Tag Archives: Malware

Avast! Mobile Security gets award from AV Comparatives

AV Comparatives Aug2014AV Comparatives awarded avast! Mobile Security for its malware protection and highly developed theft-protection.

Most people would not dream of neglecting the security of their PCs or laptop, but those same folks forget that the device in their pocket is just as powerful, if not more so. You’ve heard it before –your expensive smartphone, which stores personal data, private photos, Internet banking information and even company data, is an attractive target for cybercrooks and thieves.

AV Comparatives, an independent organization which tests antivirus products and mobile security solutions, released new testing results and gave avast! Mobile Security the highest “Approved Award” for Android security products.

avast! Mobile Security has a wide range of features with innovative functionality. We particularly liked the wide range of configuration options and remote commands, which provide the user with a comprehensive remote control function,” wrote the authors of the final report.

AV Comparatives gives avast! Mobile Security it's Approved Award for mobile security and anti-theft features.

AV Comparatives gives avast! Mobile Security it’s Approved Award for mobile security and anti-theft features.

Malware protection

Mobile phones attacks are getting more and more sophisticated, and it is growing exponentially. “We now have more than 1 million malicious samples in our database, up from 100,000 in 2011,” said Avast’s CCO, Ondřej Vlček. “Mobile threats are increasing – we expect them to reach the same magnitude as PC malware by 2018.”

avast! Mobile Security scans all installed applications for malware and has various real-time protection shields which protect against

  • Malicious apps and phishing sites
  • Sites containing malware
  • Typo-squatting if an incorrect URL is entered
  • Incoming messages with phishing/malware URLs
  • Malicious behavior during read or write processes

Anti-theft protection

Avast! Anti-theft is a stand-alone app that can be installed separately from avast! Mobile Security. The app is hidden from view, and can be accessed remotely for functions such as lock, locate and wipe, redirection of calls, texts and call logs, etc.

In addition to the malware and anti-theft protection, AV Comparatives liked the standalone avast! Mobile Backup which enables personal data to be backed up to Google Drive.

The Backup, App Locker and Privacy Scan features, which were promised last year, have now been implemented and complete the program’s functionality. (avast! Mobile Security) is a very comprehensive security product with a wide range of configuration options.

Protect your Android smartphone and tablet with avast! Mobile Security and Antivirus from the Google Play store.

Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.

 

 

What is Phishing?  

No doubt you have wondered and asked yourself on more than one occasion, what is phishing and how can it affect you.

All of us know that it is some type of scam, although perhaps there are many who don’t know exactly what it is or the techniques used by hackers and cyber-criminals.

So, exactly what is phishing? Basically, also known as email phishing, it involves sending emails, which appear to come from trusted sources, such as banks etc, though really they are aimed at stealing confidential information from users.

These emails usually include a link which when clicked, takes you to a spoof Web page. These pages appear genuine though they are really like a mirror that hides the criminals whose sole aim is to steal your personal data.

The problem is that users think they are in a trusted site and therefore enter the requested data. However, this confidential data will fall straight into the hands of the scammers and can then be used for some type of fraud.

That’s why it is always best to access web pages by typing the address directly in the browser.

what is phishing

How to recognize a phishing message

It’s not always easy to recognize phishing messages, particularly if you are a client of the company from which the message has supposedly been sent.

  • Even though the ‘From:’ field of the message shows the address of the company, it is not difficult for a criminal to alter the source address of the email in any mail client.
  • The email may have the logos and trademarks of the organization, yet these can easily be lifted from the company’s website.
  • The link in the email seems to point to the company’s website, though really it takes you to a fake page which will ask you for your user name, password, etc.
  • Very often these messages contain spelling or grammatical errors that you would not normally expect in official communications from the genuine company.

It’s also important to bear in mind that although phishing has traditionally used email, now, with the increasing popularity of smartphones and social networks, there are new channels of attack.

Another thing to be aware of is that although we normally talk about phishing in the context of banks, cyber-criminals often use any popular website or platform (Ebay, Facebook, Paypal, etc) as bait for stealing personal data.

But remember, no company will ever ask you to send them your personal details via email. If they do, be very suspicious!

Moreover, as a stich in time saves nine, you can always add an extra layer of protection by installing one of our new 2015 antivirus solutions. To do this, all you have to do is visit our free antivirus page and select the one that best adapts to your ideal level of protection.

The post What is Phishing?   appeared first on MediaCenter Panda Security.

Beware overdue invoice malware attack, wrapped in an .ARJ file!

If you’ve been messing around with technology for a while, you may remember the good old days of acoustic couplers, ZModem, and Bulletin Board Systems (BBSes).

These were the days before the worldwide web had taken off, when even the slowest broadband speeds would have been sheer fantasy.

