Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Posts Tagged ‘spam’
July 31st, 2014

Security basics: Internet scams and your identity

If you’re afraid “to do something wrong” when you sit behind your computer, this new series is for you.

AVAST has expertise in developing security products and we want to bring you a complete series about internet danger, with good practices to avoid scams, loss of money, and identity theft. You’re just about to join a tutorial that will help you avoid such threats in the virtual world.

Privacy July 2014 B (2)

First, being afraid to do something wrong is healthy because it will slow you down, which can be a good thing since most mistakes are made due to rushing through something. Computers, smartphones and tablets are advanced tech devices. Those of us who did not have the opportunity to learn and gather knowledge and experience on using these devices when we were young, can be a little shy with them. Searching for information about how to do something with your device is not always easy because people tend to use complicated language. Making it simple and easy-to-understand is a task that we assume with pleasure.

The Basics

The internet is a space for sharing and dialog. However, alongside this encouraging environment you will face some areas where you need to exercise caution: Inappropriate content for children like adult sites; sites which promote hateful content such as racism and intolerance; and cybercriminals who use different methods to steal your personal, banking, and credit card data.

You may be tempted to think that no one will be interested in your computer, or that your computer cannot be found in the internet jungle. That would be a mistake.

Cybercriminals hide in the jungle and misuse your computer as a base to attack others, and spread viruses (malware) or spam. Think of it this way – the banking systems and e-commerce sites have, in general, a much bigger and more sophisticated security arsenal than your own computer (smartphone or tablet), and yours is the weakest point in this chain.

So let’s start from the same place.

Here’s The Rule: All safety measures you take in real life should be applied when you use the internet: Visit only trustworthy sites and stores, do not share your personal data with anyone, lock the doors, and put an alarm. AVAST believes security implies prevention: Be prepared before something bad surprises you.

Your identity is up for grabs

Your personal data or your credentials for a particular site (username and password) are quite valuable to cybercrooks. With this data, scammers act on your behalf; sending emails (like the phishing ones we’ve written about lately), shopping with your credit card, and doing things that can cause harm to you, not only financially but also for your reputation. They could share false information about you, photos and personal data. This could led to problems when, for instance, you are looking for a new job, but also in your personal and family life.

Create strong passwords to protect your online accountsTaking care of your passwords is essential. Use different passwords for each service or internet site. You should create the so-called strong passwords: CAPS letters, symbols, and numbers. AVAST offers an automated solution for your passwords called avast! EasyPass. This way, using different and secure passwords, cybercriminals can’t easy guess your credentials, enter in sites, or shop in your behalf.

Do not answer unsolicited emails or sales promotions that promise you a financial return after you make a small payment. Never help or join into the financial operations of a third party, close to you or not. Do not trust in NGOs that ask for donations, rather look for the official sites to contribute. Never giveaway your banking data for “personal credit and rewards” announcements, for example, bogus companies offering jobs that ask for a preliminary payment. Scams that prey on your emotions are prevalent. Dating scams in-the-wild ask for money to make a trip to meet your  love interest personally. In fact, after you pay, you’ll never see your love again. Beware of these types of scenarios.

How can we avoid these scams? Generally, they ask for a quick and secret decision and, often they have spelling and grammar errors because many still originate from foreign locales and rely on online translation software to spread the scams all over the world.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

July 28th, 2014

Phishing scam steals Finnish bank passwords, earns big money

Earlier this month, we told you about a spear phishing campaign specifically targeting banking customers in Czech Republic, and now a similar scam is targeting bank customers in Finland.

Finnish banks warn their customers of phishing scheme.

Finnish banks warn their customers of phishing scheme.

This weekend, Aktia, Nordea, and Nooa Säästöpankki customers received text messages and emails informing them that their online banking services were being discontinued because of a payment in default. The message said the payment had to be made immediately to avoid this. The victims were then instructed to follow a link in the email where they could enter their ID and bank access codes including PIN. The victim was promised that a representative of online banking services would call to confirm after the payment was received.

So far, 500,000 euros has been stolen. Of course, there is no default payment and the whole thing is a hoax to earn cybercriminals money. Within the last month, 95 percent of the victims have been women, said Detective Superintendent Jukkapekka Risu from Helsinki Police to the Helsinki Times.

What you need to know to protect yourself

Do not click on links, download files, or open attachments in emails from unknown senders. Phishing websites often copy legitimate websites so they appear authentic. To be safe, call the bank to find out if they really sent that email to you.

Do not call the number in the email. It can easily be faked. Look up the real number of your bank and call using that.

