La Piazza Blog - PANDA SECURITY SUPPORT

Posted by Blanca Carton October 13, 2009

Twitter, Facebook and MySpace are highly popular social networks. Unfortunately, there are always hackers who try to exploit the success of these networks for financial gain. Such is the case of Twitter, which has become an easy target for hackers to distribute spam.

How can you protect against spam in Twitter?

• Disable the “followback auto” option. This way, you will be able to choose the people you want to follow.
• Do not access all the links you receive. Make sure you know who you are following. 
• Follow the spam profile in Twitter: http://twitter.com/spam. You can find good tips here. For example, according to a recent post,  “If you gave your login and password info to TwitViewer, we strongly suggest you change your password now. Thank you!”
• Install a complete security solution on the computer, preferably with an antivirus, firewall and phishing filter module.

If you follow these tips you will be protected against spam.

What type of spam could I have received?

The most common types are:

• Trending Subjects Spam: This spam searches for popular subjects (e.g. Michael Jackson’s new movie, store discounts, etc.) to publish similar tweets with malicious URLs.
• Tweet spam: This type of message comes from one user following another. Consequently, all the attached followers can see the tweet.
• Direct Message: This direct message comes from a follower. Therefore only the recipient can see it.

Don’t forget to follow us in Twitter @PandaTechSup and visit us at our New Tech Support Forum !!

Blanca Carton -  eknowledge Department

Posted by Nerea Bezares October 08, 2009

Some parents believe that if their children do not have access to new technologies, they may not be preparing them for the future. Consequently, they purchase a PC and pay for an Internet connection for their children to benefit from it.

• Do children really need a computer at home?
• How much time should they spend on the computer?
• What should and shouldn’t they do?

These answers can be provided by your children’s teachers, who will inform you: 

1. Whether they learn about new technologies at school and whether they need a PC at home. 
2. Whether the school has computers children can use out of school hours to do their homework.
3. Whether libraries and youth centers nearby offer basic courses, activities or free Internet use. 

Above all, teachers will know your children and can provide guidance regarding activities and the time they should dedicate every day, depending on their age and educational progress.

You will see children’s enthusiasm as they turn the computer on (without fear or prejudice), and the speed with which they assimilate concepts that adults have taken a long time to assimilate.

• Through educational games (music, letters, numbers, pictures, etc.) they expand their vocabulary, and improve their writing, reading, memory and motivation.
• When they search for information (mostly when working with other students or parents) children learn to overcome obstacles through team work, and are encouraged to share.
• On using social networks (Facebook, Twitter,…), they evolve as individuals feeling part of a group that has their same interests, etc. Remember that this point is not without risks.
• Later on, as children advance, let them explore in a controlled way, monitoring them at a distance. You will be increasing their security and autonomy.

We have found common guidelines among parents and children between four and eight years:

• Parents install games they have previously checked.
• Internet access is limited to specific pages through a control (Antivirus - Parental Control).
• During the week, limit computer use to an hour a day maximum.
• When children have the chance to play with friends, go for walks, on excursions, etc. turn the computer off. 
• If children behave badly, don’t let them use the computer. 
• In the case of adolescents, these guidelines are also valid, but slowly increasing their autonomy according to their level of responsibility.

All this, bearing in mind the danger and tips previously explained in this blog and in your children’s educational environment.

Tell us your experience and whether you want us to focus further on a specific area.

Nerea Bezares -  eknowledge Department

Posted by David San José September 22, 2009

On checking your mail you could find messages with enticing names of famous people, e.g. “Angelina Jolie porno Video Free”, “Barack Obamaaaaaaaaaaaaaaaaaaa!!!!!!!”, “Brad Pitt naked video!!!”, “Michael Jackson free video!!!”, etc.

Sometimes the email subject begins with popular social network names; “Facebook….!!!”,  “Twitter…!!!”.

The common feature is that they use interesting subjects to temp users into opening them. From then on, the door is open to E-crime, which could install unauthorized programs on your computer.

Here is an example of the spam detected, related to Angelina Jolie:

Hackers are becoming increasingly crafty. For example, who wouldn’t open an email which allegedly contains flight tickets? or an invoice? Cyber-criminals try and get as close to victims’ daily lives as possible (at work or at home).   

Once open, these emails are designed as Trojans that steal information from your computer without you noticing.

To prevent these emails from accessing your mailbox you must install an antivirus and enable the automatic updates. This way, Panda Security protects you against identified E-crime.

This post has been written together with PandaLabs which has a mailbox you can send suspicious emails to (virus@pandasecurity.com) and will inform you whether it is spam or not.

David San José

Posted by Blanca

Twitter, Facebook, MySpace and other social networking sites are inceasingly being targeted by cyber-criminals drawn to the wealth of personal information supplied by users, experts warn.

Data posted on the sites - name, date of birth, address, job details, email and phone numbers - is a windfall for hackers.

