" panda security "

Identity-theft surges in downturn

Research by Panda Security has revealed that the number of users affected by malware designed for identity theft has increased 600% so far this year with respect to the same period in 2008. Most of these are Trojans, but there are also many examples of phishing, worms and spyware.

“There’s been major growth in the selling of personal information on the black market – such as credit card numbers and Paypal or Ebay accounts,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “We’ve also seen an increase of the distribution and infection of this identity-theft malware through social networks.”

Panda’s anti-malware laboratory receives nearly 37,000 samples of new viruses, worms, Trojans and other types of Internet threats every day. Between January and July 2009 Panda received 11 million new threats, 8 million – 71% – of which were Trojans, compared to 51% during the same period in 2007. Trojans are mostly aimed at stealing bank details or credit card numbers as well as passwords for other commercial services.

Changing trends in identity theft

Hackers have also been busy exploring new channels for propagating threats as well as new sources of revenue. In the past malware samples mainly targeted users’ online banking information by getting them to enter their user name and password in a spoof bank website. Now, however, potential victims are taken to any platform or online site in which their bank details may be stored or where they might have to enter them.

This resulted, says Matthews, in an increase in targeted attacks on pay platforms like Paypal and other services where users often save their payment details. “These include popular online stores, such as Amazon, online auctions like eBay or even NGO portals where they make charitable donations,” says Matthews.

Similarly, whereas email was practically the only channel used in the past for contacting victims, many other methods are now being used:

– Message distribution across social networks with fake URLs, such as Twitter or Facebook

– Cloning of Web pages to make them appear among the first results in searches by keywords in popular search engines.

– SMS messages to cell phones.

– Infecting computers with spyware which displays alarming messages and takes users to fake websites (e.g. fake antivirus programs)

Messages that use social engineering are often the final touch to lure users into taking the bait. Once they have obtained credit card or bank details, the cyber-crooks can either sell the details on black market for about 3 euros each or use them to make purchases (which victims will be unaware of until they receive their bank statement).

How can users avoid identity theft?

Panda estimates that around 3% of all users have been victims of this techniques. The problem with these types of threats, unlike traditional viruses of the past, is that they are designed to go undetected, and therefore users do not realize they have become victims until it is too late.

Panda suggests several basic prevention measures:

1. Firstly, it is extremely improbable that online banks, payment platforms or social networks will ever send messages (emails, texts, etc.) to users asking for their login credentials, and much less for their credit card details.

2. Whenever you access an online bank, store, etc. always type the address directly in your browser. It is never advisable to enter these sites through links received through any channel nor links returned by search engine results.

3. Even having typed the address in the browser, check that the URL is really the one you have entered, and that the address has not changed into something unusual when you have clicked Enter.

4. Check that the page contains the corresponding security certificates (these are generally displayed with a ‘locked padlock’ icon in the browser).

5. You should always have a good security solution installed on your computer. This will help detect if you are entering a spoof Web page. It is always good to have a second opinion to ensure that you have not been infected by Trojans etc. You can get this through any reliable free online application, such as Panda ActiveScan (available at www.pandasecurity.com ).

6. Above all, if you have any suspicions don’t enter your details and contact the corresponding bank, store or service provider that you are trying to access.

7. If you are someone that frequently uses online services for shopping and banking, you can also get insurance for your online activity, which will cover you in the case of fraud.

Panda’s new cloud-based 2010 products “ultra-light”

Panda Security has launched its new, ultra-light 2010 consumer solutions, which include Panda Antiivrus for Netbooks, Panda Antivirus Pro 2010, Panda Internet Security 2010, and Panda Global Protection 2010. The new consumer products are designed specifically to offer maximum protection with a minimum impact. Thanks to Collective Intelligence cloud technologies, first launched by Panda Security two years ago, the new 2010 solutions offer an 80 percent performance improvement with respect to previous versions. Panda’s new retail solutions also deliver 60 percent improved browsing speed and 40 percent improved download speed over previous versions, consuming just 8 MB of memory.

All of Panda Security’s new solutions also incorporate proven USB vaccination technology to prevent virus infections and spreading vectors very commonly used by today’s malware. In addition Panda’s 2010 solutions incorporate a brand new heuristic engine and generic signatures that, working both locally and with Collective Intelligence scanning-from-the-cloud, provide the highest rate of protection against the newest malware and identity theft trojans.

