Criminal gangs are after your money, and a few of them may be smart enough to get it.

Banking Trojans have been around since at least 2007 and they have become part of our everyday lives. In recent months, ZeuS Trojans have targeted to Finnish banks, resulting in financial losses for hundreds of customers. The success of these trojans has been startling and similar attacks are occuring around the globe.

How does a ZeuS Trojan work?

First, a trojan has to find a computer that is not fully protected. Once it infects a PC, the malicious software sits waiting until it is activated when a customer establishes an online connection to his or her bank.

When this happened to customers in Finland, they saw a message that said, “We are sorry, there is an error and we are working to fix it.” At that point the attack is a success. Personal information provided by the customers can then be exploited and cash transfers can then begin. Often customers do not even realize that they’ve been attacked until long after the transfers are made.

F-Secure’s Labs’ Threat Research Team has been investigating banking trojan cases for more than half of a decade. F-Secure’s Security Advisor Sean Sullivan says: “While Finnish banks have excellent safeguards and protections, we should remember that some of those protections are almost 20 years old. Cyber criminals have had plenty of time to work out new strategies.”

What can we do to protect ourselves?

Here’s Sean’s advice:

1) Don’t panic. It’s a real problem, but no more so than getting your pocket picked in the real world.

2) Keep your software up to date, and uninstall that which you don’t use. (e.g., Java). We recommend F-Secure’s Internet Security 2012, of course.

3) If you feel there’s something unusual about your online banking experience, call your bank and chat with their support. They are more than happy to help you!

Cheers,

Anna

CC image by: BFS Man

Share this

Seit 2011 gibt es die User-Community von F-Secure, erreichbar über die
F-Secure-Website und über unsere englischsprachige Facebook-Seite. Bisher haben dort mehrere tausend Nutzer über 3.270 Beiträge gepostet, um sich gegenseitig bei Fragen und Problemen rund um PC-Sicherheit, Internet-Sicherheit, Backup usw. zu helfen.

Wir sind stolz auf diese Community, aber zugegebenermaßen gab es bisher ein
Problem: Alle Beiträge sind auf Englisch. Unser Kundensupport ist natürlich
in mehreren Sprachen über Chat, E-Mail oder Telefon erreichbar. Aber nur
unsere englischsprachigen Kunden hatten bislang die Möglichkeit, sich
gegenseitig in der Community zu helfen.

Das ändert sich ab heute, denn jetzt ist unser deutschsprachiges Forum
online. Leider können wir dort noch nicht all das Wissen zur Verfügung
stellen, das sich bereits in der englischen Community angesammelt hat. Aber
da kommt Ihr nun ins Spiel!

Wir hoffen, dass Ihr Euch bei dem neuen Forum anmeldet und dort munter
mitmacht. Bereichert die Community mit Eurem Wissen über F-Secure oder über
Computer- und Internet-Sicherheit allgemein und macht Euch selbst dort
schlau. Wir freuen uns, Euch in unserem neuen deutschsprachigen Forum zu
treffen!

Hier geht es zum deutschen F-Secure-Forum:
http://community.f-secure.com/t5/Deutsch/ct-p/Deutsch?skin=de

CC image by:  jimwinstead

Share this

Last week, after a hacker posted thousands of what he said were Facebook login credentials, Facebook said that most of the logins were not valid. That’s not exactly reassuring.

That’s why we thought now would a good time to discuss why password security is so important on a site like Facebook.

What does a hacker get if he gets your password?

He gets immediate access to your account and the opportunity to change your password to deny you access. That’s bad. What’s worse? He could then get access to any other sites where you use the same combination of login and password. If this includes your email, he could wreck major havoc.

How to protect yourself

1. You should use a unique combination of login and password for ANY site that matters to you.
2. Choose a strong password that can’t be guessed.
3. Watch where you click on Facebook.
4. Keep your system and security software patched and protected.
5. Don’t click on links in your email.

What should you do if you think you’ve been hacked?

Change your password immediately. Then change the password of any account that uses that same password.

Cheers,

Jason

CC image by familymwr

Share this

We want to pass on some advice that F-Secure Labs has been sharing for a while: “Do you need Java in your web browser? Seriously, do you? If not, get rid of it.”

Sean Sullivan, F-Secure’s Security Advisor, explains why:  “The problem isn’t a particular vulnerability; it’s that Java always has the latest, most popular vulnerability to exploit.”

