Tag Archives: Cybersecurity

Paying taxes is taxing enough

6 steps to protect yourself from being fleeced

The following could be the story plot of the next Hollywood horror blockbuster. Average Paul works hard all year to put food on the table like millions of Americans. And being the good guy that he is, Average Paul understands that paying taxes is part of the game (even though he feels he pays too much of it).

Now, Average Paul has heard he could file his taxes online. He thinks it’s worth a shot: he’s expecting a bit of money back, and if there’s enough, he’ll take the family to Indiana to visit the in-laws. Some websites even say e-filing with them is completely free so why would he go to a physical agent. There’s nothing wrong about that!

So far, so good.

The IRS, which administers the Internal Revenue Code here in the US, is keen to get a share of Average Paul’s revenues and has set-up a secured website for that very purpose. So has scammer Joe Crook, but his website isn’t secure at all. And this is where the horror story begins.

Average Paul is a busy guy, he’s gone online at the end of his latest shift, and he’s entered all sort of personal information on a website he found on Google. The problem is, he’s not on the IRS Internet site, neither he is on a certified website that helps in preparing and e-filing his federal and state Income taxes. He’s made his way onto Joe Crook’s fake website, and he’s about to get scammed.

Preparing your tax returns is a battle itself. Everyone wants to pay the least they can. It’s one of those universal truths. How can you make sure you’re not sharing confidential details with shady characters like Joe Crook? How can you do the right thing without being left out of pocket later on?

How to keep your sensitive information secure and share it only with the right people?

Follow these six steps for complete peace of mind:

  • Make sure the website you’re on is legit. It sounds like a no-brainer, but scammers are well-versed in creating sites that look the real thing. They will even use similar logos and design to spoof you. Don’t be fooled by bogus websites that mirror the official IRS website, or the ones that claim to be secure and help you save money, but a lacking a simple https:// encryption.
  • Stay clear of phishing threats: The IRS saw a 400 percent surge in phishing and malware incidents in the 2016 tax season. We are pretty sure numbers are rising in the current 2017 tax season. Don’t let Joe Crook pose as a government representative, or someone who claims can help you save money.
  • Take control of your email inbox. Don’t act upon emails instructing you to “update your IRS e-file immediately.” Unsurprisingly, such emails are unlikely to originate from an official government agency. Always be careful and verify the origin of the email.
  • Keep your wits about yourself. Scammers change tactics all the time – countless individuals fall for the typical IRS phone impersonation scam. Don’t be one of them, and don’t give away personal information if you receive a call from someone claiming he represents IRS. It is very likely, he/she doesn’t.
  • File your tax return on time. It sounds obvious, and it is: you’re much more likely to fall for a scam if you’ve missed that crucial deadline. Scammers will attempt to put you under pressure, so beat the rush by filing in early. Be smart!
  • Be protected! Having in mind, we are spending a huge portion of our time staring at screens at work or using our mobile handsets; we need to make sure the information on these devices is secure. Antivirus companies, like Panda Security, are here to the rescue informing you every time you go to a website that might be harmful.

Last year the IRS disclosed that more than 700,000 social security numbers and other sensitive information had been stolen. Sadly, there’s no silver bullet to protect yourself when those entrusted with our information fail to keep it safe! Fortunately, you can take action by protecting your computer and mobile devices from malware and virus with Panda Security. The company has brought to the market multiple packages to suit all budgets. It pays to protect your computer.

This tax season, be clever and don’t let Joe Crook fleece you out. By being protected, you are not only saving yourself, but you are preventing Joe Crook from developing his so-called “business.” Don’t support the scammers by being unprepared!

The post Paying taxes is taxing enough appeared first on Panda Security Mediacenter.

International Women’s Day: 8 empowered woman in the computing world

8 empowered woman in the computing world to celebrate International Women’s Day

Often seen as a male-dominated industry, women have played an important part in driving developments in the computer industry. As we celebrate International Women’s Day, these eight women have blazed a trail in IT, setting an example to us all.

