La Piazza

Written by Benjamín Kroitoro, October 2011

At La Piazza we are always committed to giving you the best advice on how to protect yourself from the dangers of social networks and the Internet.

On this occasion, we are giving you a summary of the article published by Benjamín Kroitoro, General Manager of Panda Mexico, in the PC World Mexico magazine:

Social networks are fantastic. They allow you to interact with old friends, meet new ones, stay in touch with people from all over the world… but they can also pose serious risks and dangers.
Avoid risks and enjoy social networking sites by following these simple tips:

• Don’t share sensitive personal information: your phone number, your address or other private information.
• Just as you wouldn’t accept a gift from a complete stranger on the street, don’t accept files or anything else you might be offered by email, on the Internet or social networking sites.
• If you have been using email for any length of time, I am sure at some point you have probably received a message from a friend with a text similar to “Just saw this picture of yours. It’s so funny!”. The best thing to do is make sure that the email you have received is legitimate. Ask your friend whether they have actually sent you the message before opening it.
• Never accept to be friends with people you don’t know. Avoid chatting with strangers.
• If you are using a shared computer, make sure you log off completely from any programs you have accessed using a user name and a password. Otherwise, other users could easily access your professional, Facebook or Twitter profiles, etc., get private information like addresses, account numbers or passwords and use them to steal money from you or carry out other malicious activities.

This may seem a bit repetitive, but remember, prevention is better than cure

For more tips like these, go to the ‘Internet in Safe Hands’ campaign website: http://protectyourfamily.pandasecurity.com/es/

==================================================================
Read the full article here (in Spanish): Consejos de seguridad para las redes sociales.

Published by Blanca Carton, September 2011

In the past, looking for a job basically involved checking out the classified ads in the local newspaper or handing your resume out to relatives and friends in case any of them knew of a job you could fill. Today, in addition to this, you must also post your resume on the top job sites: InfoJobs (www.infojobs.net), Monster (www.monster.es), LinkedIn (www.linkedIin.com),…

Companies turn to these sites to select candidates quickly and easily. During the selection process they gather both ‘traditional’ information on applicants (education, work experience, etc) and also data regarding their online reputation.

Bear in mind that “First impressions are now shaped by the digital footprint you leave online, long before you meet someone in person”. “When you consider search engines are the first place people go to search for information, you can see that understanding your online reputation, as well as the techniques to protect, manage and enhance it has never been more important” (source: Ben Cotton “5 basic things you should be doing to manage your online reputation”).

Just like in real life, your online reputation will follow you everywhere, for good or bad: the way you interact on the Web with companies, teachers, students, friends, relatives…, your posts and tweets (your interests, what you share and who you share it with), etc.

What are the conclusions that a recruitment agency tracking you online might reach? Maybe you want companies interested in hiring you to see that you are someone who likes solving problems, researching or sharing information, etc.

Having a good professional online reputation will work in your favor. Keep protecting it. If, however, you have spent all these years posting inappropriate comments, photos or content, don’t sweat it, you can still restore it.

Here are some basic tips to manage your online reputation:

Understand your current online reputation

• Discover what websites the Internet equates with you. Begin with a simple search of Google, Bing or Yahoo for your name. Don’t just look for your first name and last name. Enter your first and last name, the + symbol and the place you study or work at… You can also perform searches on people search engines, like 123people.com or PeekYou.com for more information.
• If, during your search, you discover that your identity has been stolen without your knowledge, report it. It is a crime.
• Remember that in order to prevent identity theft you must keep a good antivirus installed on your PC. Don’t forget this when you surf the Web or interact on social networks.
• If, once you have analyzed the results, you realize that you need to clean up your online reputation, you can request to cancel inactive or inappropriate profiles, delete certain content or hire the services of a company specialized in cleaning up online profiles. Wipe the slate clean as they say.

What to do next:

1. Don’t lie. When you are interacting with people online, be honest and never pretend to be someone else.
2. Keep your ‘professional’ identity (sites dealing with your professional life) separate from your ‘personal’ identity (sites where you interact with friends, etc in a more relaxed way).
3. Pay attention to your privacy settings on the different sites (LinkedIn, Facebook, or Twitter). Set proper restrictions and permissions. Bear in mind that anything you post on the Internet with public permissions will be immediately made public for everybody to see.
4. Take part in social media regularly and create constructive content (blogs, podcasts, videos or photo albums). This will improve your reputation in recruiters’ eyes, as they will see that these contents take planning, creativity and compromise.
5. Finally, monitor how often your name is mentioned on the Web. How? You can use free tools like Google Alerts. This tool will send you an email whenever your name is mentioned on the Internet.

