That online shopping increases day by day is not news. If you are an average user, you are probably already aware of the normal precautions and have taken them yourself. Ease of use and convenience when browsing for different products or searching for the best prices has improved greatly. However, at the same time, online threats and frauds have also increased exponentially. Therefore, from time to time, all of us must review our behavior and think again if our habits are secure.
Best practices while online shopping
1. Use your own computer or mobile device when shopping. It seems obvious, but you cannot trust a computer that does not belong to you, even your best friend’s computer. It might not have appropriate protection and it could already be compromised by malware. So, always use your own device, install an anti-malware solution and before you start doing anything that involves your money, scan your network to discover if it is safe.
This week’s episode answered A LOT of questions — we met the infamous White Rose and found out why the Dark Army backed out of the planned takedown of Steel Mountain a few episodes ago, we found out why Cisco blackmailed Ollie into infecting AllSafe with malware and we (kind of) found out who Mr. Robot and Darlene really are! Although many of my questions were answered in this episode, I also found myself asking “what?” and “why?” throughout it. What is a honeypot? What is reverse engineering and why is Tyrell talking to Mr. Robot? Why is Tyrell happy about Fsociety hacking E Corp? I turned to my colleague Ivan Jedek, malware analyst at Avast, to get some answers to my questions. Read more…
We all know how bothersome finding and connecting to Wi-Fi networks in public places can be — often, we encounter frustrating roaming fees or slow connection speeds in crowded spaces. At Avast, we want Wi-Fi connection to be a safe and simple process for our users. As a result, we’re currently working on new product that will help people to detect and connect to public Wi-Fi networks without any security risk.
Introducing Avast’s new product pioneering program
We’ve recently rolled out a new feature within Avast Mobile Security called the product pioneering program. This program helps harvest nearby Wi-Fi hotspots available for users when they need to connect to public Wi-Fi networks. The feature also supports the creation and growth of our own trustworthy and up-to-date hotspot database, which we need in order to deliver information about nearby Wi-Fi hotspots to our users. As we know that Avast users place great importance on their security and privacy, we are asking our users to lend us a helping hand in collecting and identifying hotspots in their local surroundings. This requires us to request the GPS position permission of our users during the installation or upgrading process of Avast Mobile Security.
Upon installing or upgrading Avast Mobile Security, users will receive an in-app notification that informs them of our product pioneering program. If a user chooses to opt in to the product pioneering program, it is only then that his or her GPS location information will actively be gathered.
In an article recently published by TIME in collaboration with the Center for Plain Language, a selection of the world’s leading and regularly visited tech websites were ranked in a list in relation to their privacy policies. In short, they rated the companies based on the manner in which they communicated with the public while walking them through their privacy policies. In this case, it wasn’t the actual data that these companies collect from current and potential new users that was being analyzed. Instead, this study looked at the way in which that information is brought to the attention of these users.
Some sophisticated viruses hide when you turn on your computer (also known as booting up your computer), and even antivirus software like Avast, with its boot-time scan feature, can be prevented from seeing it. If you believe your computer is infected with a virus, the first step you should take is to download and install Avast Free Antivirus and run an entire system scan. If for some reason you are unable to do that, and you have exhausted all other alternatives, like asking our support team for help by submitting a request online at http://www.avast.com/support, then you can create an Avast Rescue Disk that will scan, detect, and remove most malware. This bootable version of Avast attacks a virus from outside of your computer system, catching it before it hides or camouflages itself.
You can create the Avast Rescue Disk from any Avast product. All you need is an uninfected computer with Avast Antivirus 2015 installed and an empty USB flash drive (make sure it is fairly new so that it supports booting) or a blank recordable CD/DVD.
Relying on your hotel to protect you when using their free guest Wi-Fi is not a good idea.
Even the best hotel chains are vulnerable to hackers, so having a Virtual Private Network (VPN) is vital for your protection. I will tell you how easy it is to use below. But first, here’s how cybercrooks can get their victims:
One way is through buggy equipment such as the critical vulnerability discovered last March in ANTlabs’s InnGate product used by 277 hotels, convention centers, and data centers in 29 countries. The InnGate provides temporary guest access to a Wi-Fi connection. By breaking into this piece of equipment, an attacker gets full read and write access to a Linux file system and from there can launch attacks against guests on the affected hotel’s Wi-Fi.
Another tactic hackers take is to create a fake Wi-Fi network, call it something innocuous like “Hotel Guest Wi-Fi”, and lure unsuspecting victims to their rogue connection. What the hackers do is set up their own access point and hope you’ll connect to theirs instead of the public Wi-Fi network.
What do hackers want?
It depends on who you are and what information you have on your devices. For normal people with normal jobs, typically, the hacker can watch your online activity, read your email, steal your account passwords and if they go deeply enough, potentially steal your credit card information, which is the precursor to identity theft. “There is seemingly no limit to what they could do,” say the researchers who discovered the InnGate vulnerability.
Victims’ laptops or mobile devices can be also be infected with malware. Last year, the DarkHotel cyberspies gained access to the computers of high-level executives, government agencies and NGOs, and U.S. executives traveling in Asia, probably to steal nuclear secrets.
