This article is a re-print from the April 1, 2015 edition of Silicon India.
Security threats are evolving quickly, making it difficult to pinpoint just one threat that is currently affecting small and mid-size businesses.
From the threats we have observed in the past and the ones we anticipate for the future, we have learned that while malware can be damaging to businesses, so can human decisions. This makes it vital for small and mid-size business owners to discuss possible threats with their employees and share basic IT guidelines with them, but more importantly, to implement a strong security solution that holds up dangers before they become a real threat.
Taking Advantage of Human Nature: Social Engineering
Hackers understand that it is human nature to make mistakes, which is why they often turn to social engineering. Social engineering is a tactic that tricks people into revealing their personal information, like log in details, or into performing actions, like downloading malware disguised as an attachment or link.
Phishing emails are a popular form of social engineering that can easily sneak their way into your employees’ inboxes, disguising themselves as yet another offer, promotion, or even customer, if you do not have anti-phishing protection. Phishing campaigns come in many forms; they can either use scare tactics to make people believe they are in trouble or that they have won a prize.
In the last few months we have seen Trojans like Pony Stealer and Tinba make their rounds. Both Pony Stealer and Tinba attempted to convince people they owed money and to download an invoice, which was of course not an actual invoice, but a Trojan.
Falling for phishing scams can have devastating effects on businesses; they could not only steal personal information, but also attack Point of Sale (PoS) systems to steal customers’ financial information, thus not only affecting the business itself, but its clients as well.
Lack of security awareness: Beneficial for hackers, bad for your business
Not taking proper security precautions, like choosing weak passwords or ignoring security updates, is another human flaw cybercriminals like to abuse to access accounts and networks. To gain control of a system, hackers can enter common or weak passwords or simply look up hardware’s default administrative log in credentials.
Stay safe on public Wi-Fi while watching the game from anywhere in the world with Avast SecureLine VPN.
March Madness is in full swing — this year’s NCAA Tournament is now in its second week and we’re already down to the Sweet 16. When you think about March Madness, you probably think about your bracket, your favorite college basketball teams, and the bets you’ll place on those who you think will win the tournament. Although it’s easy to get caught up in the spirit of March Madness, it’s the betting process that you should really be paying attention to: this popular activity serves as the perfect opportunity for hackers to access your personal information.
Since most people watch the NCAA games in bars or cafes with friends, they make the majority of their bets using their mobile devices while connected to public and often unsecured Wi-Fi networks. Public Wi-Fi networks are convenient, but they‘re not safe. Cybercrooks can easily access and steal personal data when you‘re connected to these unprotected networks. Even if you’re transmitting data from one HTTPS site to another, it’s the connection in-between the two sites that really puts your data at risk. Additionally, developments such as real-time betting make the odds for getting hacked even greater.
During March Madness, a time of year when so many financial transactions are being made, cybercrooks are especially likely to steal your banking info (e.g. your credit card and/or account numbers) and personal info (e.g. your social security number, social media accounts, etc.). Avast SecureLine VPN for Android and updated for iOS devices keeps these cybercrooks at bay and securely allows you to use your PCs, smartphones, and tablets on unsecure Wi-Fi networks while participating in March Madness at your favorite bar or cafe.
“Unfortunately hacking isn’t a complicated process – there are tools available online that anyone can easily use to steal personal data,” says Ondrej Vlček, COO at AVAST. “We created Avast SecureLine VPN to allow users to browse the web anonymously and safely, especially while using open Wi-Fi.”
Watch content from all over the world
You don’t have to miss a single game or your favorite program while you are traveling. SecureLine VPN makes it look like you’re connected from a different location, allowing you to view ‘local’ content anywhere because your shown geo-IP address will be different from your real one.
Keep your data and identity safe using Avast SecureLine
VPN stands for Virtual Private Network. Avast SecureLine VPN creates a private ‘tunnel’ through the internet for your data to travel through, and everything – your web browsing history, your email, your IMs, your VOIP, everything – inbound and outbound through the tunnel is encrypted. Even if your data is intercepted, your identity is protected, since Avast SecureLine masks your IP address.
For those of you interested in technical specs, here are the highlights:
- Avast Secureline VPN uses OpenVPN protocol.
- The encryption used is 256bit AES.
- Communication on all ports is encrypted.
How to get Avast SecureLine
The Avast Mobile Security team demonstrated how easy it is to hack smartphones and tablets at the Mobile World Congress.
The sleekest smartphones, the coolest wearable devices, and the best in mobile security were debuted at the Mobile World Congress in Barcelona last week. But it was hacking user’s devices at the Avast booth that had the journalist’s buzzing.
Hacking unsecured Wi-Fi is easy enough for any IT college student
Filip Chytry, a mobile malware researcher that you are familiar with if you visit our blog, set up a wireless hotspot in the Avast booth that allowed visitors to track the online activity of any device that connects.