I hope you find these tips useful to avoid any nasty surprises with your online reputation .

Posted by Blanca Carton, September 2011

As the holiday season is coming to a close, it’s back to school time again. It’s time to buy books, pick up supplies, buy new clothes, etc. It’s so crazy and so expensive!

And despite we all know that we have the option to buy all these items online at the same price or at a lower price than at a physical store, many of us are still reluctant to do so for fear of being duped on the Internet. Even thought it is true that online shopping is sometimes subject to fraud, it is just enough to follow some basic tips to protect yourself when doing your shopping online.

What to bear in mind when shopping online?

1. Only visit trusted sites. Look for pages with a professional appearance, pages from a well-known brand, sites displaying a customer service telephone number… It is very important to know who you are buying from.
2. Be wary of prize-drawings and ridiculously good offers. Read the conditions of each promotion carefully to avoid nasty surprises.
3. Pay for your purchases securely. You don’t necessarily need to always pay by credit card. There are different means of payment and, whenever possible, we recommend that you use cash on delivery to avoid surprises. If this is not possible and you choose to pay by credit card, remember that you will have to provide more information, and therefore you must be sure that the transaction will be completely safe.
4. Make sure you are on a HTTPS page:
   Web addresses normally start with ‘HTTP’, for example:
   http://www.pandasecurity.com/homeusers/downloads
   However, the pages you make online payments on must be more secure and they should start with ‘HTTPS’, for example:
   https://shop.pandasecurity.com
5. Keep an antivirus installed and update it frequently. This is your barrier against spam and phishing. Enter your passwords safely using a virtual keyboard.Note: if you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the support forums available to you for any queries you might have.
6. It is advisable to have a bank account with a credit card associated with it for making online purchases. This account will contain just the money you need for this purpose, making monitoring easier.
7. Keep product warranties in a safe place. Besides handling the electronic aspect of online purchases, e-businesses must offer straightforward warranties on products bought. The Web page must contain the following information:
   • Means of payment
   • Delivery terms
   • Product warranties
   • Returns
8. If you find out that the product you receive is faulty, is different from the one you purchased or the delivery terms are not fulfilled, file a complaint through the company’s Customer Service Dept.
9. Finally, if you don’t receive any answers and you suspect there could be some kind of fraud, report it as soon as possible.

Follow these simple tips and you won’t have any surprises when it comes to doing your shopping on the Internet.

Published by Carlos Santa Coloma, May 2011

It’s been two years (April 29th) since we launched the first beta version of Panda Cloud Antivirus.

To celebrate it, the very same day we released a new beta version, Panda Cloud Antivirus Beta 1.9.

This version includes some new features, like the Process Monitor functionality and traffic history reporting, and a new graphical installer.

Here you have some other new features:

• Ability to block a process by sending it to Recycle Bin.
• Blocked processes can be restored from the Recycle Bin.
• Ability to disable/enable BackgroundScan after signature cache synchronization.
• Ability to exclude file extensions from the on-access scanner.
• Exclusion of Potentially Unwanted Programs (PUP) detections.
• New Toolbar without ID Protect & Shopping and with Toolbar Cleaner.

This beta version will be the root of a cloud-based firewall functionality in a future Panda Cloud Antivirus 2.0 version. In this beta the networking interception is applied to both HTTP and POP3 traffic. Even though the program incorporates a Process Monitor which keeps track of HTTP web traffic requests on a per process basis and allows for per-process blocking, no traditional firewall functionality is provided in the beta, only interception.

In order to promote thorough testing of this version, we are giving away 10 Amazon.com $100 gift certificates to the most active beta testers who report bugs in the Panda Cloud Antivirus Beta Support Forum. The winners of the gift certificates will be selected at the close of the promotion by the Support Forum Moderators amongst the users with the most amount of new (unknown at the time of posting) bug reports. Note that the beta may still be ongoing after the promotion ends on August 1st, 2011. In addition there will be PRO license codes given away to other active beta testers as well.

For more information about this beta version, how to test it, issues reporting, etc., visit the Beta Zone of Panda Cloud Antivirus Support Forum.