The good news most people do not even use Java anymore. (Some confuse it with Javascript, which is still widely used.) The bad news is online criminals all over the globe are successful infiltrating systems through a program that may not even be necessary.

So if you don’t need it, get rid of it. If you need it later, you can always install it later.

If you don’t want to remove it or need to it to run a specific application, you need to make sure it is always updated.

Cheers,

Jason

Share this

The busier we get around the holidays, the more likely we are to make a mistake online.

We’ve put together a quick snapshot of this year’s online shopping environment in the US. It also includes some useful tips to protect yourself whenever you’re shopping over the Internet.

We hope you enjoy it and have wonderful holiday and new year wherever you are.

Cheers,

Anna

Share this

It’s not just you. A lot of people are concerned about their privacy on Facebook. Some are worried about being tracked, even when they aren’t logged in. Some are worried about unintentionally sharing private information or opinions that can threaten their reputation or relationships. Others worry about exposing the private data on their machine through some tricky attack.

As Facebook’s new Timeline is being introduced now is the perfect time to think about how you use Facebook. We have given you 3 things to do before you activate Facebook’s new Timeline. We hope you’ll take those steps to review what you have and will be sharing and with whom. What more can you do?

You use smart passwords and have your PC patched and protected. You know, of course, the most important privacy feature on Facebook is the ‘Post’ button. If you make a point of NEVER sharing anything that you wouldn’t want your grandmother or your worst enemy to see publicly, you’re off to a good start.

 But what extra step can you take prevent invasive tracking and protect the private data on your computer?

Here’s what Sean from F-Secure Labs recommends: Do all of your social networking in a one browser. Use one browser exclusively for “public” behavior. Then use a separate browser for all of your private banking, shopping and viewing. This strategy helps you avoid worries about tracking and information bleeding between your private and public lives.

Want to be even safer? Use a dedicated machine for your social activity. This is an extremely wise strategy if you use your PC to manage your finances and or business.

An added advantage to using a ‘public’ browser or PC for your social networking is that you’ll constantly remind yourself that what you share online stays online.

So we want to know. What do you think of Facebook’s new Timeline?

Cheers,

Jason

Share this

In  recent study, 82 % of people said the content on their phone is more valuable than the actual device*. Why is that? Well, imagine this scenario.

You are usually very careful with your phone. But somehow when you had lunch at a nearby café with a colleague, you set it on the table. After you pay the check, you take off but you don’t take the phone. In less than 10 minutes, you’re back in the same spot but the phone is gone. No one has seen it. Where in the world can it be?

Suddenly you think about what’s on that little phone. Contact details of 80 people, both personal and business contacts—names, phone numbers, possibly e-mail addresses. You only use about 20 of those on a regular basis. But you were just about to send out invites to your holiday party.

What about the photos? Photos from your trip to Spain—irreplaceable images of family and friends. And few clips from your trip to Glastonbury Festival. And then there is all the music you listen to every day, on your way to work.

You also have a personal calendar, with your appointments to dentist and loved one’s birthdays. Don’t forget about the dozens of different applications, social media, news services, weather reports, cooks books and games like Angry Birds. You even do your mobile banking on that phone, which reminds you of how much you spent buying that stupid phone.

Using our Mobile Security, you can you can lock your phone with one SMS message. Now whoever picked up your phone can’t access any of your content.  Want to know where you phone is? It’s simple, after you sent that SMS message you can see the location on a map. Wait. It’s in your office? Your co-worker accidentally took your smartphone from the table. A happy ending.

Our Mobile Security also features other valuable features. Protect your content from viruses and malware. You can use safe browsing to avoid scams and parental control to protect your children from unsuitable web content. You can also locate your children or block telemarketers.

The time invested and memories stored in our phones can’t be estimated or priced. Mobile security is about more than protecting yourself from the digital threats that stalk our PCs. It’s about giving you control over your digital life. You can try it for free.

We hope you and your phone have a wonderful holiday, wherever you are.

Cheers,

Anna

*According to a VTT Technical Research Centre of Finland survey commissioned by F-Secure.  Survey “Customer Value Analysis” was conducted during May-June 2011, in Brazil, Finland, France, Germany, Italy and Sweden. In each country there were 500 respondents, total of 3000 respondents aged 18-65.

CC image by Tanjila

Share this

We all value our precious files. Well, maybe not the files exactly, but what they contain: images of our family and friends and our important documents. According to a survey completed by F-Secure ** 93 % of respondents agreed that preventing the loss of personal content is very important. Still we tend to think that only other people will ever have to deal with losing files. 

