Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus

Archive

Archive for the ‘SMB/Business’ Category
March 6th, 2015

Why you need to protect your small business from hackers

Avast Free Antivirus protects small and medium sized businesses for free.

IT pros have used Avast Free Antivirus at home for years. It’s not a huge leap to use free Avast for Business at their place of business.

Small and medium-sized businesses face a challenge when it comes to keeping their data secure. Many companies don’t have the budget to hire a Managed Service Provider (MSP) to take care of their IT needs, and often, they think they do not have enough knowledge or time to handle it themselves, therefore the path of least resistance is to not have any security at all. At the very best SMBs use a consumer version of antivirus software.

But these days, neither of those options is a good idea. Having no protection leaves you too vulnerable, and the problem with using a consumer product in a work environment is whoever is managing the network cannot look across all computers at once and implement policy changes or updates.

Do hackers really target small businesses?

The media coverage of big time data breaches like Target, Neiman Marcus, and Home Depot may have many SMB owners thinking that they are not at risk, but even small and medium-sized businesses need to make sure that their data and that of their customers is protected.

Here’s a statistic that should get your attention: One in five small businesses are a victim of cybercrime each year, according to the National Cyber Security Alliance. And of those, nearly 60% go out of business within six months after an attack. And if you need more convincing, a 2014 study of internet threats reported that 31% of businesses with fewer than 250 employees were targeted and attacked.

Why do hackers target small businesses?

Hackers like small businesses because many of them don’t have a security expert on staff, a security strategy in place, or even policies limiting the online activity of their employees. In other words, they are vulnerable.

Don’t forget that it was through a small service vendor that hackers gained access to Target’s network. Hackers may get your own customer’s data like personal records and banking credentials and your employee’s log in information, all the while targeting the bigger fish.

While hackers account for most of the data lost, there is also the chance of accidental exposure or intentional theft by an employee.

Avast for BusinessWhat can I do to protect my small business?

For mom-and-pop outfits, Avast for Business, a free business-grade security product designed especially for the small and medium-sized business owner, offers tremendous value. The management console is quite similar to our consumer products meaning that the interface is user-friendly but also powerful enough to manage multiple devices.

“Avast for Business is our answer to providing businesses from startup to maturity a tool for the best protection, and there’s no reason for even the smallest of companies not to use it, because it starts at a price everyone can afford, free,” said Luke Walling, GM and VP of SMB at Avast.

Some companies may still opt to pay for a MSP, and in many cases, especially for medical or legal organizations, handing over administration to a third-party may be a good way to go. Either way, our freemium SMB security can be used, and if you use a MSP then the savings can be passed on to you.

Is free good enough for a business?

Many IT professionals have been using free security on their home computers for years. It’s not such a huge leap of faith to consider the benefits of making the switch in their businesses as well.

“I have been using Avast since 2003 at home, with friends, with family. You really come to trust and know a product over the years. It lends itself to business use really well, nothing held back,” said Kyle Barker of Championship Networks, a Charlotte-area MSP.

How do I get Avast for Business?

Visit Avast for Business and sign up for it there.

March 5th, 2015

Malvertising is bad for everyone but cybercriminals

One rotten malvertisement not only ruins the bunch, but can damage your SMB's reputation.

One rotten malvertisement not only ruins the bunch, but can damage your SMB’s reputation.

Malvertising, sounds like bad advertising right? It is bad advertising, but it doesn’t necessarily include a corny jingle or mascot. Malvertising is short for malicious advertising and is a tactic cybercriminals use to spread malware by placing malicious ads on legitimate websites. Major sites like Reuters, Yahoo, and Youtube have all fallen victim to malvertising in the past.

How can consumers and SMBs protect themselves from malvertising?

Malvertising puts both website visitors and businesses at great risk. Site visitors can get infected with malware via malvertising that either abuses their system or steals personal data, while businesses’ reputations can be tarnished if they host malvertisments. Even businesses that pay for their ads to be displayed on sites can suffer financial loss through some forms of malvertising because it can displace your own ads for the malicious ones.

