La Piazza

Today February 14, we would like to congratulate not only lovers all over the world for St. Valentine’s Day but also the Spanish Police who, in collaboration with Europol and Interpol, have dismantled a cybercriminal band responsible for the so-called Police Virus. You can see the full story in the post from our fellow PandaLabs colleagues  echoing this important achievement.

We also take the opportunity to remind you of the steps to eliminate and, not least, apply prevention measures against this type of virus:

• How to disinfect the Police Virus Trj/Ransom.ab 

  And to prevent future infections, remember:

• Avoid browsing unsafe pages.
  How? By using virtual browsers as Panda Safe Browser. This type of browsing creates what is called a virtual environment completely isolated from the system and the other applications on your PC, letting you browse the Internet securely. It is as if your Internet session took place outside your computer. This way, your system will be safe from possible Internet threats.
• Enable automatic updates for your operating system, in the case of Windows, Windows update.
  If not active, you can use the Vulnerability detection analysis featured in any of the 2013 Panda products.
• Upgrade your programs as soon as possible.
  Do not rely the security of your computer security programs only. Note that many of these viruses mutate easily and very quickly. Therefore, it is very important to close the gates, which are the security holes they exploit.
• Remove, if not required, applications such as Java applets, Flash animations.
  Otherwise, keep them updated at all times.
• We are sure you already know, but we don’t get tired of repeating it: Never open mails from unknown senders as they may contain virus.

And remember, if you have any problems with the disinfection, please Contact TechSupport. We know how to help you.

The Police Virus continues spreading. This type of virus, a trojan specifically, usually exploits system or software vulnerabilities. Therefore, we would like to remind all our readers basic security measures to prevent future attacks, as published in the blog post How to disinfect the Police Virus.

• Avoid browsing unsafe pages
  How? By using virtual browsers as Panda Safe Browser. This type of browsing creates what is called a virtual environment completely isolated from the system and the other applications on your PC, letting you browse the Internet securely. It is as if your Internet session took place outside your computer. This way, your system will be safe from possible Internet threats.

• Enable automatic updates for your operating system, in the case of Windows, Windows update. If not active, you can use the Vulnerability detection analysis featured in any of the 2013 Panda products.

• Upgrade your programs as soon as possible
  Do not rely the security of your computer security programs only. Note that many of these viruses mutate easily and very quickly. Therefore, it is very important to close the gates, which are the security holes they exploit.

• Remove, if not required, applications such as Java applets, Flash animations. Otherwise, keep them updated at all times.

• We are sure you already know, but we don’t get tired of repeating it: Never open mails from unknown senders as they may contain virus.

Now, if you haven’t taken into account these security measures and you have already been infected, we recommend cleaning your computer with the free Panda RescueDisk tool.

And remember, if you have any problems with the disinfection, please Contact TechSupport. We know how to help you.

Published by Leyre Velasco, 3rd May 2012

Today in La Piazza we present a quick 10-question post for parents to test how safe their teens are online. So, if you are a parent, sit down with your kid and before he/she answers the questions, explain to him/her that this exercise is to be done jointly. The purpose is for both of you to know if he or she is safe when using the Internet and to improve security measures if necessary.

Do stress that, although he/she may not be aware of it, the Internet entails serious dangers such as fraud, sexual harassment, bullying, etc. Do not alarm him but speak firmly. The reason why most teenagers don’t take enough precautions is because they are either misinformed or disinformed.

Finally, ask him/her to be honest about it. The whole point of answering the questions is not for your teen to get a grilling but actually for you as a parent to learn how to protect your most precious treasure: your child.

Because the Internet is just another road you have to teach your children how to cross. And this is a road they love to cross. Plus, they do so every day.

Instructions

Ready? Here go the questions. Ask your kid to write down the answers on a piece of paper. Once the test is completed, add up the points per answer (check section Score points) and finally, check the Results section to see how safe, risky or dangerous your kid’s online practices are.

1. Does your screen name identify you as a boy or a girl?
2. Have you ever posted any personal information of yours or anyone else without explicit consent?
3. Have you ever uploaded your picture or family or friends without your parent’s consent?
4. Have you ever filled out online forms, questionnaires, profile pages without your parent’s consent?
5. Have you ever purchased anything online without permission?
6. Have you ever shared your passwords with someone other than your parents?
7. Have you ever downloaded and installed software without your parent’s knowledge?
8. Have you opened emails from total strangers?
9. Have you ever agreed to meet in person someone you have only met online?
10. Have you ever been involved in chat sessions with people using vulgar expressions or sexually explicit language?

