleting is not enough.

Our analysts found the following:

  • More than 40,000 stored photosUsed Smartphones for Sale
  • More than 1,500 family photos of children
  • More than 750 photos of women in various stages of undress
  • More than 250 selfies of what appear to be the previous owner’s manhood
  • More than 1,000 Google searches
  • More than 750 emails and text messages
  • More than 250 contact names and email addresses
  • Four previous owners’ identities
  • One completed loan application

One phone even had a competitor’s security software installed, but unfortunately it did not help the former owner as it revealed the most personal information out of all the phones we analyzed. 

No one cares about my old photos, messages and Google searches, right?

Wrong! As the old saying goes, a picture is worth a thousand words. Now add private Facebook messages that include geo-location, Google searches for open job positions in a specific field, media files, and phone contacts. Put all of these pieces together to complete the puzzle and you have a clear picture of who the former smartphone owner was. Stalkers, enemies, and thieves can abuse personal data to stalk, blackmail and steal people’s identities. They can use this information to watch people’s every move, exploit their strange fetishes, open credit cards in their name, or even continue what they started by further selling their personal information online. 

How to permanently delete and overwrite data from your Android phone 

Deleting files from your Android phone before selling it or giving it away is not enough. You need to overwrite your files, making them irretrievable. To do so, install avast! Anti-Theft from the Google Play Store for free. Once you have the app installed, turn on the “thorough wipe” feature within the app. You will then need to create a my.avast account to connect to the phone (this allows users to remotely wipe their phones in theft cases as well). The final step is to wipe the phone clean, which will delete and overwrite all of your personal data. 

AVAST Used Smartphone Infographic

Read about our investigation:

Android Forensics, Part 1: How we recovered (supposedly) erased data

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.


July 7th, 2014

#AVASTstories shared by the Community

The AVAST community has proven its amazing loyalty and support over and over.  Every day we receive messages from around the world. Your comments - positive and negative -  help us improve our products and services.  Your messages of appreciation for delivering a free antivirus solution prove that we are helping millions of people stay secure, and motivate us   even further. For example, last year we have received a real handwritten letter from 9-year old Polish boy living in Ireland, and just this week, we received a “CV” from young Lucy, who wishes to work for AVAST Software.

Our community also contributes to the success of AVAST. Evangelists help us translate software, and plenty of avast! users volunteer to support others on the avast! forum. Kudos to our Superstars including BobLisandro, and Paulius!

We appreciate your #AVASTstories and are pleased to share some of them here!

 I just changed from Windows Essentials when I rebuilt my system. I love freeware and Avast has protected me from ad-ware and other stuff that escaped my eagle eye. Five stars for Avast free! ~ Sharon L. (Facebook comment) 

Avast all the way, have been using avast for years, and major improvements and step ups over the years just makes avast number 1. I’ve suggested avast to many people, and installed avast on several systems. ~ Morgan N. (Facebook comment)

 

I am using avast for the PC (from 4 years) & smartphone (from 2 years). It’s great and free. I liked it so much, I am gonna purchase the premium version. Thank you avast for the quality products and services.  ~Prashanth K (Google+ comment)

 

 

Keep writing us on here on our blog, our Facebook page, Twitter, Google+, YouTube or LinkedIn.

If you don’t use antivirus protection yet on your PC, Mac or Android device, it is high time to install avast! Antivirus for free.

For Android OS, get avast! Mobile Security & Anti-theft.

For Windows, get avast! Free Antivirus.

For Mac, get avast! Free Antivirus for Mac.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.


July 2nd, 2014

How to prevent unnecessary costs of AVAST SMS notifications when replacing your SIM card

avast! Anti-Theft is a separate program included in the avast! Free Mobile Security appYou can install it at the same time as avast! Mobile Security, or later, during a separate installation. Its unique capabilities help you recover your phone by controlling it remotely with SMS commands or via the Internet by logging in to your AVAST account. The app can also notify you that your SIM card was removed, in case the device was stolen. All that will help you to control and locate your lost or stolen smartphone. Since its release, we have received many messages from all around the world, proving that avast! Anti-Theft has helped many users find their missing devices. A dramatic story with happy end came to us from the Humayuns brothers. They were attacked at a Pakistani market. Their smartphone was stolen during the attack. Luckily they were able to catch the thief using avast! Anti-Theft. Stories from the open road have also come our way from motorbike AVAST fan DuckyBoy and truck driver Steven B., who used AVAST to track their missing smartphones lost on the roads of USAWe even received a detective-like story from sisters Katharina and Nicole. Nicole’s phone was stolen during the trip to Vietnam, AVAST notified her sister Katharina that her SIM card had been changed and provided her with the phone’s new number. Using this information the girls successfully tracked down the stolen device (with a little help from Vietnamese authorities). Last but not least avast! Anti-theft managed to locate a phone that was lost for a year and a half, it traveled a great distance within Africa before it was found!

DiedreD-user-testimonial

 

However, we have also spotted questions from users who were surprised by the “extra charges for the SMS notifications”. Some thought the charges came from AVAST. Let’s clarify this functionality and explain, why mobile operators can charge you for SMS notifications sent from the avast! Anti-theft app.

Why is it happening and how to prevent unexpected costs?

Read more…

Comments off