Poor Sony. They are getting it from all directions these days. On Sunday, the PlayStation Network, the online store for games, movies, and TV shows, suffered a hacker attack and was knocked offline. Visitors to the store got a message that said, ‘Page Not Found! It’s not you. It’s the Internet’s fault.’ I just visited the page, and got this same message, so reports that it was up again, were at best, temporary – at least for some of us.
Sony tweeted yesterday that they were investigating.
We are aware that users are having issues connecting to PSN. Thanks for your patience as we investigate.
— Ask PlayStation (@AskPlayStation) December 8, 2014
A group called Lizard Squad, which was also involved in a hack of Xbox Live last week as well as previous attacks on EA Games and Destiny, claimed responsibility for the attack.
During the Xbox hack, Lizard Squad promised that attacks would continue until Christmas.
This attack comes on the heels of news recently that Sony Pictures’ corporate network was infiltrated by cybercrooks which resulted in the theft of 100 terabytes of confidential employee data, business documents, and unreleased films. It was speculated that North Korean hackers were behind the attack due to the upcoming release of the movie “The Interview,” which is about an attempted assassination of Kim Jong-Un. The North Korean government denied responsibility for the attack on Sunday. The attack has since been traced to a luxury hotel in Bangkok, and is being investigated.
The two attacks appear to be unrelated.
Cybercrooks target busy holiday shoppers with phishing scheme.
After all that shopping on Black Friday and Cyber Monday, consumers are reporting a bunch of phishing emails that look like authentic communications from poular stores. Malware-infected emails are reportedly coming from Walmart, Home Depot, Target, and Costco. The catch is these are not from the authentic merchants, but rather cybercrooks are using a phishing scheme to send fake emails with the intent to gather personal information from harried shoppers.
Millions of these emails are being sent each day, originating from more than 600 hacked websites that act as intermediaries, according to security analysts from Malcovery monitoring the attacks. This method prevented detection by causing the spammed links to point to websites that had been safe until the morning of the attack.
The messages have subject lines like this:
- Thank you for your order
- Order Confirmation
- Thank you for buying from Best Buy
- Acknowledgment of Order
- Order Status
If you receive one of these emails, don’t click on any links. Instead, visit the merchant’s website or call their customer service. Don’t give any personal information out unless you know for sure with whom you are speaking.
Signs of a fake email
Unfortunately, cybercrooks are becoming more professional with their scams, but here are a few things you can look for to tell a fake email from an authentic one.
- Poor grammar usage
- The Sender (the “from” line) may not match the merchant name
- Links in the email do not go to the real website
- There is no order confirmation number or details about the order. A real order confirmation email contains the details of your order without clicking on any links, as well as where it is being shipped and the payment method.
How to protect yourself
Walmart acknowledged that the fraudulent emails were in circulation and suggested these steps if you receive a suspicious email.
- If you actually placed an order and are suspicious about the email you received, log onto your Walmart.com order to check your order status.
- Keep your virus software updated on all your computers.
If you were a victim of fraud via the Internet, you should file a report with your local law enforcement agency along with the Internet Crime Complaint Center (ICCC). The ICCC is a partnership between the FBI and the National White Collar Crime Center. You can make a report with the ICCC.
Some webpages are giving away free codes for Playstation Network and Steam but, are they reliable?
At Avast we discovered a lot of webpages offering free codes, with a value from $20 to $50, for Playstation Network and Steam, two of the most important internet-based digital distribution platforms. Those webpages look very suspicious so we decided to analyze them.
We chose one of those webpages and followed all the steps required in order to get our “free code” for Playstation Network or Steam.
After a first look at the main page, we found some suspicious items. To prove how trustworthy the transaction is, the webpage placed two security “certifications” in a visible location, but as we discovered, no security companies are associated with those certifications. They are completely fake!
Also, there’s a label with user ratings (4 ½ stars!), but we cannot rate the webpage; it’s just an image. Both fake images make the users think that they are in a safe and reliable website.