The community of users of Panda Cloud Antivirus, and the Trusted and Official Moderators of the forum, are waiting for your comments and suggestions; and ready to deal with your issues testing the beta.

Thanks!!!

Beta Services
Panda Security

==================================================================================

Carlos Santa Coloma introduces himself  “I joined Panda Security in June 2009, as Beta Services Supervisor. I am, also, Official Moderator in Panda Cloud Antivirus Support Forum (my nickname is carlosbeta) and Panda Security’s International Support Forum (my nickname is beta center), coordinating the Beta Zone of both forums. I very much enjoy testing the company’s new products and helping our testers. Their comments and suggestions help us a lot to build the products they would like to have. See you in the forums!!!”

Published by Yolanda Ruíz, May 2011

Mac systems have always had a reputation for being virus-free, among Mac users at least… And despite all our efforts to raise awareness of threats and advise them to install some good security software, I think it will still take some years for the message to sink in, just as in 2000, when we started warning Windows users to protect themselves. Apple’s market share is growing very rapidly and it presents cyber-criminals with a large number of potential victims.

But… let us insist: dear Mac users, please, protect yourselves. There are a lot of Mac threats out there, and rogue security software is just the latest example.

Fake antivirus programs, also known as rogueware, are malicious applications which, once installed on the target computer, start showing warning messages trying to convince victims that their computer is infected. But not only this, the software also offers the perfect solution to this problem. If the user clicks on any of the links displayed, they will be taken to a very well crafted, phony online store where they can buy an antivirus program for €40-€60.

However, if they take the bait, the following is most likely to happen:

1. They will enter their credit card details and pay for a product they will never get.
2. Their credit card number will be compromised and probably sold on the black market. and then… Well, expect to see some strange movements in your bank account.
3. Finally, after all the hassle, the warning messages won’t even go away.

According to PandaLabs, this type of scam is putting more than $400 million a year in the hands of cyber-criminals. Yes, you read that correctly…

Up to now, this scam had always targeted Windows users, but now it is also affecting Mac users. The strategy is more or less the same: attackers use BlackHat SEO techniques to lure Mac users into visiting Web pages advertising an online antivirus for Mac called Mac Defender. If the user accesses the page, the antivirus simulates a computer scan and reports multiple infections. Then, it downloads a zipped Javascript file which will open automatically depending on the browser settings:

We must admit that the application is very well designed and it is really easy to fall into the trap. Once the malicious code installs on the computer, it opens pornographic Web pages to trick users into believing they are infected, and shows fake virus alerts like this:

Finally, it takes the user to an online store in an effort to fool them into paying to remove the fake viruses “detected” by the software, with the aforementioned consequences.

So, let us insist one more time: Mac threats are real. This is a new scenario in which Mac users are particularly vulnerable because they have a false sense of security and think that only Windows computers get infected.

Our recommendation is to install a good security program. If you are a Mac user and have been affected by any of these threats, we would like to invite you to try our Panda Antivirus for Mac free (available from http://www.pandasecurity.com/homeusers/downloads/ ).

You know, as the old saying goes… “Better safe than sorry”.

=================================================================================

Yolanda Ruiz Hervas introduces herself  “I have worked in Panda Security Group as  Communication Manager since joining the company in 2001. Also, I confess I am passionate about technology, my work, motorbikes and cars and good company (and not in order). ‘Carpe Diem!’ is my motto. You can contact me on http://twitter.com/yolandaruiz or  yolanda.ruiz@pandasecurity.com

Published by Blanca Carton, May 2011

Osama Bin Laden’s death is an opportunity for cyber-criminals to very rapidly spread viruses through email messages including false images of him. They use latest news as the recent earthquake and tsunami in Japan as bait for their target. Cyber-criminals created the very same day web sites, emails, advertisement pop-ups, etc. whereby they tried to get funds to help the victims of the disaster.

Up to now, there are no official photos or videos of the body of Bin Laden, so, if you get messages inviting you to view them, don´t trust them and be careful! In some cases, when you open these messages, you will be asked to give your personal or bank details or you will be warned that your PC is infected and encourage you to download a fake antivirus. This fake antivirus will then contain a trojan or worm which will install on your computer, allowing information theft.

This increase in trojan attacks taking advantage of latest news is well reflected on the first semester 2011 PandaLabs* Virus Report.