Ada Lovelace

Despite being the daughter of the well-known bohemian hell-raiser George Byron, Ada Lovelace’s own life was incredibly successful, albeit slightly less “colourful”. Encouraged to study maths and logic by her mother, Ada’s studies soon brought her into contact with Charles Babbage, ‘the father of computers’.

As part of her work with Babbage, Ada created what is believed to be the first ever computer program – an algorithm to be run by Babbage’s legendary Analytical Engine.

 

Grace Murray Hopper

As well as being a Rear Admiral in the United States Navy, Grace was one of the first programmers of the Harvard Mark I computer. Her work led to the creation of the first compiler – a tool used to change computer code into a fully-functioning application.

Grace was also instrumental in creating COBOL, one of the first programming languages, and one that is still in use today.

Henrietta Swan Leavitt

During study for a graduate degree, Henrietta began working at the Harvard College Observatory. Her job – as a human computer was to help grade photographs taken through the observatory’s telescope, and to perform complex mathematical calculations.

Henrietta’s work paved the way for the techniques used by astronomers today to calculate the distance between Earth and distant galaxies.

Hedy Lamarr

Best known as a Hollywood actress, Hedy Lamarr was also an accomplished inventor in between roles. During World War II, Hedy helped to create a jam-proof radio guidance system to be used with torpedoes.

Although this signal-hopping technology was deployed by the US Navy until the 1960s (where it proved to be particularly effective), it is still in use today. The same basic principles are also used in modern WiFi and Bluetooth radio technologies – like those that make your smartphone and tablet work wirelessly.

Dame Stephanie “Steve” Shirley

After leaving school, Stephanie went to work for the Post Office Research Station where she helped build computers from scratch. She also learned to program machine code – the very low level language used by computer parts to work properly.

In 1962, Stephanie founded Freelance Programmers, a software company with the intention of helping women get into IT – just 1% of her programmers were male. The team worked on a broad range of projects, including the black box recorder for the supersonic jetliner, Concorde.

Jude Milhon

Having taught herself to program computers, Jude’s first job was in the IT department of a US food manufacturer. She also helped to create the Berkley Software Distribution (BSD) operating system which is still in use today.

Jude was also a committed social activist and hacker, going by the name of “St Jude”. Coining the term “cypherpunks”, St Jude helped to promote the idea of using cryptography to protect personal information as a route to social and political change.

Mary Allen Wilkes

Despite majoring in philosophy and theology, Mary became a computer programmer at the Massachusetts University of Technology. Initially she was programming IBM systems as part of a speech recognition project.

Later Mary was moved to a team working on LINC, widely believed to be the world’s first “personal computer”. As far back as 1964, Mary was using the LINC computer at home to refine the system’s design.

Lynn Conway

After a very successful period at university, Lynn was recruited by IBM to work on a project designing an advanced supercomputer. Known as the Advanced Computing Systems (ACS) project, the resulting computer is believed to have been an example of the first superscalar design.

Later Lynn worked for major organisations including DARPA and Xerox, and MIT as an associate professor.

Examples to us all

Although these women may serve as examples to women considering a career in IT, their experiences and achievements are actually a lesson for all young people – regardless of gender.

The post International Women’s Day: 8 empowered woman in the computing world appeared first on Panda Security Mediacenter.

Netflix target of cybercriminals

http://www.pandasecurity.com/mediacenter/src/uploads/2017/03/pandasecurity-netflix-phishing-ransomware.jpg

Netflix Accounts Are Being Used In Cyber Scams

Netflix has enjoyed huge success over the last couple of years. As stated in the company’s overview, they have over 93 million members in over 190 countries enjoying more than 125 million hours of TV shows and movies per day.

Not bad for a company that started out during the declining years of physical entertainment, renting out DVD’s by mail.