How do you protect yourself on free Wi-Fi?
In February, Avast launched the world’s first free, easy to use, cloud-managed security offering, Avast for Business, protecting SMBs from viruses and cyberattacks. We conducted a survey amongst our Avast for Business users in the UK to gain further insight into how local SMBs handle their security.
Nearly three-quarters (73%) of respondents said that 100% of their company’s employees use the Internet. Businesses, whether small or large, retail or non-profit, often have a database of valuable customer data, making them an attractive target for cybercriminals.
Cybercrooks use social engineering to attack businesses, tricking employees via phishing scam to, for example, gain access to a company’s network. Despite the high number of data breaches, 57% of SMBs in the UK invest only 0-2% – little to nothing – of their IT budget on security.
Who handles IT support services for SMBs in the UK?
- 1 out of 10 said an employee (not a designated IT admin) handles the company’s IT support services
- Nearly 50% have an in-house technician
- 1 out of 10 have an external supplier/technician handles the company’s IT support services
- 28% of SMB business owners handle their company’s IT
More than half of SMBs in the UK allow their employees to access company data from their personal devices. Bring your own device (BYOD) is a convenient practice SMBs have embraced, as it saves costs and encourages productivity.
However, BYOD can be risky, if not handled properly. Not only can hackers target the device to gain access to sensitive corporate information, but if the device is lost or stolen, the company data stored on it goes with the device. More than half (52%) of SMBs authorize employees to access corporate data on personal devices, yet the majority (54%) doesn’t run a BYOD scheme.
Losing valuable and confidential data (31%) is the greatest security risk to UK SMBs along with productivity (23%) and losing customers (16%). We asked our business users if a virus or threat had infected them before switching to Avast for Business. When it came down to it, threats and hacks cost six out of 10 businesses productivity, followed by data loss (19%).
Types of security solutions SMBs used prior to switching to Avast for Business:
- More than half (55%) used free consumer security solutions
- 23% used premium business security solutions
- Nearly one out of ten used premium consumer security solutions
- Nearly one out of ten either do not know what kind of security solution they used before switching to Avast for Business or did not use any security solution (3%)
If your SMB has a low IT budget or if your business is currently using a consumer security solution, make sure you check out Avast for Business. Avast for Business is FREE and can be downloaded here.
This week’s episode was pretty intense — although not so many hacks took place, this week focused on meaningful development of the show’s characters. The episode opened with a flashback to when Elliot and Shayla met; we now know where he got his fish and that he is the reason Shayla got involved with Vera. Then we move onto Angela, who has gone forward with her plan to get justice for her mom’s death, but she isn’t the only one on a mission. Tyrell continued in his fight to become CTO of E Corp – going a little too far (even for his own comfort) during his private time with Sharon, the wife of the newly-appointed E Corp CTO.
Despite the fact that there were no major hacks, there were a few interesting scenes I sat down to talk about with my colleague, Filip Chytry, security researcher at Avast.
Targeted advertisements based on your search history, location tracking, Wi-Fi sharing, torrent style updates – features that share too much are getting privacy watchdogs in a tizzy.
Reviewers and consumers alike are happy about the new Windows 10, but now that there has been time to read through the 45-page long consolidation of Service Agreements into one central agreement (which also covers Bing, Outlook, and Xbox Live) some data protection advocates are taking issue with certain features. The European Digital Rights (EDRi) organization summarized that “Microsoft basically grants itself very broad rights to collect everything you do, say and write with and on your devices in order to sell more targeted advertising or to sell your data to third parties.”
Sharing your business to keep yourself organized
One of the useful but controversial features in Windows 10 is a personal digital assistant called Cortana, similar to Apple’s Siri (and light years away from Clippit, Windows 95 office assistant!) Cortana can set reminders, recognize your natural voice, use information from Bing to answer questions, and of course save all that information in order to provide personalized search results, which basically means you are being profiled so targeted ads can be presented to you (Facebook and Google does that too). Cortana can be disabled and you can opt out of personalized ads.
Although it’s possible to use third-party apps stores safely and securely, the fact that scams do still occur in a variety of app stores shouldn’t be ignored. On Sunday, a threat was discovered by a user who posted the issue on our forum. The scam, located within the Windows Phone Store, advertised three fraudulent versions of Avast Mobile Security. These fake apps not only include the Avast logo, but also feature actual screenshots from AMS in their image galleries. Our fast-acting team has since blocked the pages and has labeled them as malicious.
Fake AMS apps collect personal data and redirect users to adware
If downloaded, these fake versions of AMS found on the Windows Phone Store pose a risk to users’ security. Here’s how they work:
- New Avast security: This app includes three control buttons which show only advertisements. Even without actively clicking on the ads, the app redirects users to additional adware.
- Avast Antivirus Analysis: Claiming to “protect your phone from malware and theft”, this malicious app runs in the background of victims’ devices once downloaded and collects their data and location.
- Mobile Security & Antivirus – system 2: Simply put, this is a paid-for version of “New Avast security” that forcibly leads users to adware.