“The site will let Avast capture passwords, messages and other information people type on the websites, and Chytry can even create dead ringers for Gmail or Facebook sign-in screens – - down to the little green padlock icon that indicates a secure connection…,” reported Bloomberg Business in The Easiest Way to Get Hacked: Use Phone at Phone Show.
The hacking demonstration illustrated what Avast found out during a global Wi-Fi hacking experiment conducted right before MWC.
“The study found that people around the world overwhelmingly prefer to connect to unsecured and unprotected Wi-Fi networks instead of password-protected networks,“ wrote Help Net Security in Global experiment exposes the dangers of using Wi-Fi hotspots.
Security experts from Avast traveled to 9 cities on 3 continents, and found that Wi-Fi users in Asia are the most prone to attacks. Chicago and London are the most vulnerable in the USA and Europe. Avast’s spokesperson Marina Ziegler told E&T Engineering and Technology magazine, “…in London we found that 54 per cent of routers were weakly encrypted and easily accessible to hackers.”
“That means that if a hacker walks into a pub, he can access the router’s settings and for example reroute the traffic via another malicious server,” said Chytry. “That’s very easy. Every IT college student can do that.”
Wi-Fi and encryption
Data transmitted over a wireless network can be either unencrypted or encrypted. While both options are available to users, the use of open, unprotected Wi-Fi networks has become increasingly popular across the globe. In the case of open wireless networks, the transmitted data are unencrypted and might be visible to others, as is shown in the screenshot below. To resolve this issue, many wireless networks use password protection. However, the method and strength of these passwords matter: if a weak encryption method, such as WEP, is used, an attacker can simply crack the password and decrypt the device’s communication. Hence, the use of a strong encryption such as WPA/WPA2 is suggested. The length of a password is another important factor to its strength — a strongly encrypted communication with a short key length can still be cracked by hackers within a short amount of time. Because of this, a key length of longer than 8 characters is strongly recommended.
(Figure 1: List of available wireless networks featuring both encrypted and unencrypted options.)
Is the convenience of open Wi-Fi worth the risk of identity theft? Most Americans think so.
In a recent survey, we found that only 6% of Americans protect their data by using a virtual private network (VPN) when using public Wi-Fi with their smartphone or tablet. That leaves a whopping 94% unprotected. Why is this?
Do people not know the risks of using unsecured public Wi-Fi?
Is avoiding data overages or the convenience of no password more important than the data on their devices?
Are they not aware that there is protection available?
Are they scared they won’t understand how to use VPN because of the technical sounding name?
The truth about open, public Wi-Fi
The truth is that using unprotected Wi-Fi networks could end up costing you your privacy and identity when you use them without protection like Virtual Private Network (VPN) software. This is because unsecured networks, those are the ones that do not require registration or a password, give cybercrooks easy access to sensitive personal information.
“As mobile cloud storage becomes more popular and the quest for free Wi-Fi continues to grow, open networks that require no passwords place unprotected consumers at great risk of compromising sensitive personal data,” said Jude McColgan, president of mobile at Avast.
“The majority of Americans don’t realize that all the personal information on their mobile devices becomes defenseless over public Wi-Fi if used without protection. These networks create an easy entry point for hackers to attack millions of American consumers on a daily basis.”
Avast can protect you and it’s not hard or expensive
“Unfortunately hacking isn’t a complicated process – there are tools available online that anyone can easily use to steal personal data,” says Ondrej Vlček, Chief Operating Officer at Avast. “Avast SecureLine VPN allows users to browse the web anonymously and safely, especially while using open Wi-Fi.”
Avast SecureLine VPN protects your Internet connections with military-grade encryption and hides your IP address. If that sounds like mumbo-jumbo to you, what it means is that essentially our VPN protection makes your device invisible to cybercriminals. In addition to that, using the VPN hides your browsing history, so no one can monitor your behavior online. We assure you, it’s as easy as can be to use.
Whether on business travel or vacation, you don’t want to worry about the security of your devices when you connect to the internet. Using a WiFi network in a café, airport, or hotel is a serious security risk that requires additional protection to secure your data and computer.
avast! SecureLine VPN is now completely integrated into all of AVAST’s free and premium products. Here’s the top 6 reasons why you should use avast! SecureLine VPN:
1. Hides your data from thieves – avast! SecureLine VPN encrypts your public WiFi communications. That means that someone snooping on you will see a bunch of gibberish instead of your email, files, passwords, etc.
2. Keeps eavesdroppers from listening to your VOIP calls – avast! SecureLine VPN makes your voice or video conversations through the internet using Skype or Viber, for example, safe and secure by encrypting your conversation. This allows you to talk to people without fear of being eavesdropped on by cybercrooks, your ISP, and even the government! Read more…