Unfortunately, success often comes at a cost. Along with the adulation and well wishing, it often garners other types of, unwanted, attention. In the case of Netflix, this attention, as you can imagine, is increasingly coming from malicious cybercriminals.

What exactly are they doing though?

How They Can Get You

Cybercriminals are using several methods to breach vulnerabilities in people’s accounts. People who are probably too busy binge watching shows like Black Mirror to know what’s going on. Oh the irony!

Among the methods these cybercriminals are reportedly using are the theft of user credentials that can be sold on the deep web, the exploiting of vulnerabilities, and most recently, the infecting of systems with Trojans capable of stealing the user’s financial and personal information.

What could a cybercriminal do with stolen user information though?

They could be sold on to other cybercriminals wanting to use the service for free. There’s another layer to the equation. A double-crossing of sorts; the lure of a free account could be used to trick someone into installing malware or ransomware onto their laptop.

Cybercriminals using details in this way can make a profit out of the initial selling of the information as well as by taking hostage of the same persons data. Never trust a criminal.

Trend Labs Security recently came across a ransomware luring Windows users via a pirate login generator. This is a typical way illegal websites share premium and paid for website details for free, as shown below.

Via TrendMicro.com

Clicking the “Generate Login” button in this case leads to another prompt window that purportedly contains the stolen information of a genuine Netflix account. RANSOM_NETIX.A uses these fake windows as a distraction, however, all the while performing its encryption routine on 39 files, unbeknownst to most users.

The ransomware is employed using an AES-256 encryption algorithm and appends the files with the .se extension. As can be seen below, the ransom note demands $100 worth of Bitcoin (0.18 BTC).

Via TrendMicro.com

This is actually relatively little, as ransomware demands go, some iterations demanding $500 dollars within a very short time frame. Others even ask you to infect your friends with ransomware in order to decrypt your information.

How Can You Keep Yourself Safe?

There are, of course, two victims in this ransomware scam; those who are unknowingly having their details used to lure the other type of victim, and the other one who receives the ransomware.

The first type of victim can perform a simple action if they suspect they’re account is being used illegally. Look through the “recently watched” section of your Netflix account to see if any shows are popping up that you haven’t seen. For this reason it’s good practice not to share your account with many people, however tempting it may be to allow friends or family in on the action.

It’s also good practice to stick to your provider’s security recommendations. As always, be wary of unsolicited emails pretending to offer legitimate services. A good antivirus, of course, can also act as a barrier to certain types of malware and cyber attacks.

For the second type of victim, the advice is simple; pay for the service. The ten euros a month in savings really won’t seem so great when the device it’s used on, and everything on it, is at the mercy of cybercriminals.

The post Netflix target of cybercriminals appeared first on Panda Security Mediacenter.

Security tips to avoid becoming a victim of revenge porn

http://www.pandasecurity.com/mediacenter/src/uploads/2017/02/pandasecurity-MC-revenge-porn-300×225.jpg

Relationship break-ups have always been difficult, sometimes even acrimonious. Unfortunately a distressing new trend has emerged that can make the process even more hurtful.

Revenge porn – the process of sharing intimate, naked photos of an ex-lover online without permission – is being used by some jilted partners. By sharing these pictures on social media and other public websites, the person hopes to hurt and humiliate their victim, who they often blame for the collapse of the relationship.

Obviously revenge porn is illegal – but once those photos are ‘in the wild’, there is almost nothing the victim can do to prevent their spread. The only way to stop yourself from becoming a victim is to put protections in place in advance.

Here are 4 ways to help yourself:

1. Don’t take naked photos

By far the safest way to prevent intimate photos from being leaked online is not to take them in the first place. As soon as those images exist, even if you don’t share them, they are at risk of loss, theft or leakage.

The minute you take a photo on your phone, it is copied to the Cloud for instance – so now you need to protect two copies. And if you sync your phone with your computer, that then creates a third; three copies that provide points of vulnerability.