Panda Antivirus for Netbooks, a brand new, ultra-light consumer solution specifically designed for netbooks, mini laptops and ultra portables includes anti-spyware, anti-phishing, anti-rootkits, firewall and identity protection.

Panda Antivirus Pro 2010 offers easy-to-use protection against viruses, spyware and hackers, and also includes a new engine against identity theft. Users can chat, share photos and videos, bank and buy online, read their favorite blogs or simply surf the Web, with complete peace of mind thanks to its built-in firewall. This easy-to-user solution is truly install and forget.

Panda Internet Security 2010 is a comprehensive suite for all types of threats including viruses, rootkits, hackers, online fraud, identity theft and all other Internet threats. This solution also offers an online backup system with 2 GB of free space as well as system recovery tools. The anti-spam engine ensures user inboxes remain free from junk mail while the Parental Control feature ensures children can use the Web safely.

Panda Global Protection 2010 is Panda Security’s most complete security solution, protecting users from every type of Internet threat, including: viruses, spyware, rootkits, hackers, online fraud and identity theft. In addition to an anti-spam engine and parental control features, users can also back up important files (documents, music, photos, etc.) to a CD/DVD or online (5 GB free space available) and restore them in case of accidental loss or damage. With the integration of Collective Intelligence, memory consumption, browsing and download speed have been improved significantly.

Visit the Panda’s 2010 product page for more info.

Panda Global Protection 2010 beta unveiled

Panda has released a beta version of Panda Global Protection 2010, its flagship anti-malware suite for consumers. This beta version is available here.

Panda Global Protection 2010 leverages knowledge from a global community comprising millions of Panda users worldwide and Collective Intelligence technologies to protect users from the cloud. Each new file received by Collective Intelligence is classified automatically within six minutes. The Collective Intelligence servers automatically classify more than 35,000 new malware samples every day. These technologies correlate information on malware received from computers to continuously improve the protection level for the worldwide community of users. Panda Global Protection 2010 has continuous, real-time contact with this vast knowledge base allowing it to offer users the fastest response against the new malware that appears every day.

Panda Global Protection 2010 includes improved, innovative detection and protection technologies and a new engine with 80% less memory consumption to ensure that users have the best protection in the most resource-friendly solution.

Panda Global Protection 2010 beta includes:

·     Antivirus
·       Proactive protection technology:
·       Anti-spyware/Anti-adware
·       Anti-phishing.
·       Anti-rootkit.
·     Personal firewall.
·       Anti-spam.
·       Identity Protect
·       Parental Control
·       Local and Online Backup
·       PC Optimizer (Tune-up)

Coinciding with this launch, Panda Security has set up a competition to reward its betatesters.

All users that download this beta and help Panda Security improve the product –reporting interface typos, functionality issues, etc.- will take part in a competition to be judged by a panel of technical experts from Panda Security. The ten betatesters adjudged to have made the best contributions to improving the product will each receive a $200 Amazon voucher.

In addition, all users that report a previously unknown incident will get a 50% discount on the final release version of Panda Global Protection 2010.

To download the free beta and get more information about the competition, click here.

Panda SaaS solution saves 50% of security costs

Panda Security has launched version 5.03 of Panda Managed Office Protection (PMOP), its security-as-a-service (SaaS) solution. This new version includes a series of new features for companies (end-clients) as well as partners and VARs.

PMOP is easily and rapidly installed across the Internet. It offers complete management of company security, regardless of the number of remote offices or mobile workers. It also allows security management to be outsourced to partners offering this service, with simple and rapid access via the Web at all times to real-time reports and network monitoring.

‘We project that clients will save up to 50% when using this solution as opposed to installing a traditional security solution,’ says Jeremy Matthews, head of Panda’s sub-Saharan operations. ‘This way, companies can focus on their core business without worrying about security, and possible productivity and competitivity problems derived from infections.’

Matthews says the new features for companies include the possibility to select different types of reports to be sent to different groups by administrators. Other features implemented in version 5.03 of Panda Managed Office Protection include the sending of detection warnings through an SMTP server with authentication, the management of licenses with several maintenance contracts and numerous improvements regarding the creation of reports and the monitoring tools.

Similarly, this new version includes many new features for partners and VARs such as the automatic sending of reports (daily, weekly or monthly), the option for enabling/disabling remote updates, choosing the default language for clients’ protection and centralised viewing from the service provider console.