How to calculate your scores

• Add 1 point if you answered YES to questions 1, 2, 3 and 6
• Add 2 points if you answered YES to questions 5 and 7
• Add 3 points if you answered YES to question 4
• Add 5 points if you answered YES to questions 8, 9 and 10

Results

If you scored… 0-2 points

You are SAFE!

Well done!!! You are cautious when you go online to chat with your friends because you are well aware of the dangers the Internet entails. Your passwords are usually strong, mixing alphanumerical characters, you never share them with anyone and you certainly think twice before you download applications. You never, ever chat to strangers and your online friends are not only acquaintances but people you know well. And you frequently talk to your parents about your online habits.

Our advise: Keep it up and teach your fellow students and friends how they can also improve their online experience.

If you scored… 3-4 points

You are at RISK!

OK, you would never meet anyone you don’t know online and you would never share information with strangers. However, you have uploaded pictures of friends or members of your family and have not told them, you don’t think downloading cool apps is dangerous and have done so occasionally. If you get a friend request from someone you don’t know, you do tell your parents.

Our advise: There is certainly room for improvement in the online safety department. You are aware certain security measures have to be taken when going online but you are still dangerously chancing it!  So, overall, you need to make sure you don’t share any personal information at all. Also, choose strong passwords and review your online practises with your parents. Afterwards, do take the test again.

If you scored… 5-26 points

You are in REAL DANGER!!!!

Your online profiles describe you so well that you have included your postal address and school you go to, plus all kinds of pictures of you and your friends, family, pets, etc. You use the Internet pretty much for everything, to download all kinds of applications, meet people online, chat, etc. You are an extrovert and have accepted friend requests from people you don’t even know because you think if he is one of your friend’s friends, it is OK. Sometimes you have chatted with people who used “bad words” but never told your parents because they will probably worry too much.

Our advise: You must RADICALLY change the way you use the Internet. First of all, sit down with your parents and review the personal information you share with others. Also, remove any strangers from your friends lists. Should you ever encounter strangers online, do speak to your parents about it. Change your passwords and choose strong, alphanumerical ones. Finally, take the test again until you get the lowest score (0-2 points – Safe).

Published by Jose Manuel Bernal, 27/04/2012

This morning, after I started up the PC, I was confronted with the following full-screen window covering the entire desktop:

Without paying much attention to it I instinctively pressed ESC and other key combinations like ALT+F4 to try and close it, but the message had locked the computer rendering it effectively unusable.

The message pretends to come from Spain’s local authorities and claims illegal activity has been detected on my computer. More specifically, the message claims that forbidden websites containing pornography have been visited from my IP address and demands a fine is paid to let me back in. The text, loosely translated, reads:

“Illegal activity has been detected on your computer. According to Spanish law your computer is locked. Forbidden websites containing pornography, child pornography, bestiality, etc. were visited from this IP address. This locking serves to stop your illegal activity.”

This is actually a new variant of the infamous Police Virus called Trj/Ransom.ab, which belongs to a malware category called ransomware. The aim of the people spreading this malware is to intimidate and blackmail users whose PCs are infected and persuade them to pay for having the malware removed. The scam is similar to that of rogueware or fake antivirus software, which we have covered in post The nightmare of fake antivirus continue. Protect yourself with Panda, only this time the perpetrator tries to pass themselves off as a law enforcement agency instead of as an antivirus vendor.  Well,  here are the Instructions to remove the Police Virus Trj/Ransom.ab.

Finally, we’d like to remind you of these simple tips that will help you protect yourselves from this type of malware.

1. Use your common sense. No governmental organization can block access to your computer. Under no circumstance pay the so-called ‘fine’.
2. Install a good antivirus. Check out our recommendations in the following post: Protect your banking data with Panda Security’s new 2012 products. Protect your computer at all times and avoid nasty surprises.
3. Keep your operating system up-to-date with the latest security patches.
4. Never open an email from an unfamiliar sender. Beware of messages with eye-catching subject lines, they are more likely to carry a virus.
5. Avoid surfing to non-secure Web pages. In some cases, it is enough to visit a compromised website to get infected without knowing. If, however, you need to access a dubious website, do so from a malware-free environment like that offered by Panda SafeBrowser.

Stay safe!