2. Don’t share naked photos

The second rule of protecting yourself against revenge porn is to ensure you never send naked pictures to anyone. No matter how much you love and trust your partner, you give up all control over that image the minute you pass it on.

Should your relationship hit the rocks, you will find it even harder to regain any control over those pictures.

3. Don’t be afraid to ask someone to delete pictures

If you go ahead and send an intimate picture to someone, you should always be ready to ask them to delete it – for any reason at all. You should also watch as the image is deleted to make sure it really is gone.

4. Protect your devices

Sometimes technology lets us down, and sensitive data is stolen or leaked directly from our computers and phones. Modern malware and computer viruses are exceptionally good at stealing our information.

This is just one of many reasons why you must install security software on your phone and PC to protect against hackers. Using an application like Panda Security prevents cybercriminals from accessing your pictures, protecting you against revenge porn leaks or blackmail attempts.

Use your head

Like most cybersecurity problems, applying your common sense could save you a great deal of embarrassment later. There is nothing “prudish” about refusing to take or share naked photos – in fact, protecting yourself in this way is extremely mature. So you should never feel pressured into sharing something you don’t want to.

And if you so choose to share an intimate image, make sure that your phone and PC are secured to minimise the risk of your selfie being leaked. You can download a free trial of Panda Security to get started.

The post Security tips to avoid becoming a victim of revenge porn appeared first on Panda Security Mediacenter.

Online dating scams

http://www.pandasecurity.com/mediacenter/src/uploads/2017/02/pandasecurity-MC-online-dating-EN-1-440×290.jpg

Does swiping right cost more than $200 million to the USA?

Protection when using dating apps no longer means you have to pop by the pharmacy before you go out on an internet date. UK’s National Fraud Intelligence Bureau (NFIB) recently reported online dating fraud in the UK cost victims a heart-breaking £27 million ($34 million) last year. NFIB states the numbers are not entirely correct as they believe many people are not reporting online dating crimes out of embarrassment. Quartz most likely takes this argument into account as it mentions the losses in 2016 from online dating in the UK estimates at very close to $50 million. Anyway, we will rely on NIB’s data. The UK has a population of 65 million people, and according to the UK’s office for national statistics, about 45 million of them have access to or use the internet.

How is this relevant to us here in the USA?

Having in the scams are happening in a well-developed country such as the United Kingdom we find the results of NFIB’s research utterly shocking. We decided to see how these numbers would compare to cases in the US. According to PerREsearch, today roughly 280 million Americans use the internet or have access to a connected smartphone or a PC.

If we maintain the same ratio, we can quickly conclude that online dating fraud is mostly costing the US population more than $200 million. This is a lot of money, just to put things into perspective $200 million would be the cost of constructing a desalination plant able to provide clean water for the whole county of Ventura. People need to be protected while enjoying the perks that come with online dating. I guess we just solved the drought problem for one of California’s drought-stricken counties.

Is it $200 million dollars?

It most likely is more than that. It’s no secret USA tops the list of the countries most engaged in online dating. We, the Americans might be smarter and not fall for the tricks of hackers, but according to eHarmony, 40% of Americans use online dating sites when compared to just 25% in the UK, who admitted to having at least one dating app installed on their phone or tablet.

Even if we are not as easy to trick as the Brits, online dating scams are most likely affecting us more than our British friends across the pond. We won’t go into further details but the time and money Americans lose on dating sites are serious. Thus, we wouldn’t be surprised if numbers in the US are even higher.

Who are the victims?

Seniors are more prone to fall victim to one of these scams. About 62% of those who fell for the scams were over 40, and a quarter were aged 50-59. So be extra vigilant if you are in this age group. And even if you are not, if it seems too good to be true, it probably isn’t. And unless you are into giving away your personal belongings, money and personal information to complete strangers in exchange for a possibility of a hookup, we advise you to keep yourself protected with antivirus software that may prevent you from getting scammed. We understand that chatting with exotic lads and ladies might be bringing emotions you enjoy, but please remember to remain protected. Don’t be a contributor to the $200 million pot the US is most likely giving away.