And because getting an online connection was slow and sometimes flakey, it wasn’t at all uncommon for techies to compress their programs and downloadable files into tight little packages, to make the download as painless as possible for users. The most famous compression tool of all was PKZip, created by the late Phil Katz, and versions of the .ZIP file format are still widely used today in some circles.

But there were other data compression tools which competed for .ZIP’s crown, each with their own loyal bands of followers. And one of the most famous was .ARJ.

And, to be honest, ARJ was pretty cool.

So you can imagine my delight when I discovered today that .ARJ wasn’t entirely forgotten and consigned to the dusty annals of history. Instead, it is still being used – albeit by malware authors…

Here is an example of a typical malicious email, spammed out by online criminals:

Example of overdue invoice malware

<blockquote style=”margin: 15px;padding: 15px 15px 5px;border-left: 5px solid #ccc;font-size: 13px;
font-style: normal;font-family: ‘Helvetica Neue’, Helvetica, sans-serif;line-height: 19px;”>

Subject: Overdue invoice #14588516
Attached file: invc_2014-09-15_7689099765.arj

Morning,

I was hoping to hear from you by now. May I have payment on invoice #45322407834 today please, or would you like a further extension?

Best regards,
Mauro Reddin

Of course, the social engineering might have been a little better thought out. For instance, the invoice numbers quoted in the email don’t match each other.

But it’s easy to imagine how many users might be alarmed to hear that it is being suggested that they are being accused of a late payment, and would click on the attached .ARJ file without thinking of the possible consequences.

At that point the .ARJ file will decompress, spilling out its contents.

As Conrad Longmoore explains on the Dynamoo blog, inside the .ARJ archive file is an executable program – designed to infect your Windows computer.

Before you know it, your Windows PC could have been hijacked by a hacker and recruited into a botnet. Whereupon the remote attacker could command it to send spam on their behalf, launch denial-of-service attacks or steal your personal information.

That’s why you should always be wary of opening unsolicited files sent to you out of the blue via email.

The good news for users of ESET anti-virus products is that it is detected as a variant of Win32/Injector.BLWX. But if you are using a different vendor’s security product you may wish to double-check that it has been updated to protect against the threat.

The post Beware overdue invoice malware attack, wrapped in an .ARJ file! appeared first on We Live Security.

Phishing email: UK hit with three times as many ‘bad’ links as U.S.

British internet users opening a spam email are three times more likely to be facing a malicious URL than users in the US, according to new research by phishing email specialists Proofpoint. German and French internet users were hit by fewer still, with just a fifth of the levels British internet users endure.

British users appear to be being targeted with high levels of financial malware, such as the banking Trojan Dyre.

Oddly, this finding does not correlate to a high level of spam email targeting the country. Germans receive the highest percentage of spam email overall, according to Tech World.

The findings come from an analysis of seven billion URLs monitored every week over a three week period this summer.

Phishing email: smells fishy?

Tech World comments, “This raises the possibility that the higher phishing email levels aimed at the UK are a random fluctuation and a result of when the time period chosen than a fundamental trend.”

Proofpoint responded via email that the high level of targeted financial phishing email suggested that Britain was being targeted with malware simply because it brought lucrative returns.

“The attacks are clearly financially motivated. We’ve historically seen higher volumes of attacks targeted at regions that generate more success for the attackers because that’s where the money is,” said Proofpoint VP of security, Kevin Epstein.

“Relative to other countries in this report, this is a startlingly high number of targeted attacks against the UK. Given the financial motivations of the attacks, this strongly suggests cybercriminals have found UK organizations to be an unusually lucrative target.”

Dyre warning for British users

Infosecurity Magazine points out that among the malicious payloads delivered to British users was a high number of emails containing the Dyre banking Trojan, which was in the headlines again last week, after the malware was used to target users of the popular Customer Relationship Management software Salesforce.

Named Dyre, or Dyreza (and detected by ESET software as Win32/Battdil.A), the Trojan software was discovered by researchers investigating a phishing scam that was spreading via Dropbox. It is believed to be a completely new family of malware, similar to but sufficiently distinct from, the Zeus malware.

Dyre has been designed to target certain banks in particular – Bank of America, CitiGroup, but also a large number of British banks, in particular NatWest, RBS and Ulsterbank.

It is thought to be an example of ‘crime-as-a-service’ – malware for hire to the highest bidder. It has been found able to bypass both SSL encryption and two-factor authentication systems.

Speaking to Infosecurity, Proofpoint suggested that the malware had, “become increasingly popular in the wake of the Gameover Zeus takedown.”

 

The post Phishing email: UK hit with three times as many ‘bad’ links as U.S. appeared first on We Live Security.