Posted by Leyre Velasco

I have always thought that my mother was anything but naive. She has lived enriching experiences, has had a very intense working life with a high degree of responsibility and is practical, astute and witty. Let us say that she is not easy to rip off. At least, that’s what I thought.

Last Christmas, over one of many family get-togethers, she candidly announced:

“I have won an IPhone online”.

Somewhat stunned I asked:  “Win? IPhone? Online?”

Calmly, she replied:  “Yes, I won it over the Internet. I got a message on screen saying I had been selected over thousands of visitors and that the IPhone will be delivered to my address”.

At this point, my 12 year old daughter could not help the giggles.

I (rhetorically) asked: “Did you believe that?”

“Sure, – she replied -, why shouldn’t I?”

Getting seriously frightened, I asked:  “Which data did you provide?”

“Oh,  – my mother said – nothing much, just my email address and my postal address.”

So far, she has been getting emails requesting her participation on further contests but no mention of the IPhone, of course.

My mother was not at all conscious of the implications of her naivity. Because fraud through pop-ups is probably one of the oldest frauds there is on the Internet. Behind the so-called prizes there might be professional fraudsters, well able to spoof your identity or, without any scruples, make use of your personal data, all for economic benefit.

My mother is a regular Internet user. Her naivity is fruit of her lack of knowledge regarding the dangers of the Internet. That is why I believe it is so important to spread good Internet practises in order to raise awareness among different types of users. We teach our daughter security guidelines and therefore, she is cautious. My mother – up until now – has always browsed alone, no Jiminy Cricket around

How can you protect yourself?

• It is very important to have an antivirus program that includes a spam filter installed and up-to-date. Any of Panda Security’s solutions will protect you against these kind of threats.
• Check the source of information received. Ignore any pop-up that asks for your personal or financial information.
• Scan you computer for free.
• Inform yourself. We recommend pages on security, for instance, this blog or the Security Info page.

Luckily, my mother never provided her credit card details. Otherwise, she could have been in serious trouble. She has now installed the antivirus, scanned the computer and hopefully, from now onwards, she will be more cautious when browsing the net.

How about you? Have you ever been ripped off online? Tell us your experiences!

Posted by Leyre Velasco

Christmas are getting near and still so many presents to get! However, many of us are still a bit reluctant to shop online as we believe we may fall victim to some scam. Here go a few tips which will help you avoid fraud and which will help you do your online Christmas shopping safely.

What to bear in mind when shopping online

1. Only visit trusted sites. Look for pages with a professional appearance, pages from a well-known brand, sites displaying a customer service telephone number… It is very important to know who you are buying from.
2. Be wary of prize-drawings and ridiculously good offers. Read the conditions of each promotion carefully to avoid nasty surprises.
3. Pay for your purchases securely.  There are different means of payment, for example, cash on delivery, Paypal , credit card, etc.  If you don´t choose cash on delivery payment, remember that you will have to provide more information, and therefore you must be sure that the transaction will be completely safe.
4. Make sure you are on a HTTPS page: Web addresses normally start with ‘HTTP’, for example: http://www.pandasecurity.com/homeusers/downloads
   However, the pages you make online payments on must be more secure and they should start with ‘HTTPS’ As you can see in the image, the Panda Security store URL begins with HTTPS and what’s more, it has a Verisign security certificate.
5. It is advisable to have a bank account with a credit card associated with it for making online purchases. This account will contain just the money you need for this purpose, making monitoring easier.
6. Keep product warranties in a safe place. Besides handling the electronic aspect of online purchases, e-businesses must offer straightforward warranties on products bought. The Web page must contain the following information:
   • Means of payment
   • Delivery terms
   • Product warranties
   • Returns
7. If you find out that the product you receive is faulty, is different from the one you purchased or the delivery terms are not fulfilled, file a complaint through the company’s Customer Service Dept.
8. If you don’t receive any answers and you suspect there could be some kind of fraud, report it as soon as possible.
9. Finally, keep a good antivirus installed. This is your barrier against phishing, spam and other Internet threats. If you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the Support pages and Support forums available to you for any queries you might have, even during the holidays.

Follow these simple tips and you won’t have any surprises when it comes to doing your Christmas shopping on the Internet. The end result will be the smile of those receiving your presents.

Nothing else from my side, I’d like to wish you all very happy holidays in the company of your loved ones.

Published by Blanca Carton, September 2011

Throughout the year, rogueware (fake antivirus programmes) continue to cause damage. What’s more, the trend seems to be on the increase, as stated in PandaLabs trimestral Report.