How to determine if you are being scammed and what actions you must take?

Yes, you can be a good citizen and help the police catch the lovebird trying to take your vacation money away from you. The number one rule is always to record the incoming phone number should you start receiving calls. This should not be hard as you can find it in your ‘recents’ section on your cell phone. Secondly, try to remember as much as possible about the way your lover-to-be is talking, i.e. accent, or type of words he/she is using. If it doesn’t feel right, hang up and report the user to the fraud department of the dating platform you are using.

Being a good citizen will help dating sites keep their listings as accurate as possible. Never allow access to your personal information, if you have doubts about the person you are meeting or chatting.

Bear in mind those three rules:

  • Do not give your account number to anyone over the phone or the Internet unless you are the caller or if you are 100% sure who they are.
  • Keep in mind that fraudulent activities are often made by non-native people.
  • Using common sense is the best way to avoid a scam.

Panda Security is here to the rescue; we offer the best antivirus protection for all your devices. Next time you swipe right, stop by at www.panda.com and get yourself protected. Then go to the pharmacy and get the additional things you may need to enjoy a safe and happy relationship.

The post Online dating scams appeared first on Panda Security Mediacenter.

4 Cybersecurity Risks We’ll Face With WhatsApp Status

http://www.pandasecurity.com/mediacenter/src/uploads/2017/02/pandasecurity-MC-whatsapp-status-300×225.jpg

WhatsApp –the Facebook-owned giant that really needs no introduction– is seemingly on a mission for world domination, this time, taking on Snapchat.

The instant messaging company’s new WhatsApp Status feature will allow users to privately share edited photos, videos and GIFs, with their contacts, that will disappear after 24 hours.

It’s not the first Facebook-led Snapchat Stories copycat, but it’s perhaps the most ambitious. WhatsApp, with over a billion users, have really taken on the competition here.

One of the interesting points that Whatsapp have always made sure to emphasize in their blog is the “security by default” principle which will be upheld by Stories.

In the Status feature statement, Jan Koum has said “yes, even your status updates are end-to-end encrypted.

But Is It Really As Safe As They Say?

Hervé Lambert, Retail Global Consumer Operations Manager at Panda Security says that the use of Whatsapp Status is still not risk-free:

After having carried out various studies on the behavior of people on social media, we’ve detected a few potential risks that all users of this new version of WhatsApp Status should recognize.

Your Status Will Be “Public” By Default

The default setting on WhatsApp Status will be set to public. All of your statuses will be visible to any contact you have on your phone. To some, this may entail a real invasion of privacy as most people hand out their phone number much more readily than they accept someone on social media. Think of the amount of work acquaintances or casual contacts that will have access to potentially private posts.

We have to take into consideration that we can’t tell certain details of our private lives to all our contacts. We don’t know what these people could do with this information,” adds Hervé Lambert.

Hackers Can Breach WhatsApp’s Vulnerabilities

WhatsApp certainly prides itself on being a secure app with its end-to-end encryption, and rightly so. However, the fact that it boasts millions of users still makes it a target for hackers who seek to carry out cyber attacks on large amounts of people. For these attackers, it’s a probability game; the more users they try to attack the more likely they will succeed.

Apple’s, iOS Messenger, has recently been exposed by cybersecurity experts. Though the vulnerability in that app is by no means a cause for great concern in itself, it shows that encrypted messaging apps are not impenetrable.

Ransomware

Who are these types of features usually aimed at? It’s possible that Whatsapp Status could be a ploy to encourage less tech-savvy users to cross over to more involving social media, like Facebook itself, after having tried out the new Whatsapp feature for the first time.

However, it’s safe to say that features like Status, Snapchat Stories and Instagram Stories are most popular amongst young kids who enjoy the ability to post weird and wonderful images that won’t be saved on a profile indefinitely.