What happens when we click on a gift card? Are we going to receive the code?
The answer is no.
Let’s see what’s next:
When we click on a gift card¸ instead of receiving the promised free code, we are asked to share a link with our friends in order to unlock the code.
Why do they do that?
When we share the link we are contributing to an increase in the number of visitors and, of course, the number of people that will try to redeem the “free code.” Keep this in mind, it will be important at the end of this post.
Ok, we already invited 5 of our friends and, in theory, we unlocked the code. Is this the last step? Are we going to receive the code now?
Again, the answer is no.
Looks like they don’t want to give us the code. Suspicious, right? So, what do they want now?
As we can see in the image, in order to receive our PSN code, we need to complete a short survey (like inviting 5 friends wasn’t already enough?!).
When we click on one of the surveys, a little pop-up with a message appears on the top of the screen. The message says: “You must use your VALID information while filling this offer out”.
Why do they need our VALID information?
Here’s the reason:
In order to receive the code, we need to introduce our phone number – our VALID phone number. But wait, before doing that, let’s read the text at the bottom of the page.
Surprise! It’s a premium SMS service with a total amount of 36,25€/month (>$40/month)! If we enter our phone number, we will be automatically subscribed to this premium service.
Remember the 5 friends you sent the link to? Well, now imagine how many people can fall into this scam just by sharing a link to 5 friends: 5+(5*5)+(5*5*5)+… creepy, right?
And of course, there’s no free code for your PSN or Steam accounts.
Unfortunately, there’s a lot of webpages using the same method to get user’s money. Also, there are other webpages offering software to generate codes. Cybercrooks create those
fake apps and get money from “download servers” because they bring
Tonda Hýža, from the AVAST Virus Lab, described those webpages as Adware due to the big amount of lies, advertisements and weird privacy policies.
Make sure you share this alert with your gamer friends J
Losing contacts from your mobile phone is highly inconvenient. There’s seems to be a solution - You can find them online! The catch? Your contacts are in a publicly accessible place.
If you care for your privacy you should always be suspicious about “Cloud Backup” solutions you find in the Google Play Store. The solution that is being analyzed here backs up your personal contacts online. In public.
Upon starting the application, you will find a screen where you can put your mobile number and a password of your choice. Then you can upload your contacts in the cloud.
A brief analysis inside this application shows us how exactly it backs up your contacts in the cloud. The contacts are associated with the phone number that you have given in the previous step and they are sent through HTTP POST requests in a PHP page.
Further analysis through IP traffic capturing with Fiddler helped usdiscover the results in the pictures above; a page located online, for anyone to see, that contains thousands of un-encrypted entries of phone numbers and passwords. Using the info in the app you can retrieve personal private data (contacts) from another user.
We found log in data inside those entries from countries like Greece, Brazil, and others
The Play Store page says that this app has been installed 50.000-100.000 times. This is a big number of installations for an application that doesn’t deliver the basic secure Android coding practices. The developer must use technologies like HTTPS, SSL and encryption on the data that are transferred through the web and stored in the server. Nogotofail is a useful network security testing tool designed by Google to “to help developers and security researchers spot and fix weak TLS/SSL connections and sensitive cleartext traffic on devices and applications in a flexible, scalable, powerful way.“
Avast detects it as Android:DataExposed-B [PUP].
#GivingTuesday is a day dedicated to give from the bounty we have received.
After the shopping free-for-all of Black Friday, the local discoveries of Small Business Saturday, and the online click frenzy of Cyber Monday, people the world over have a day for giving thanks.
On Tuesday, December 2, 2014, charities, families, businesses, community centers, and students around the world will come together for one common purpose: to celebrate generosity and to give. ~www.givingtuesday.org
From supporting women’s microfranchises selling solar products in Nicaragua to supplying feed and services to a ranch in Arizona that helps save horses from abuse and neglect to constructing toilets in a school in West Bengal, there are a myriad of opportunities to spread your goodwill and your cash. It’s also an opportunity for cybercrooks to scam those with a generous heart.