To protect themselves, small and medium sized businesses should make sure they use the latest, updated version of their advertisement system, use strong passwords to avoid a dictionary attack and use free Avast for Business to discover and delete malicious scripts on their servers. Consumers should also keep their software updated and make sure they use an antivirus solution that will protect them from malicious files that could turn their PC into a robot, resulting in a slowed down system and potential privacy issues. Avast users can run Software Updater to help them identify outdated software.

How does malvertising work?

Businesses use ad systems to place and manage ads on their websites, which help them monetize. Ad systems can, however, contain vulnerabilities. Vulnerabilities in general are a dream come true for cybercriminals because vulnerabilities make their “jobs” much easier and vulnerabilities in ad systems are no exception. Cybercriminals can take advantage of ad system vulnerabilities to distribute malicious ads via otherwise harmless and difficult to hack websites.

Why cybercriminals like malvertising

Cybercriminals fancy malvertising because it is a fairly simple way for them to trick website visitors into clicking on their malicious ads. Cybercriminals have high success rates with malvertising, because most people don’t expect normal looking ads that are displayed on websites they trust to be malicious. Targeting well-visited websites, not only raises the odds of ad clicks, but this also allows cybercriminals to target specific regions and audiences they normally wouldn’t be able to reach very easily. Another reason why malvertising is attractive to cybercriminals is because it can often go unnoticed, as the malicious code is not hosted in the website where the ad is being displayed.

Examples of malvertising

An example of an ad system platform with a rich history of vulnerabilities is the Revive Adserver platform, formerly known as OpenX. In the past attackers could obtain administrator credentials to the platform via an SQL injection. The attackers would then upload a backdoor Trojan and tools for server control. As a result, they were able to modify advertising banners, which redirected site visitors to a website with an exploit pack. If the victim ran outdated software, the software would download and execute malicious code.

Another malware family Avast has seen in the wild and reported on that spread via malvertising was Win32/64:Blackbeard. Blackbeard was an ad fraud / click fraud family that mainly targeted the United States. According to our telemetry, Blackbeard infected hundreds of new victims daily. Blackbeard used the victim’s computer as a robot, displaying online advertisements and clicking on them without the victim’s knowledge. This resulted in income for botnet operators and a loss for businesses paying to have their ads displayed and clicked.

February 23rd, 2015

Business owners rejoice – you can now get business-grade security for free from Avast

Avast is pleased to offer the World’s First Free Business-Grade Security to small and medium-sized businesses.

Avast for Business protects SMBs for free

In a move that will make a difference to the security of local businesses across the USA and the UK, Avast launches Avast for Business—a free, easy to use, cloud-managed security offering that protects small to medium-sized businesses (SMBs) from viruses and cyber attacks.

This is the first free information security product built specifically for businesses with cross-platform protection, meaning that it protects both PCs and Macs. It solves a problem that many businesses have: No IT staff, lean IT budgets, lack of know-how, or even any security at all.

“Since 2001 we’ve delivered great, free security products for home users,” said Vince Steckler, Chief Executive Officer of Avast. “We believe the time is right to provide great security that is not only free, but also simple for SMBs to implement and manage. A small business may not view their customer database or online orders at the same level as data of an enterprise. Avast for Business addresses the problem of those businesses using consumer products and not being adequately protected; it gives those enterprises a business-class solution they can grow with.”

Avast for Business is easy for SMB owners to install, configure and manage advanced security solutions with or without the help of a full-time IT manager. Users are able to effortlessly monitor, manage and protect devices anywhere, anytime from Avast’s cloud-management console.

“Anybody can use the interface,” said Kyle Barker of Championship Networks, an Avast partner in North Carolina, USA. “If you’ve ever seen a simple installment of Avast, you’ve seen the interface, you know the controls. Anybody that ever used the small office console already knows every feature that’s in this product. It’s a simple transition.”