A vicious virus Koobface - “koob” being “book” in reverse - has affected thousands of Facebook and Twitter users since August 2008, said Asier Martinez, our security specialist. “Its spread has been very significant and it has been detected in 4,000 different variants,” he said.

The virus hijacks the accounts of social networking site users and sends messages steering friends to hostile sites containing malware, a malicious software often designed to infiltrate a computer system for illicit purposes.

In one of its variants, Koobface sends the victim a warning that its Flash player is outdated along with an invitation to download a new version, which is in fact the virus.

Remenber that malware can be used to steal bank account data or credit card information once installed on a personal computer.

Facebook has sought to resist attacks by Koobface and similar viruses by blocking links to hostile sites and shutting down accounts from users that show signs of infection, such as sending too many messages.  You also must be very careful with people who ask to join your friends list adding that hackers often sent requests.

Another danger of social networking sites are:

• The popular quizzes.
• Horoscopes and games made available for free to users which can sometimes be used to hide links to hostile sites.
• Birthday greetings as well as messages sent at Christmas and other holidays may also appear to come from friends when in fact they are linked directly to sites that try to convince would-be victims to reveal personal information like passwords or bank numbers.

The number of viruses detected in recent years has exploded while the profile of cyber-criminals has changed. Before it was very savvy teenagers who wanted to show off their computer skills. Now you don’t really need to know much about information technology to be a hacker, all the tools have already been created.

Now, why not sharing with me some of your experiences?

Posted by david, July 3, 2009

Some weeks ago I had the pleasure of listening to a talk from Genis Roca, in which he explained how people’s perception of technology is ‘everything that has been invented after they were born’. The idea is that we don’t consider anything invented before we were born as technology, because it has always been there; it is something natural to us. While I share this perception of technology to a large extent, it is also true that in my case it applies only when I discover something new and even then for a short period of time (the ‘euphoric’ phase). Take, say, an Ipod; to my father this is technology, but to me it is just a device for listening to music, just as a discman was 20 years ago. Sure, I can also surf the net, watch movies… but in the end it is still a device designed for listening to music.

Are social networks and Web 2.0 technology? The way I see it, they are just channels through which I can interact with people and share information or just talk. Of course I can also share photos, play, post videos, tag friends,… but once again, in the end they are applications for communicating, just as in the 90s we had IRC, and in ten years’ time we will have… whatever.

So what essential differences are there between showing my friends photos in a traditional photo album or posting them on Facebook? Basically three: the immediateness, the duration and the feedback. I could be in London, take a photo, publish it on Facebook and in less than five minutes my friend Ted, who lives in the backend of nowhere in Australia, could be telling me what he thinks of the photo. If I keep my photos published for three of four years, then Ted can always see my photos of London again, without having to come to Spain to see my album.

If we apply all this to tech support, it drives us to look for a way of offering immediate support, which lasts and also provides real, sincere feedback. If customer ‘A’ has a problem, she can contact us and we can offer a specific solution to the specific problem. If customer ‘B’ has the same problem, he can send us an email and we can offer the same solution that we gave to customer ‘A’. If, two years down the line, customer ‘A’ has the same problem again, she can contact us and we can send the same solution that we did two years previously. So now, you will have realized, we have sent the same solution three times. It would seem then that we have a problem. We are providing immediate and effective solutions but they don’t last and they don’t always provide feedback. It’s as if my friend Ted wanted to see my photos of London and each time had to get in a plane and come from Australia to Spain to tell me personally that he likes them. Now I quite like seeing old friends, but this really doesn’t make much sense, does it?

This is why some time ago we started to move towards Support 2.0: from person-to-person, reusable, taking advantage of forums, Facebook, Twitter, blogs,… yet today I want to talk to you specifically about our new Tech Support forum.

Let’s put the previous situation in the context of the 2.0 environment. Customer ‘A’ has a problem and decides to go to the Panda Security Tech Support Forum to find a solution to her problem. She looks in several sub-forums but doesn’t find a solution, so she decides to contact us. Somebody who works at Panda Security offers a solution to the problem, customer ‘A’ applies the solution and immediately, through the solution we have provided, confirms that we have resolved the problem.

Panda Tech Support Forum

Some days later customer ‘B’ has the same problem, he goes to our forums and in one of the sub-forums he finds the solution that we gave to customer ‘A’. But that’s not all. He also sees that the solution has been satisfactory for customer ‘A’. This is very positive for customer ‘B’, he knows that the solution is good, applies it on his computer and goes back to the forum to give his feedback and offer suggestions on how the solution might be improved even. Some time later customer ‘A’ has the same problem again. What will she do? Look at my photos on Facebook or get a return plane ticket from Sydney to Bilbao? But it doesn’t end there, as anyone could run a simple Google search to find the post with the solution to the problem. The end result? We have immediate solutions, which last over time and we get feedback from the most important agents in the process: our clients.