What you need to know about charity scams
Charities and fundraising groups use all methods to solicit funds, so you could receive a phone call, a knock at your door, an email, a message via social networking sites, and even a text message on your mobile phone. Before giving your donation, carefully review a charity and ensure it is a trustworthy organization.
- Watch out for copycats. There may be hundreds of charities seeking support in the same category, and some may use a name that is similar to a better-known, reputable organization. Don’t fall for a case of mistaken identity.
- Avoid being pressured. Don’t succumb to high-pressure tactics that try to get you to donate immediately. Responsible organizations will welcome your gift tomorrow just as much as today.
- Give through a reputable, secure service. If a charity asks for donations in cash, by money wire, or offers to send a courier or overnight delivery service to collect the donation immediately, then beware. A genuine charity will give you time and a secure method to make your donation.
- When in doubt, check them out. The results of a Google or Yahoo search have been known to include bogus phishing sites designed to look like a legitimate charity’s website. Just look up scams around Hurricane Katrina, and you’ll see what I mean. Charity Navigator says,
- Carefully examine the web address. Most non-profit web addresses end with .org and not .com. Avoid web addresses that end in a series of numbers.
- Bogus sites often ask for detailed personal information such as your social security number, date of birth, or your bank account and pin information. Be extremely skeptical of these sites as providing this information makes it easy for them to steal your identity.
Many Avast users have protected their family member’s computers and mobile devices with Avast Antivirus products. In order to help you manage everyone’s security, our development team created a portal called the MyAvast Account. Our blog, Keep track of your family’s devices using your Avast Account, explains the basics.
Hopefully, you have already looked at your account. If not, click here to do so, https://my.avast.com. Now I’ll point out some important features that you will find useful.
The top 5 features in your Avast Account
- 1. The whole point of the MyAvast Account is to manage multiple devices from a single portal. If you have registered Avast products on multiple devices using multiple email addresses, you can pair these devices and email addresses to your account which lets you see all licenses in one place. You’ll see the license validity and expiration date for each device.
If you get a new device this CyberMonday and want to remove an old one, then you can easily remove the old device from the account. Go to the Device overview page, choose Settings, and delete from the account.
- 2. For all you Android smartphone users out there, the most important feature is our Avast Anti-Theft mobile security application. We improved the design, and also completely revised and simplified the commands.
- To see what I am describing, log into your account > Go to Devices > Click on your smart phone. In this screen you can see the most important commands that allow you to control your device. With one click you can locate your device, mark your device as lost, inform us and send notifications to your “safe” friend, transfer all calls and SMS to a new number, turn the siren on a lost device, or lock the device remotely. If you have Avast Mobile Premium, then you will have additional commands at your disposal. If you suspect your phone has been stolen, you can take a picture of the thief or record audio in addition to other cool options.
- 3. Avast Awards is a redesigned and interactive system where you earn free Avast products by recommending Avast to your friends. For sharing Avast using your own personalized link, carrying out certain tasks, and using our products you will be rewarded Karma points and Badges. For now, you can obtain a license for Avast Internet Security and badges for participating in our community or being a long-term Avast user. In the future, we may offer other premium products, so check back every once in a while.
- 4. Stay informed with our News widget (on the main account page on the bottom right), where you will see news from our blog and Facebook feed. This provides a great overview of security and privacy news. We invite you to follow and Friend us.
- 5. For those of you who like nice design, you will appreciate the updated Metro style of the portal, and your choice of themes. Visit Settings (the gear icon in the top right corner) and apply the one you like best.
Social Media Security is an additional feature that is in beta now. We wrote about it this past summer in the blog, New avast! Account with Facebook Security is here. Join Beta testing.
This feature helps you identify Facebook posts and photos that pose a threat to your privacy, security, and reputation. In addition to your own Facebook profile, we also monitor your friends network to keep you safe and secure.
Our developers and product managers will continue to work on improvements to the MyAvast Account. If you have any questions, comments, or suggestions, do not hesitate to participate in the dedicated Avast forum board. We look forward to your feedback!