From the easy-to-navigate console, users have the ability to configure robust reporting and alerting to easily stay on top of what is happening inside of their environment. Avast for Business features include:

  • Free Essential Antivirus protection (File Shield, Web Shield, Mail Shield)
  • HTTP and HTTPS Threat Scanning & Integrated Browser Protection
  • A Web-based management console that is accessible anywhere, anytime.
  • Robust reporting and alerting engine
  • Cross-Platform Support including Windows and Mac OSX.

For advanced security requirements, Avast for Business also offers premium services. There are no limits on the number of protected devices, and businesses can activate and deactivate licenses as needed. This allows them to grow comfortably without the concern of overwhelming costs.

“It’s very easy to choose on a month to month basis the number of licenses you want. Any number of licenses can be mixed from free and premium and you can change this on a month to month basis,” said Barker.

Later in 2015, Avast will introduce programs for managed service providers and the reseller channel, to benefit from the power of free. In the spring, Avast will form its first ever partner advisory council in order to bring partners closer to Avast, to discuss features and functions specific to their needs.

January 28th, 2015

Infographic: Privacy tips for business

Privacy plays a growing part in customer buying decisions. With every data breach, trust is eroded further.

Privacy and security are intertwined when it comes to our individual information. Consumers are becoming increasingly aware of the value of their personal data, so that means that businesses have to step up and do a better job of securing that data. Identity theft is the #1 fear of consumers, but for your business the risk is loss of trust and brand damage.

Since trust is the core of any transaction it’s important to know how privacy factors into your customer’s buying decisions. Research shows that almost 40% of consumers made buying decisions based upon privacy. When looking at who these people are, it was found that these individuals are aged 46-65 and have the highest incomes. But don’t rely on the business of the younger generation to supplant that once trust is lost; 27% of millenials abandoned an online purchase in the past month due to privacy or security concerns.

To mark Data Privacy Day on January 28, the following Privacy is Good for Business tips were created by privacy experts in civil-society, non-profit, government and industry and aspire to help business address the public’s growing privacy concerns:

DPD-Privacy-is-Good-for-Business-2014_1_13

  • If you collect it, protect it. Follow reasonable security measures to keep individuals’ personal information safe from inappropriate and unauthorized access.
  • Be open and honest about how you collect, use and share consumers’ personal information. Think about how the consumer may expect their data to be used.
  • Build trust by doing what you say you will do. Communicate clearly and concisely to the public about what privacy means to your organization and the steps you take to achieve and maintain privacy.
  • Create a culture of privacy in your organization. Explain to and educate employees about the importance and impact of protecting consumer and employee information as well as the role they play in keeping it safe.
  • Don’t count on your privacy notice as your only tool to educate consumers about your data practices.
  • Conduct due diligence and maintain oversight of partners and vendors. You are also responsible for how they collect and use personal information.
October 27th, 2014

Pony stealer spread vicious malware using email campaign

Most people want to stay on top of their bills, and not pay them late. But recently, unexpected emails claiming an overdue invoice have been showing up in people’s inboxes, causing anxiety and ultimately a malware attack. Read this report from the Avast Virus Lab, so as a consumer you’ll know what to look for, and as a systems administrator for an SMB or other website, you will know how cybercrooks can use your site for this type of social engineering scam.

Recently we saw an email campaign which attempted to convince people to pay an overdue invoice, as you can see on the following image. The user is asked to download an invoice from the attached link.

mail1

The downloaded file pretends to be a regular PDF file, however the filename “Total outstanding invoice pdf.com” is very suspicious.

When the user executes the malicious file, after a few unpacking procedures, it downloads the final vicious payload. The Avast Virus Lab has identified this payload as Pony Stealer, a well-known data-stealing Trojan which is responsible for stealing $220,000, as you can read here.