His spokesman Luis Corrons indicates that: “These first three months have witnessed some particularly intense virus activity and there have been a number of serious incidents during this period, such as: the largest single attack against Android cell phones or intensive use of Facebook to distribute malware.

There has been a new surge in the number of IT threats in circulation: in the first three months of the year, there was a daily average of 73,000 new samples of malware.

Once again, over this quarter Trojans have accounted for most new threats, some 70 percent of all new malware created. Yet there is logic to this, as these types of threats are favored by organized criminals for stealing bank details with which to perpetrate fraud or steal directly from victims’ accounts.

Finally, remember that the best defense against all types of cyber-attacks is to maintain good practises regarding your personal data when surfing the Internet, access trusted sources and to have an up-to-date antivirus.

Why not try one of our free antivirus programs. They offer the best protection against viruses and software designed to steal your information.  If you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the support forums available to you for any queries you might have.

===========================================================================

*PandaLabs: Panda Security´s detection and disinfection laboratory.

Published by Carlos Santa Coloma, April 2011

From Beta Services, we would like to share with you the availability of the new beta version 5.50 of Panda Cloud Office Protection

Panda Cloud Office Protection is a security solution for PCs and servers based on the concept of  Software as a Service (SaaS). Software as a Service lets companies focus on their core business, freeing them from the management tasks and operating costs associated with traditional security solutions.

It prevents companies from having to invest in additional hardware, maintenance personnel and other resources dedicated to anti-malware protection while achieving high level security, even in remote offices, with minimum resource consumption.

The Web-based administration console allows centralized management of computer protection anytime from anywhere through single-sign-on.

Panda Cloud Office Protection offers an innovative way to manage security, as it automates all maintenance tasks. This lets many small businesses forget about security management or outsource it quickly and easily with no impact on the user.

Panda Cloud Office Protection is complemented with periodic security audits benefiting from Panda’s exclusive Collective Intelligence Technologies.

Besides, the Web Console of Administration for Service Providers allows the remote and centralized efficient management of the clients security.

Among others, these are some of the new features of this version:

A. Panda Cloud Partner Center improvements and new features

The new partner console, Panda Cloud Partner Center, has been designed so that all our partners can perform all the operations they need to manage their clients both commercially and in terms of security.

Panda Cloud Partner Center is the evolution of the partner console from Panda Cloud Office Protection.

This new solution enables the management of licenses and clients of Panda Cloud Office Protection, Panda Cloud Email Protection and Panda Cloud Protection (some of the features of Panda Cloud Partner Center are not available in the beta version. BTW, it is possible to perform a visual review of them).

Among others, these are some of the new features Panda Cloud Partner Center includes:

Viewing licenses in the console.

Assigning licenses to clients.

Creating a new client.

Importing license packs.

Trials for new clients.

Access to the partner console for Panda Cloud Email Protection.

Compatibility with new browsers:
1. End of support for Internet Explorer 6.0. The console is optimized for Internet Explorer 7.0 or later.
2. Support for Firefox 4

B. Administration Web Console improvements and new features

Remote access to computers using remote control tools.

Nowadays, when the administrator sees errors in one of the supervised computers, or if he wants to look at something in them, there is no tool to access the computers from the console.

In this new version 5.50 of Panda Cloud Office Protection, the administrators have the option to access their computers using remote control Tools previously installed in the computers.

The remote access is allowed using one of these Remote Control tools: Team Viewer, RealVNC, UltraVNC, TightVNC and LogmeIn.

For more information about this Beta version, or to take part in it, please browse the Beta Zone in the Panda Security’s web site

If you have any issue, doubt or suggestion about this version, please, do not hesitate to contact us by our mailbox beta@pandasecurity.com

We will be pleased to help you. Thanks!!

Beta Services
Panda Security

Published by Blanca Carton, April 2011

If you suddenly realized that your bank password or your login credentials for Facebook had been stolen, what would you do? It’s a frightening thought that a stranger could access your computer, or even your cell phone, and steal and publish your intimate photos, for example. This is not science fiction, in fact it happened to Scarlett Johansson (source cbs.news).

Think it couldn’t happen to you? Only you know your passwords? Think again. In addition to accidently losing your passwords, there is the very real threat of them being stolen when you type them into your PC. This is because certain programs called keyloggers allow cyber-criminals to record and store your keystrokes.