The new version 5.03 is also compatible with Windows Small Business Server 2000/2003/2008 and Windows Home Server.

Panda Managed Office Protection got the highest rating (5 stars out of 5) in the latest review carried out by PC World. The Spanish magazine highlighted ease of use and the ability to manage from a single console. The product has also been awarded the Editor’s Choice seal in a comparative review by PC Magazine’s Dutch and Belgian edition.

Click here for more information about Panda Managed Office Protection.

Cyber-crooks use Facebook to drive rogue anti-malware business

According to global IT vendor Panda Security, the 56th variant of the Boface family of worms has just appeared. Each of these variants has been designed especially to use Facebook to distribute and download malware. This is largely due to the enormous global popularity of this social network and the potential it offers for reaching numerous users. The BJ variant in particular uses Facebook to download and install rogue anti-malware and trick users into believing they are infected and consequently buy a fake antivirus.

Data compiled through the free Panda ActiveScan online scanner has shown that since August 2008, 1% of all computers scanned were infected by a variant of Boface.

“Extrapolating this data in line with the number of Facebook users (approximately 200 million), we arrive at a figure of 2 million users that could be infected,” says Jeremy Matthews, head of Panda’s sub-Saharan operations. “The increasing number of variants in circulation is due to the aim of cyber-crooks to infect as many users as possible and therefore boost their financial returns”.

Almost 40% are in the United States, with the rest distributed across many different countries. The number of infections observed for this type of malware since August, indicates an exponential growth rate as high as 1,200%, comparing April 2009 with August 2008.

The rogue anti-malware business is one of the most prolific cyber-crime activities, with respect to the number of examples in circulation. Panda forecasts quarterly growth of more than 100% for the current year.

The new variant: how it works

The new Boface.BJ worm reaches computers in several ways: email messages with attachments, internet downloads, files transferred via FTP, IRC channels and P2P file-sharing networks.

Once the computer has been infected, the worm kicks into action once infected users have entered their Facebook accounts. In that moment, it sends a message to the entire network of friends, including the infected user. Anyone clicking on the link in the message will be taken to a fake YouTube page (called “YuoTube) where they will supposedly be able to see a video. However, they will first be prompted to download a media player. If the user accepts, the fake antivirus will be immediately downloaded.

From the moment it is installed, this malware will launch messages claiming that the computer is infected and that the user must buy a solution.

Given Facebook’s viral nature of networks, it is fair to assume that this message will spread exponentially leading to very high infection rates.

“Users of social networks like this normally trust the messages they receive, so the number of reads and clicks is often very high,” says Matthews. “Clearly, in addition to the security measures of the social network itself, users have to take on board certain security and personal privacy basics, to avoid falling victim to fraud and contributing to its propagation.”

To prevent this type of fraud, Panda Security offers the following advice:

1)    Don’t click suspicious links from non-trusted sources. This should apply to messages received through Facebook, other social networks and also email.
2)    If you do click on any such link, check the target page carefully (in this example, it is clearly a fraud). If you don’t recognize it, close your browser.
3)    Even if you don’t see anything strange in the target page, but you are asked to download something, don’t accept.
4)    If, however, you have still gone ahead and downloaded and installed some type of executable file, and your computer begins to launch messages saying that you are infected and that you should buy an antivirus, this is very probably a fraud. Never entered your credit card details, as you will be putting your money at direct risk. And above all, make sure you get a second opinion on the security of your system, with any reliable free online security solution such as Panda ActiveScan.
5)    As a general rule, make sure your computer is well protected, to ensure that you are not exposed to the risk of infection from any malicious code. You can protect yourself with the new, free Panda Cloud Antivirus solution.

Recession could spark cybercrime surge

Several months ago Panda claimed that cyber-crime would increase as a result of the global economic downturn. This has been confirmed by Microsoft. A report on News24 says:

The global financial crisis threatens to spark a rise in cyber crime as computer experts lose their jobs and resort to illegal ways to earn a living, a senior official of Microsoft said on Thursday,

“Today these (cyber) attacks are not about vandalism any more, today it’s about cash,” said Roger Halbheer, Microsoft’s chief security advisor for Europe, the Middle East and Africa.

“Cyber crime has gone from cool to cash. And this will definitely grow in the future,” he told AFP on the sidelines of an international conference on terrorism and cyber security.

Read the rest of the report here.