So why worry? I didn’t, not until my home laptop started to crash. I was sure my unfinished thesis work and all the pictures of my loved ones were gone for good. I just wished I had been smarter and backed up my personal files. But I was lucky.

I was able to start my computer one more time and I copied all most of my files to a new external device. That’s the most common way to backup your files; according to another F-Secure survey* 54.4% people backup their important files to external hard drives.

External hard-drives may be good for transporting files but they aren’t the most reliable backup. My house could be robbed or I could lose my device. Even though unexpected things tend to happen to only other people, the other person could be you.

My good friends recently learned this lesson the hard way. One night they woke up to a sound of fire alarm and flames roaring inside their home. They had less than one minute to get out—no time to take anything with them other than their loved ones. Their house was gone for good. So were all of their belongings.

Later, I asked my friend what she misses most from that lost house. The answer was simple: pictures. Especially pictures of her child’s first year, the first steps and first birthday party. These memories were all in digital format, but not shared nor stored anywhere. The computer went up with the house.

Pictures, videos, the work you’ve done–you value them all. But you value them most when they are gone.

You should act before anything happens to you. We at F-Secure are very pleased to announce an effortless way to make backups and also share content with our new F-Secure Online Backup. It automatically makes backup copies of pictures, music and other important content saved on your computer and stores these backups on our secure servers.

You can get F-Secure Online Backup now at or through our global operator partners.

Cheers,

Anna

CC image by jsome1

* F-Secure broadband subscriber survey, April 2011 (Brazil, Finland, France, Germany, Italy, Sweden, 3,000 respondents in total).

** The survey was carried out by F-Secure via SurveyGizmo during April 2011. A total of 609 respondents were solicited from around the globe through F-Secure’s Safe and Savvy blog.

Share this

In June, the F-Secure Community launched. The goal was simple: a real-time forum where F-Secure customers, fans and experts could ask and answer questions in real-time. Six months and a few thousand posts later, the Community is alive and growing.

F-Secure’s Customer Care team has been taking away features that don’t work—such as my failed attempt at starting a Social Media Security board—and adding new, cool features—such as the Idea Exchange where you can submit or recommend an idea for an F-Secure product.

What’s especially exciting is how the Community team loves to create fun events like this  Q&A with F-Secure Labs’ Mikko and Sean. Until December 9^th, you can ask these two world-renowned virus researchers any security question you have in mind. Ask them about Brain, Stuxnet or Duqu. Or ask them why a neighbor stealing Wi-Fi might be a bad thing, or not. It’s up to you. And after December 9, you’ll probably still be able to find some expert to answer most any question you might have about F-Secure security, mobile or backup.

You probably know Mikko, Sean, the Labs Weblog and F-Secure are active on Twitter. But you may not know that now our Customer Care team has joined the world’s largest mini-blogging site as @FSecureCares. So now you can contact support by chat, email, phone and Twitter.

Thanks for following us as we try to connect in most useful ways possible. Your support and time are appreciated. If you haven’t joined the Community, we hope you’ll do so now.

Cheers,

Jason

Share this

As the holiday shopping season begins online, throngs of Internet shoppers are on the hunt for the best deals on gifts for their friends and family.

F-Secure recently surveyed 405 Internet users solicited from all over the world through Facebook, Twitter and the Safe and Savvy blog. We found that 87% of these Internet users were planning on shopping online. Of those 66% of online shoppers are planning on doing most of their shopping online. That is up 12% from last year.

The best news is that shoppers are savvier about online shopping than ever before. 82% reported that they check to make certain that a site is securing their data before they click “Buy.” While this doesn’t remove any and all risks from cyber shopping, it does mean that shoppers are being careful.

Here are four tips to ensure you stay safe while shopping online throughout the 2011 holiday season:

1. Visit retailers’ websites directly if possible (e.g., www.amazon.com vs searching ‘Amazon’ on Google) and search for gifts directly on retailers’ sites.
2. Use Internet security software that features browsing protection (or check links with F-Secure’s free Browsing Protection).
3. Always check a site’s URL before making any purchase (look to make sure you’re at the correct online store and that the page URL begins with https://, which means it’s secure).
4. Try to use only one credit card for your online purchases and monitor any card you use online regularly.

We’re proud to help making online shopping a safe alternative to waiting in lines at the stores. Enjoy.

Cheers,

Anna

CC image by Justin Marty

Share this