And if your passwords fall into the hands of cyber-criminals, what can they do with them?  You’ll find the answer in the following presentation: It’s a business for them!

What can you do to avoid this situation?

As always, use your common sense and follow some basic practical advice when using the Internet:

• Do not reveal your passwords or send them via email.
• Only visit trusted sites.
• Change your passwords frequently.
• Remember that although virtually all browsers give you the option to store the passwords you use, this is not advisable, particularly on a shared PC. Try to avoid it.
• If you have to enter passwords, use virtual keyboards.

And when you create your passwords:

• The more complex your passwords are, the better. Use passwords that are a combination of numbers and letters and make sure you have different ones for your webmail, your social networks, etc. not to mention your phone PUKs and PINs for credit cards, etc.
• Size does matter: the longer the password, the safer it will be.
• Do not use your name and phone number (joe2124561234), easy passwords (654321) or your child’s name, as this information could be (although it shouldn’t be) available on social networks such as Facebook.

Finally, remember that the best defense against all types of cyber-attacks is to have an up-to-date antivirus. Why not try one of our free antivirus programs: Panda Global Protection 2012 beta?  They offer the best protection against viruses and software designed to steal your information.

Published by Blanca Carton, Abril 2011

How many times you wished you could have accessed documents stored in your home PC when you were out? In my case, many. And I hate to say “I cannot send it right now”

This situation has changed. My Panda Global Protection 2011 integrates the BeAnywhere technology which allows remote access to my home computer from any other machine through the Internet. It does not matter whether it is done from work or from a cyber-café. Now, everything is at hand.

Installing it is really easy.

1. Go to Start / Programs / Panda Global Protection 2011 / Additional tools.
2. Select Install remote access.
3. The program installation wizard will give you two installation options:
   • Install to this computer. This option installs the program on your computer.
   • Install to a pen drive (any USB removable storage device). This option lets you store the file on a USB drive so that you can install the Remote Access program on other computers later on.
4. Finally, click Next.

Once you have installed the product, you need to create a remote access administrator account. To do this:

1. Open the program from Start/ Programs / Remote Access (BeAnywhere) / Beanywhere Drive.
2. Select a language from those available: English, Portuguese, Spanish, French, German and Dutch.
3. Create a login account for using the program. This account consists of an email address and password.
4. You will receive a confirmation email to activate your account by clicking the link in the message.
5. Once you have completed these steps you will have an administrator access account to manage computers remotely.

With these steps, you can remotely access all the documentation and files available. Easy and safe

Remember that if you have queries during the installation and activation of your antivirus you can always find help in the Technical Support forum.

Posted by Carlos Arias, March 2011

It is not unusual to receive alarming emails warning that your email service will shortly be shut down or your favorite social networking site will no longer be free. It happens to all of us. Also, these messages are usually signed by some big shot in the relevant company…. But, don’t worry!! Fortunately enough, these messages also state that if you forward them to X people, you will be saved from all these calamities.

I am sure most of you have already realized that I am talking about computer hoaxes. A hoax, in computer jargon, is simply a false warning about some danger that really does not exist. They are normally harmless, except when they contain links that take you to a malware-downloading site.

But then the question is: why are you asked to forward them? Well, the answer is this: these chain letters are normally designed to collect email addresses later used to send spam messages, malware or other hoaxes. So, if you receive a message similar to this, NEVER EVER forward it.

Social networks are becoming an increasingly important part of our lives and cyber-crooks are turning to them to spread their creations. Hoaxes are no different, and they are starting to proliferate on sites like Facebook, as shown by the example below:

Another popular scam exploits users’ natural curiosity by offering an application that supposedly allows them to view who visited their Facebook profile or even sneak into other people’s conversation history. Who wouldn’t like to discover other people’s secrets? Fraudsters even offer users the possibility to activate their contacts’ webcam. That is, sheer espionage…

Well, I am sorry to inform that there is no such application, and even if there was, it would be absolutely illegal. If you actually downloaded it, you would become infected and the victim of espionage yourself. The predator becomes the prey!

In short: Don’t believe everything delivered to your inbox. Actually, be very wary of messages you receive from unknown sources. And no, you can rest assured that they are not shutting down Hotmail, and you won’t have to pay for your Facebook account if you don’t forward this message.

Finally, keep an antivirus installed and update it frequently. This is your barrier against spam and phishing.If you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the support forums available to you for any queries you might have.