We followed the payload URL and discovered that it was downloaded from a hacked website. The interesting part is that we found a backdoor on that site allowing the attacker to take control of  the entire website. As you can see, the attacker could create a new file and write any data to that file on the hacked website, for example, a malicious php script.

backdoor

Because that website was unsecured, cybercrooks used it to place several Pony Stealer administration panels on it, including the original installation package, and some other malware samples as well.  You can see an example of Pony Stealer panel’s help page written in the Russian language on the following picture.

panel

Avast Virus Lab advises:

For Consumers: Use extreme caution if you see an email trying to convince you to pay money for non-ordered services. This use of “social engineering” is most likely fraudulent. Do not respond to these emails.

For SMBs: If you are a server administrator, please secure your server and follow the general security recommendations. As you learned from this article,  you can be hacked and a backdoor can be put in your website allowing anyone to upload whatever he wants to your website. Protect yourself and your visitors!

SHA’s and detections:

4C893CA9FB2A6CB8555176B6F2D6FCF984832964CCBDD6E0765EA6167803461D

5C6B3F65C174B388110C6A32AAE5A4CE87BF6C06966411B2DB88D1E8A1EF056B

Avast detections: Win32:Agent-AUKT, Win32:VB-AIUM

Acknowledgement:

I would like to thank Jan Zíka for discovering this campaign.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

October 15th, 2014

5 steps to keep your SMB data protected

SMB-security

When Edward Snowden came forward in May 2013, accusing the world’s largest intelligence service of spying on US allies, people, and private companies, it became evident that electronic data is quite vulnerable. This major event even caused Russian and German government officials to consider cataloguing their data, using old-fashioned manual typewriters instead of computers. Should you do the same with your business’ data to protect it?

The only way to keep your data absolutely safe from hackers and spies is to keep it far away from computers and servers, but this approach isn’t realistic. So here are five steps that you can take to protect your small or medium size business’ data:

1)     Configure your computer network properly Regardless of the way your computers are connected in your company, via work group or server, make sure that you have implemented the right configuration. Make sure you haven’t left any gaps for hack attacks, such as software that has not been updated or free network accessibility to suppliers or all company employees.

2)     Install a business-grade antivirus This one sounds obvious, however, it is important to point out that several SMBs still use personal antivirus to protect their business data. A company that opts to use consumer security products might not get into legal problems (although this is possible), but the major issue here is the security of the data itself. Business antivirus allows an entrepreneur to manage the company’s electronic security remotely instead of being obligated to check   each PC’s security manually. With a administration console, you can check on current problems, their solutions, and in the event of an infection or unauthorized action your console can get real-time alerts.

3)     Educate your employees about online security At AVAST we receive 50,000 samples of new viruses a day. Online security is evolving, which means you need to educate your employees about the dangers of online security and how they can best protect your company’s data on a regular basis. Try to focus on explaining the concept of social engineering to your employees, what the most recent methods of attacks are, and what the latest malware on the market is. The AVAST blog is a great place to find this information.

4)     Keep in mind that humans can fail Remember that although a great part of online security can be automated, it continues to be dependable on human actions, which from time to time can fail. Minimize the risks by training your employees properly and sharing the responsibility for data security with everyone. If a mistake is made, take it as an experience to learn from as a company, rather than cracking down on one person.

5)     Encrypt your most important data Currently, SMB owners have the option to encrypt data, so that in the case of an attack, their files will be protected. Encrypting files turns the information into unreadable code and only those who have the access to the encryption key are able to restore the files to their original state. This process is not simple, which is why it is recommended to encrypt your most important and sensitive files.

In addition to these five steps, make sure you stay up-to-date with the latest data security news. If a company in the same field as yours gets attacked, it can hit your SMB quicker than you may think! Remember, the digital world has neither frontiers nor barriers!

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Categories: SMB/Business Tags:
Comments off
August 28th, 2014

Bad news for SMBs: Target’s “Backoff” malware attack hits 1,000 more businesses

PoS attacks

avast! Endpoint Protection can protect your network

U.S. merchants advised to protect themselves against same PoS hack that hit Target and Neiman Marcus last year.