After warning users of the presence of rogueware targeting Mac OS users, PandaLabs now reports a new rogueware which simulates to be an antivirus program based on the Collective Intelligence (system which continously gathers and scans viruses and other threats for the community). This fake antivirus is called Open Cloud Antivirus.

As you can see in the images below, the cyber-criminals try to sell their “product” by offering you a fake security cloud. Do not click their links in order to activate the protection!

Remember that these fake antivirus are malicious applications which, pretending to be an evaluation version, try to deceive you by making you believe your PC has been infected by several viruses. In order to do so, constant warning alerts such as: Your PC is infected with 32 viruses! Buy our programme to be protected! are displayed on the screen. If you accept and pay, will trigger the nightmare! The cyber-criminals will have achieved the following:

Your money and what is even worse, your personal data including your credit card number. Open door to bank fraud!

How to prevent these attacks?

• If you don’t have an antivirus programme installed, make sure you always install legitimate software. Check with your IT provider or refer to specialised and reputed forums.
• It is vital that you install a real antivirus – Panda is real :) – either for Windows or for Mac.
• If you have unfortunately been victim of rogueware, you can always ask for Technical Support at the Panda Security Forum.

Related Articles

• Malware for beginners: fake antivirus programs

• Fake antivirus programs are now also targeting Mac users

Published by Yolanda Ruíz, May 2011

Mac systems have always had a reputation for being virus-free, among Mac users at least… And despite all our efforts to raise awareness of threats and advise them to install some good security software, I think it will still take some years for the message to sink in, just as in 2000, when we started warning Windows users to protect themselves. Apple’s market share is growing very rapidly and it presents cyber-criminals with a large number of potential victims.

But… let us insist: dear Mac users, please, protect yourselves. There are a lot of Mac threats out there, and rogue security software is just the latest example.

Fake antivirus programs, also known as rogueware, are malicious applications which, once installed on the target computer, start showing warning messages trying to convince victims that their computer is infected. But not only this, the software also offers the perfect solution to this problem. If the user clicks on any of the links displayed, they will be taken to a very well crafted, phony online store where they can buy an antivirus program for €40-€60.

However, if they take the bait, the following is most likely to happen:

1. They will enter their credit card details and pay for a product they will never get.
2. Their credit card number will be compromised and probably sold on the black market. and then… Well, expect to see some strange movements in your bank account.
3. Finally, after all the hassle, the warning messages won’t even go away.

According to PandaLabs, this type of scam is putting more than $400 million a year in the hands of cyber-criminals. Yes, you read that correctly…

Up to now, this scam had always targeted Windows users, but now it is also affecting Mac users. The strategy is more or less the same: attackers use BlackHat SEO techniques to lure Mac users into visiting Web pages advertising an online antivirus for Mac called Mac Defender. If the user accesses the page, the antivirus simulates a computer scan and reports multiple infections. Then, it downloads a zipped Javascript file which will open automatically depending on the browser settings:

We must admit that the application is very well designed and it is really easy to fall into the trap. Once the malicious code installs on the computer, it opens pornographic Web pages to trick users into believing they are infected, and shows fake virus alerts like this:

Finally, it takes the user to an online store in an effort to fool them into paying to remove the fake viruses “detected” by the software, with the aforementioned consequences.

So, let us insist one more time: Mac threats are real. This is a new scenario in which Mac users are particularly vulnerable because they have a false sense of security and think that only Windows computers get infected.

Our recommendation is to install a good security program. If you are a Mac user and have been affected by any of these threats, we would like to invite you to try our Panda Antivirus for Mac free (available from http://www.pandasecurity.com/homeusers/downloads/ ).

You know, as the old saying goes… “Better safe than sorry”.

=================================================================================

Yolanda Ruiz Hervas introduces herself  “I have worked in Panda Security Group as  Communication Manager since joining the company in 2001. Also, I confess I am passionate about technology, my work, motorbikes and cars and good company (and not in order). ‘Carpe Diem!’ is my motto. You can contact me on http://twitter.com/yolandaruiz or  yolanda.ruiz@pandasecurity.com

Published by Blanca Carton, May 2011

Osama Bin Laden’s death is an opportunity for cyber-criminals to very rapidly spread viruses through email messages including false images of him. They use latest news as the recent earthquake and tsunami in Japan as bait for their target. Cyber-criminals created the very same day web sites, emails, advertisement pop-ups, etc. whereby they tried to get funds to help the victims of the disaster.