Banks will not ask for customer names or IDs by email, text message, or phone. If you have fallen victim to the scam message and have volunteered information, please contact your bank immediately.

Protect your computer with a firewall, spam filters, antivirus and anti-spyware software. Both avast! Internet Security and avast! Premier have these important features. SafeZone is an additional security feature in avast! Pro Antivirus, avast! Internet Security and avast! Premier, which allows you to browse the web in a private, secure environment, invisible to the rest of your system. For example, if you do your banking online, you can be sure that your personal data cannot be monitored by spyware or key-logging software.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter, Google+ and Instagram. Business owners – check out our business products.

 

July 17th, 2014

Tinybanker Trojan targets banking customers

Tinba Trojan specifically targets bank customers with deceitful debt notice.

The Tinba Trojan is banking malware that uses a social engineering technique called spearfishing to target its victims. Recently, targets have been banking customers in Czech Republic, AVAST Software’s home country. Tinba, aka Tiny Banker or Tinybanker,  was first reported in 2012 where it was active in Turkey. A whitepaper analyzing its functionality is available here (PDF). However, the spam campaigns against bank users in Czech Republic are still going on and have became more intensive. Here is an example of what Czech customers recently found in their email inbox.

Czech version:

VÝZVA K ÚHRADĚ DLUŽNÉHO PLNĚNÍ PŘED PROVEDENÍM EXEKUCE

Soudní exekutor Mgr. Bednář, Richard, Exekutorský úřad Praha-2, IČ 51736937, se sídlem Kateřinská 13, 184 00 Praha 2
pověřený provedením exekuce: č.j. 10 EXE 197/2014 -17, na základě exekučního titulu: Příkaz č.j. 077209/2014-567/Čen/G V.vyř.,
vás ve smyslu §46 odst. 6 z. č. 120/2001 Sb. (exekuční řád) v platném znění vyzývá k splnění označených povinností, které ukládá exekuční titul, jakož i povinnosti uhradit náklady na nařízení exekuce a odměnu soudního exekutora, stejně ták, jako zálohu na náklady exekuce a odměnu soudního exekutora:

Peněžitý nárok oprávněného včetně nákladu k dnešnímu dni: 9 027,00 Kč
Záloha na odměnu exekutora (peněžité plnění): 1 167,00 Kč včetně DPH 21%
Náklady exekuce paušálem: 4 616,00 Kč včetně DPH 21%

Pro splnění veškerých povinností  je třeba uhradit na účet soudního exekutora (č.ú. 549410655/5000, variabilní symbol 82797754, ČSOB a.s.), ve lhůtě 15 dnů od
doručení této výzvy 14 810,00 Kč

Nebude-li  uvedená částka uhrazena ve lhůtě 15 dnů od doručení této výzvy, bude i provedena exekuce majetku a/nebo zablokován bankovní účet  povinného ve smyslu § 44a odst. 1 EŘ a podle § 47 odst. 4 EŘ. Až do okamžiku splnění povinnosti.

Příkaz k úhradě, vyrozumění o zahájení exekuce  a vypučet povinnosti najdete v přiložených souborech.

Za správnost vyhotovení Alexey Mishkel

 

English translation:

Distraint notice
———————
Bailiff [Academic title] [First name] [Last name], Distraint office Prague-2 ID: 51736937 at Katerinska 13, 184 00 Prague 2 was authorized to proceed the execution 10 EXE 197/2014 -17 based on execution Order 077209/2014-567/Cen/G according to §46 paragraph 4, 120/2001 law collection in valid form which impose you to pay these costs:

Debt amount: 9,027.00 CZK ($445.00)
Distraint reward: 1,167 including 21% TAX
Fixed costs: 4,616 CZK including 21% TAX
Total: 14,810 CZK ($730.00)

To bank account 549410655/5000, variable symbol 82797754, CSOB a.s.

For the correctness of the copy warrants Alexey Mishkel

Using the spearfishing social engineering tactic, the attackers attempt to scare their victims with a specially designed email message explaining that a debt exists which needs to be paid.

Read more…

April 23rd, 2014

Facebook is spring cleaning your News Feed

Facebook spam blocks relevant News Feed posts

Spam blocks news Facebook users want to see

Last year, Facebook had the dubious honor of containing more spam than other social networks.

In order to combat this scourge, Facebook recently announced a series of  improvements to the News Feed to help ensure that spammy content does not drown out the posts that people really want to see from friends and Pages they care about.