Black Friday and Cyber Monday abound with deals on laptops. When you purchase a new laptop one of the first things you should do is make sure that it is secure with your choice of antivirus protection.
You will probably find that antivirus is already pre-installed, for example, Windows Defender is built into devices that use Windows 8 and Windows 8.1. Among Windows 7 users, Microsoft Security Essentials is on most devices. When users change antivirus protection, the top product enabled is, you guessed it, Avast Free Antivirus.
You should replace Microsoft Security Essentials
Initial praise for the software (MSE) has turned to disappointment and it’s now clear that a third-party antivirus remains the best pick even for users who don’t want to pay,
wrote Matt Smith in a makeuseof.com article called Why You Should Replace Microsoft Security Essentials With A Proper Antivirus. Mr. Smith recommends Avast Free Antivirus.
Same goes for Windows Defender.
If you’re relying solely on Windows Defender for your antivirus protection, you’re anything but defended,
wrote Jill Scharr for Tom’s Guide.
Out with the old, in with the new
We strongly recommend to uninstall previously installed antivirus applications before installing Avast Antivirus on your computer. You can find a list of vendors, from A to Z, that provide a special removal tool to uninstall their antivirus software on our FAQ page. We recommend you follow their instructions before proceeding with the uninstallation.
Avast is most trusted worldwide
For the second year, Avast Free Antivirus has taken first place in the Worldwide Antivirus Product Market Share as measured by OPSWAT. With 220 million people, mobile devices, and computers protected by our security applications, Avast is the most trusted mobile and PC security in the world.
Cybercrooks believe that their attacks are more likely to succeed during the holiday shopping season.
Retailers have been “leaking” special Black Friday deals since before Buffalo got covered in a snow wall, and that flurry of sales results in the annual spike that carries them through the rest of the year. But analysts who study these things warn that cybercrooks are riding the sales wave with a surge in attacks due to relaxed security measures.
The Wall Street Journal quotes Gartner Inc’s vice president Avivah Litan,
Retail transaction volume increases by 50% during the holidays and retailers don’t want to stop to slow the pace of business, so they relax fraud controls to some degree. Criminals know they’re likely to get away with more.
Yikes! That’s not good news for consumers, especially since we are swiping our credit and debit cards at places like Target, The Home Depot, and Neiman Marcus – all victims of point-of-sale terminal hacks this year. Experts have advised retailers to take action, like upgrading terminals with new technology and enabling chip embedded cards, but all that takes time to implement.
It’s not much better online. Attacks during last holiday shopping season, November 14, 2013 through January 9, 2014 increased by 264% over the weeks prior to that time, says security company Imperva.The reason?
Cybercrooks believe that retail applications are more vulnerable during this time of the year, and that attacks are more likely to succeed. Isn’t that what the Gartner analyst said about brick-and-mortar retailers?
The reasoning is similar – in order not to annoy shoppers who can go elsewhere, online retailers relax strict security measures such as step-up authentication and Captcha. Add that easy check-out to all those new Black Friday and CyberMonday quick campaign webpages, (“bad design, unsafe coding, and usage of insecure third-party libraries”) and cybercrooks get an early Christmas present in the form of your credit card number and possible stolen identity.
How to protect yourself during Black Friday
- Stay home on Thursday Celebrate Thanksgiving with your family. That way you can safely eat too much and watch football and movies while avoiding the crazed crowds trying to jump the gun on Black FRIDAY sales.
- In God We Trust, All Others Use Cash Use cash or a credit card when paying for your purchases. With a credit card, you can dispute charges, if your financial data falls into the hands of cybercrooks.
- Change your passwords. Please don’t use the same password for online shopping sites that you use for your bank. When you do it’s like wrapping it in fancy paper and a bow – it’s that easy for a cybercrook to get to.
- Regularly monitor your bank and credit card statements to make sure all the transactions are legitimate. Monitor your credit report for any changes.