Up to now, there are no official photos or videos of the body of Bin Laden, so, if you get messages inviting you to view them, don´t trust them and be careful! In some cases, when you open these messages, you will be asked to give your personal or bank details or you will be warned that your PC is infected and encourage you to download a fake antivirus. This fake antivirus will then contain a trojan or worm which will install on your computer, allowing information theft.

This increase in trojan attacks taking advantage of latest news is well reflected on the first semester 2011 PandaLabs* Virus Report.

His spokesman Luis Corrons indicates that: “These first three months have witnessed some particularly intense virus activity and there have been a number of serious incidents during this period, such as: the largest single attack against Android cell phones or intensive use of Facebook to distribute malware.

There has been a new surge in the number of IT threats in circulation: in the first three months of the year, there was a daily average of 73,000 new samples of malware.

Once again, over this quarter Trojans have accounted for most new threats, some 70 percent of all new malware created. Yet there is logic to this, as these types of threats are favored by organized criminals for stealing bank details with which to perpetrate fraud or steal directly from victims’ accounts.

Finally, remember that the best defense against all types of cyber-attacks is to maintain good practises regarding your personal data when surfing the Internet, access trusted sources and to have an up-to-date antivirus.

Why not try one of our free antivirus programs. They offer the best protection against viruses and software designed to steal your information.  If you are not sure about something during the installation or update processes, don’t leave it for later. Look for the appropriate solution in the support forums available to you for any queries you might have.

===========================================================================

*PandaLabs: Panda Security´s detection and disinfection laboratory.

Published by Carlos Santa Coloma, April 2011

From Beta Services, we would like to share with you the availability of the new beta version 5.50 of Panda Cloud Office Protection

Panda Cloud Office Protection is a security solution for PCs and servers based on the concept of  Software as a Service (SaaS). Software as a Service lets companies focus on their core business, freeing them from the management tasks and operating costs associated with traditional security solutions.

It prevents companies from having to invest in additional hardware, maintenance personnel and other resources dedicated to anti-malware protection while achieving high level security, even in remote offices, with minimum resource consumption.

The Web-based administration console allows centralized management of computer protection anytime from anywhere through single-sign-on.

Panda Cloud Office Protection offers an innovative way to manage security, as it automates all maintenance tasks. This lets many small businesses forget about security management or outsource it quickly and easily with no impact on the user.

Panda Cloud Office Protection is complemented with periodic security audits benefiting from Panda’s exclusive Collective Intelligence Technologies.

Besides, the Web Console of Administration for Service Providers allows the remote and centralized efficient management of the clients security.

Among others, these are some of the new features of this version:

A. Panda Cloud Partner Center improvements and new features

The new partner console, Panda Cloud Partner Center, has been designed so that all our partners can perform all the operations they need to manage their clients both commercially and in terms of security.

Panda Cloud Partner Center is the evolution of the partner console from Panda Cloud Office Protection.

This new solution enables the management of licenses and clients of Panda Cloud Office Protection, Panda Cloud Email Protection and Panda Cloud Protection (some of the features of Panda Cloud Partner Center are not available in the beta version. BTW, it is possible to perform a visual review of them).

Among others, these are some of the new features Panda Cloud Partner Center includes:

Viewing licenses in the console.

Assigning licenses to clients.

Creating a new client.

Importing license packs.

Trials for new clients.

Access to the partner console for Panda Cloud Email Protection.

Compatibility with new browsers:
1. End of support for Internet Explorer 6.0. The console is optimized for Internet Explorer 7.0 or later.
2. Support for Firefox 4

B. Administration Web Console improvements and new features

Remote access to computers using remote control tools.

Nowadays, when the administrator sees errors in one of the supervised computers, or if he wants to look at something in them, there is no tool to access the computers from the console.

In this new version 5.50 of Panda Cloud Office Protection, the administrators have the option to access their computers using remote control Tools previously installed in the computers.

The remote access is allowed using one of these Remote Control tools: Team Viewer, RealVNC, UltraVNC, TightVNC and LogmeIn.

For more information about this Beta version, or to take part in it, please browse the Beta Zone in the Panda Security’s web site

If you have any issue, doubt or suggestion about this version, please, do not hesitate to contact us by our mailbox beta@pandasecurity.com

We will be pleased to help you. Thanks!!

Beta Services
Panda Security