More than 1,000 U.S. businesses have had their systems infected by Backoff, a point-of-sale (PoS) malware that was linked to the remote-access attacks against Target, Michaels, and P.F. Chang’s last year and more recently, UPS and Dairy Queen. In the Target breach alone, 40 million credit and debit cards were stolen, along with 70 million records which included the name, address, email address, and phone number of Target shoppers.

The way these breaches occur is laid out in BACKOFF: New Point of Sale Malware, a new U.S. Department of Homeland Security (DHS) report. Investigations reveal that cybercrooks use readily available tools to identify businesses that use remote desktop applications which allow a user to connect to a computer from a remote location. The Target breach began with stolen login credentials from the air-conditioning repairman.

Once the business is identified, the hackers use brute force to break into the login feature of the remote desktop solution. After gaining access to administrator or privileged access accounts, the cybercrooks are then able to deploy the PoS malware and steal consumer payment data. If that’s not enough, most versions of Backoff have keylogging functionality and can also upload discovered data, update the malware, download/execute further malware, and uninstall the malware.

General steps SMBs and consumers can take to protect themselves

  • You should use a proper security solution, like avast! Endpoint Protection, to protect your network from hacking tools, malicious modules, and from hackers using exploits as a gateway to insert malware into your network.
  • Regularly monitor your bank and credit card statements to make sure all the transactions are legitimate.
  • Change default and staff passwords controlling access to key payment systems and applications. Our blog post, Do you hate updating your passwords whenever there’s a new hack?, has some tips.
  • Monitor your credit report for any changes. You’re entitled to one free report per year from each of the three reporting agencies.

Read more…

Comments off
August 21st, 2014

Employees using public Wi-Fi put sensitive business data at risk – VPN services provide proper protection

travel tipsJohn Smith works for a small business with ten employees. The company is sending John abroad to meet with potential investors. Being the productive employee that John is, he connects to the public Wi-Fi provided by the airport to do some work. He visits the investors’ websites and sends a few emails to his colleagues. On the flight, John continues to surf the web using the in-flight Wi-Fi. Once John lands he goes to a café before his first meeting. At the café he connects to the Wi-Fi to download a revised version of his presentation. After his meetings, John goes to his hotel for the night. There, John connects to the hotel’s Wi-Fi to send his boss a summary of the meetings and to catch up on some news from home. To John’s disappointment, local news videos are blocked due to geographic restrictions.

This sequence of events is typical for traveling business professionals. Connecting to public Wi-Fi frequently while on the go may be a great way to get work done, but it can be dangerous if employees don’t use a VPN (Virtual Private Network) connection.

During John’s journey he connects to four different hotspots. John works for a small business, so they do not have an IT administrator who set up a secure VPN for John to use. John therefore transferred valuable information, entered log in credentials, and browsed websites that reveal his business’ intentions without any protection. Anyone could observe which websites John visited, read messages he sent, and access files he transferred via unsecured sites with tools readily available online.

Unless you are visiting sites beginning with HTTPS, your communication is unencrypted. This means all your communication is out in the open for anyone to see, including log in credentials. Sharing information, such as files, via file transfer protocol (FTP) while connected to public Wi-Fi is also never a good idea. Like visiting non-HTTPS sites, files and data transferred via FTP are up for grabs.

Don't forgetSmall businesses, without a VPN network, should turn to VPN services, like avast! SecureLine VPN to protect their data. A VPN creates a virtual shield and tunnels traffic to a proxy server. The proxy server protects business data, thus preventing hackers from accessing files and other sensitive information stored on the device. VPNs also anonymize location; an added plus for when business professionals who need access to content from home that may be blocked while traveling.

REMEMBER THIS!