“The goal of this spring cleaning is to deliver the right content to the right people at the right time so they don’t miss the stories that are important and relevant to them,” said Facebook.

The clean-up targets three areas: Like-baiting, frequently shared content, and spammy links

Like-baiting is one of the sneakiest scams on Facebook. It’s when a post explicitly asks readers to like, comment, or share the post in order to increase the number of likes and/or shares; in other words, to “Go Viral.”  As we have described in previous posts, the page usually collects the likes, then sells it to the highest bidder to re-purpose for new annoying posts and scams.

Facebook uses this cute animal survey image to illustrate what it considers to be like-baiting.  The text asks the reader what their favorite animal is, with pictures asking for likes, comments, and shares.

Like-baiting is one of the sneakiest scams on Facebook

Facebook found that there was an over-abundance of frequently shared content.

Read more…

November 7th, 2012

Just in case… before you pay (!)

The phishing scam creators are really getting creative.  Of course one could question their targeting such in this case.  Czech republic is known for our quite lenient view of laws and rules and – especially – the need to pay (or the lack of there off) of any fines especially when imposed by so called municipal police.  Who would bother…   Hence, an email urging to pay a fine is normally filed directly into the ‘round file’.   Known as trash.  Well in this case… there actually might be a good reason to look at this closely ;) Read more…

Categories: analyses, lab, Virus Lab Tags: ,
October 8th, 2012

Russian Odnoklassniki spamming

Recently, we’ve noticed that there are too many legitimate domains popping up in our url filters with malware. At first we thought we had a huge false-positive (FP) problem, but after analysis we found a pattern.

All of the referring links came from the Russian Odnoklassniki server, which is a quite-popular Russian social network. Users of that network are getting fake messages with links to photos.

Read more…

August 29th, 2012

avast! detects Facebook photo tagging malware

Photo and related article from http://mashable.com/2012/08/28/facebook-malware-photo-tag/

Have you received an email saying a friend tagged you in a photo on Facebook? Use extreme caution before clicking to see photos in the attachment. In a typical phish, cybercrooks are using a fake Facebook photo notification email designed to spread malware allowing them to gain control over Windows-based computers.

Avast Virus Lab detected the malware as Win32:Trojan-gen and added the definition to the database yesterday, so all avast! users are protected.

The email looks innocent enough with the familiar blue header and logo. Serious Facebookers may know that Facebook never sends you photos that you’ve been tagged in as attachments; rather they send links to the photos. Unfortunately, most of us are too busy to notice the difference.

Please share this warning with your Facebook friends, and recommend that they get avast! Free Antivirus, so they’ll always be protected. You can share avast! by clicking on our recommend avast! app here.

 

 

Comments off
February 16th, 2012

Standard hacker tactics after Whitney Houston’s death

There seems to be a playbook of standard hacker tactics after a celebrity death or an event of worldwide interest like earthquakes or tsunamis.  Hours after the announcement of pop diva Whitney Houston’s death, scammers had already devised schemes to prey on fans seeking information – appearing to recycle those used after the deaths of Michael Jackson and Steve Jobs.

A Facebook message, claiming to link to a video of Whitney Houston’s autopsy, takes the user to a page with an embedded YouTube video. When you try to play it, a pop-up message appears instructing the user to update their copy of Adobe’s Flash from a bogus site. The video scam has become viral. Read more…

Comments off
January 27th, 2012

Relative exposure to malware

If you work at an antivirus company, be sure that family members will soon ask you questions about computers and the latest malware. Sometimes, they will even send you some. The other day, I got an odd email from my cousin, soon followed by a similar note from my sister that contained this:

The two of them – completely unintentionally – sent me a personalized bit of spam/malware. This was quite nice. After all, there aren’t so many Lyle’s in the world and I thought it was really considerate of some malware writers to address me directly. So I asked Jan Sirmer in the AVAST Virus Lab to tell me about how it was done and the goal of this malware. Here are his comments: Read more…

Comments off
October 13th, 2011

Profiling facebook spammers

I’ve seen this happen many times, but this time I decided to get a screenshot of it. In a small box, facebook recommends that I add a friend because we have friends in common… or I get a direct friend request from someone I don’t know. I click the profile to investigate and, indeed, we have several friends in common. But an instinct triggers that something isn’t quite right.

Example 1 – Notice:

  1. New profile
  2. No personal information other than “Single”
  3. Only 17 friends
  4. All 17 friends are male
  5. Only 1 photo, with a focal point of breasts and eyes (maybe I should have titled this post “Why men are easy targets for spammers”)

 

Read more…