It was great to see so many people who recognize the Avast brand and use our products at CARTES. We would like to say once more: Thank you so much! Every couple of minutes, we had a friendly visit from some of our fans and we always tried to talk to them for a while. Sometimes we got some interesting questions. We would like to share those that occurred the most.
1. Are you guys from the Netherlands?
No. Despite the orange color all over the place, Avast is a Prague- (that beautiful city in the Czech Republic that you read about in the travel magazines) based company with offices all over the world including Silicon Valley, Austin, Munich, and Hong Kong.
2. How do you make money if your products are free?
In general, we monetize our products both directly (via premium subscriptions or paid product versions) and indirectly (via ads in our applications, or partnerships / referrals, i.e.). On mobile, we are not making much money these days, compared to our desktop products. However, mobile apps are a great part of our product ecosystem. They help us build the brand and engage with people who use them. Our mobile products solve real problems and make the world a better, more secure place. In the future, we see a good potential to monetize mobile applications indirectly, due to our multi-million user base.
3. Why are you a better desktop Antivirus than XYZ?
“Better” is never a good word when talking about competition with modesty and respect. We have some compelling features in our Antivirus products. Check out the Home Network Security, SafeZone or process virtualization in our Avast 2015 version. Or you can try the Free version for yourself and compare our product with the Antivirus you have at the moment.
Did you like the article? Follow the author at @joshis_tweets.
If your home router is hacked, you have a serious situation on your hands.
When an Avast Home Network Security scan finds that your router is already compromised, this notification will appear.
This means that the router has been hacked and the DNS settings have been modified to serve hacked contents to a cyberthief. This is a pretty serious situation. When hackers exploit router vulnerabilities, gain access to it, and modify the DNS servers settings, all your Internet traffic can be forwarded to rogue servers. This is called a man-in-the-middle attack.
The DNS or Domain Name System, is the “phone book” of the Internet, and an IP address is what’s listed in the book. DNS names computers, services, or any resource connected to the Internet or a private network. It translates easily memorized domain names, for instance, www.example.com, to the unique numerical IP addresses needed to locate the service worldwide.
What happens when your router is hacked?
Instead of connecting to a clean site or service, when your router is hacked, you’ll visit a rogue and hacked one. It’s obvious that your privacy will be violated, and your banking information could be captured – by the man-in-the-middle mentioned above. Even the usually secure SSL, the HTTPS protocol we have all been instructed to look for to indicate a secure site, won’t assure you’re protected. Instead, you’ll be proxied through malicious servers and the encrypted connection is cut in the middle. This illustration shows what happens.
This could also happen if your router is set to default/weak/factory password. So, the worst scenario of hacking is not that uncommon. See the latest news about webcams being hacked because of the owner’s using default passwords. Vincent Steckler, CEO of Avast, told VentureBeat that consumers are notorious for not updating default passwords, just as I’m talking about here. Some 63 percent of wireless routers run with default passwords, says Steckler.
The problem goes further than just one user or one device. The malicious effects can spread to all users in the local network, regardless of the operating system used.
How to protect ourselves against this plague?
First, scan your home network with Avast Home Network Security to verify if your device is compromised. If Avast alerts you, it’s already too late. You’ve already been compromised. You need to manually check the DNS servers in the router configuration.
By default, your router uses DNS servers automatically acquired from your Internet provider. All the devices on your network — PCs, smartphones, tablets, game consoles, and anything else connected to the network — get their DNS server from the router. You can change the DNS server on your router, therefore changing every other device on your network.
There are several good articles on the Internet about changing your DNS. Here’s one from howtogeek.com.
You also need to pay attention to your browser address bar. The HTTPS indicator should be there all the time. If it comes and goes, you may have already been compromised. In these cases, or for any other strange symptom you could be experiencing: Disable your Internet connection immediately and change the router username and password to unique ones (consult the router manual for instructions).
But, be warned, neither of these will be enough because if the router is vulnerable, it will take the attacker no time to change the settings back. Updating the router firmware or even changing it completely – as described in previous article – will be necessary.