With a VPN connection you can:

  • Protect your business data by preventing hackers from accessing files and other sensitive information stored on the device
  • Anonymize your location (IP address) online so you can access restricted content from home that might be blocked while traveling (Netflix, anyone?)
  • Hide your login details from snoops on public Wi-Fi. Avast encrypts all of your web use, including log ins and passwords.

avast! SecureLine VPN is available in packages of three, five or ten licenses and can be purchased from authorized AVAST resellers. avast! SecureLine VPN can also be purchased directly from the AVAST online shop.

Read more about VPN and avast! SecureLine from these blog posts:

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on FacebookTwitter and Google+. Business owners – check out our business products.

Comments off
July 23rd, 2014

Should small and medium-sized businesses be worried about PoS attacks?

Customers are vulnerable at the moment of purchase.

Most U.S. merchants cannot detect fraud at the point of sale.

One of the most dangerous places in America is your local retailer. Before you leave the building with your purchases, you run the risk of having your identity stolen.

No doubt you recall the 2013 security breaches at Target, Michael’s, and Neiman Marcus where millions of records were compromised by Point-of-Sale (PoS) attacks. PoS occurs when the customer makes a payment to the merchant. That last exchange is the most vulnerable.

Large retail merchants lead the list by 50% of organizations where consumers’ data was compromised in 2013, followed by credit card issuers and consumer banks, according to the #DataInsecurity Report done by the National Consumers League, in cooperation with Javelin Strategy & Research. The #DataInsecurity Report also revealed that 61% of data breach victims reported the breached information was used to commit fraud against them.

This should not come as a surprise. According to the Nilson Report, approximately $4 trillion dollars was paid with credit, debit, and prepaid cards in the U.S. last year. Add to that the ready availability of code to execute PoS attacks available on underground forums and you have the perfect storm of a large victim pool for cybercriminals. The U.S. is an easy target since EMV cards (cards with chips embedded) have not been widely adopted. EMV, conceived between Europay, MasterCard and Visa, is a standard securing payments in other countries.

Cybercriminals don’t care about the size of your business

U.S. banks are slow to upgrade to "Smart cards" with embedded chips

U.S. banks are slow to upgrade to “Smart cards” with embedded chips.

Although most of the PoS attacks highlighted in the media were against large retailers, cybercrooks don’t care how large or small your business is. You would think they would, but cybercriminals are more interested in raking in the money rather than caring about the fame they could possibly receive from attacking a large and popular business. Regardless of its size, if your business has a PoS system to charge customers for products or services, you should be protecting your system to save yourself from a possible attack. PoS attacks not only steal valuable customer information, they can damage your business’s reputation.

The #DataInsecurity Report shows that only 10% of retail fraud victims are confident that retailers can protect their information in the future.

How PoS attacks work

The biggest PoS Trojans, like Dexter, BlackPOS, Minerva, and vSkimmer, have targeted systems and networks running Windows. Read more…

April 23rd, 2014

Facebook is spring cleaning your News Feed

Facebook spam blocks relevant News Feed posts

Spam blocks news Facebook users want to see

Last year, Facebook had the dubious honor of containing more spam than other social networks.

In order to combat this scourge, Facebook recently announced a series of  improvements to the News Feed to help ensure that spammy content does not drown out the posts that people really want to see from friends and Pages they care about.

“The goal of this spring cleaning is to deliver the right content to the right people at the right time so they don’t miss the stories that are important and relevant to them,” said Facebook.

The clean-up targets three areas: Like-baiting, frequently shared content, and spammy links

Like-baiting is one of the sneakiest scams on Facebook. It’s when a post explicitly asks readers to like, comment, or share the post in order to increase the number of likes and/or shares; in other words, to “Go Viral.”  As we have described in previous posts, the page usually collects the likes, then sells it to the highest bidder to re-purpose for new annoying posts and scams.

Facebook uses this cute animal survey image to illustrate what it considers to be like-baiting.  The text asks the reader what their favorite animal is, with pictures asking for likes, comments, and shares.

Like-baiting is one of the sneakiest scams on Facebook

Facebook found that there was an over-abundance of frequently shared content.

Read more…