Unfortunately, young people are also perhaps the most vulnerable to ransomware attacks.

The very fact that the posted statuses are less permanent leads some young people to post photos or videos that are more risqué in nature. Cybercriminals look for this kind of content online to lead vulnerable young people into paying a ransom, or carrying out undesired actions if they don’t want the content shared with the public. Caution is always advised when posting online.

Pirate “Complementary” Apps

When a new feature comes out like Whatsapp Status, there’s usually a huge buzz, and a frenzied search for new functionalities. This is something that cybercriminals try to take advantage of.

It’s important to be weary of new apps claiming to add functionalities to Whatsapp Status. This is specially the case with apps that “promise” they can bypass important functionalities. With apps like Instagram and Facebook, they usually claim they will allow you to see who’s looked at your profile. With Whatsapp Status it would be unsurprising to see some that claim to allow you to still see photos after the 24 hours have passed.

These apps are largely malicious and they draw people in by claiming to be able to bypass an integral functionality of the app. As you try to use the pirate app it could be loading ransomware onto your device. Don’t be drawn in by desires to byspass main functions of an app.

As the new WhatsApp Status feature is rolled out, more possible risks will likely come to the attention of users and cybersecurity experts. Though WhatsApp is a safe app, relatively speaking, it’s important to be careful what you post online and where. It’s not always completely clear who has access to the data.

The post 4 Cybersecurity Risks We’ll Face With WhatsApp Status appeared first on Panda Security Mediacenter.

Smart Cities and Open Data

With the constant advancement of technology, we are already witnessing the phenomenon of smarter cities.

According to Anthony Mullen, research director at Gartner, the next couple of years will be crucial for smart cities and open data as people will continue to “increasingly use personal technology and social networks to organize their lives, and governments and businesses are growing their investments in technology infrastructure and governance.” Even though the term ‘smart city’ means different things to different people, generally cities are considered ‘smart’ when its citizens are benefiting from open data sources converted into solutions that ease people’s lives. The solutions are developed by government and private companies.

How do smart cities work?

There are all sorts of reporting devices placed around every town, as well as IoT devices, which communicate with each other. The information is then converted into a solution such as the ones that ease traffic or control traffic lights. To some extent, smart cities also rely on people who voluntarily share their data. To experience the benefits of a smart city, you may need to have a subscription or rely on data democracy, i.e. sharing your data with third party grants you access to the solutions they are offering.

Smart city examples

Have you noticed all the people texting or looking at their phones on your last trip to Europe? Yes, people are surely checking their Facebook feeds but what they also do is informing themselves when the next bus or train is going to arrive. Buses and trains are now connected to make public transport more predictable and decrease traffic congestion. London’s TFL, in particular, encourages app developers to integrate the open data that TFL is sharing to help the city circulate better.

The situation is similar in New York – imagine how helpful it would be if we knew when and where there would be parking slots available. Smart city perks are saving time and money to millions of folks every day, and the trend will continue to grow. Research firm Gartner claims that by 2019, fifty percent of citizens in million-people cities will benefit from smart city programs by knowingly sharing their personal data.

How to stay safe in a smart city?

Regular cities are going ‘smart’ because governments are making an effort to make your life easier. It surely helps knowing when your bus is going to arrive, and how to get from point A to point B avoiding traffic saving yourself some time and money. However, all these connected devices and the mass sharing of both usable and unusable data could be dangerous. Hackers are getting creative, and the safety of millions of connected devices has been compromised already.

Panda Antivirus software protects you from sharing more than you have to. In a recent report by a tech giant Hitachi, a staggering 95% of respondents rated the role of technology in ensuring public safety as ‘important’ or ‘very important.’ A smart city wouldn’t be smart if it is not safe.
Panda Security offers various solutions that will help you stay protected and remain smart even when you are not in a smart city. The more protected you are, the better.

The post Smart Cities and Open Data appeared first on Panda Security Mediacenter.