What we post on social networks now, can have a positive or negative impact on college, career or dating prospects in the future. What do you do to protect yourself from possible problems? How do you stay away from online situations that could reflect badly on you?

We took to our 950,000+ Facebook fans for answers about ways to protect yourself, both on Facebook and on other social networks in general:

• If you wouldn’t say it in real life, don’t say it online.

• I lock down my profile and only let my “friends” on here see my profile and wall. Everyone else only gets to see my picture and the “add as friend” button.

• Control who can see your posts. If you see any old posts on your wall that could make for a bad situation in the present, go back and delete as many as you can.

• Some things are meant to be private, it’s best if you keep them that way.

• The world is full of gossipers and grapevines so only give them what you are happy with.

• Remember, anything that you put on Facebook is permanent! The new Timeline feature is a definite reminder of that!

• Be careful about which apps you install and which privileges you give them. Allowing apps to post on your behalf might lead to unwanted messages being sent “from you”.

• It’s not just about status updates, keeping an eye on photos that you’ve been tagged in is also important. Evidence of “carefree behavior” might have a negative impact on your reputation.

What do you do to maintain a good standing on Facebook and other social networks? Come and join in the debate with our Facebook Community or on Twitter.

More information on the Coming of Age learnings can be found at www.avgdigitaldiaries.com

In it she discusses how we cede more and more privacy control to our social contacts as our networks grow. In effect, our individual privacy increasingly becomes a “communal” affair.

According to new research, Megan says that tagged photos can reveal who we are, who our friends and family members are, where we like to eat, what neighborhoods we might live—essentially the story of our lives.

These stories can create lasting impressions. Say someone takes a picture of you enjoying an evening out with your friends in a bar—perhaps something you wouldn’t want to have posted for public consumption.

You may be in the photo, but you don’t own the photo, and so you can’t control where it’s posted or how.

The question then for anyone who wants to better manage what is shared about them online is just that: how?

Here are some things to keep in mind:

• LOCATION: Take care before posting any photo to make sure nothing in it gives away private details, such as the name of your child’s school on a t-shirt. And be sure to disable any kind of geo-tagging features your social network might provide that tell others exactly where you are at a given time.

• PRIVACY SETTINGS: Get to know the privacy settings on each of your social networks, and check them regularly. Many networks are improving the power you have in protecting your ability to enhance your privacy, but you aren’t given these settings by default.

• TWITTER: Did you know you can remove all the location-based data from previous tweets? And unless you check otherwise, even if you have a user handle that doesn’t incorporate your real name, people, such as your boss or potential employer can find you using your email address.

• FACEBOOK: It is important to disable the ability of others to tag you in their photos, so you can review and approve tags before you’re linked to photos.

• PHOTOS IN GENERAL: We live in the age of the camera phone. Photos can be taken and uploaded anywhere. Even if you disable photo tagging, you can’t control where your image appears. Live accordingly.

How do you manage your privacy? Please weigh in below, or let’s talk about it on Twitter or Facebook.

AVG update offered repeatedly

Several AVG users reported the same LinkScanner® update is being offered repeatedly, even though it appears to be successfully installed. Should you face similar situation, please proceed as indicated in this forum post.

Feel free to contact AVG technical support should you require further assistance.

Anti-Virus inactive?

AVG Forums visitors sometimes report AVG Anti-Virus component is inactive. This issue is usually caused by hardware failure. We recommend running memory and hard drive tests to check your hardware health should you face similar situation. If the tests reveal that any of the RAM modules or hard drives is faulty, please consult local computer repair shop or your computer vendor for further guidance. The respective faulty component will need to be replaced.

If the hardware appears to be perfectly healthy and the issue persists, please contact AVG technical support or describe the issue in AVG Forums to allow us investigate the issue.

System slowed down?

After installing AVG, or other programs which run in the background, some users may experience system slowdown. While the slowdown is not apparent on new computers, it may be noticeable on slightly older systems. We strongly recommend checking hardware requirements before installing similar software. AVG Free Edition minimal and recommended system configuration can be found in this forum post.

Also, please note that running more resident security applications often slows the system down. It is recommended to use only one resident (on-access) security software. If you would like to install additional software, make sure to install only the on-demand components. Having more resident security modules running may even cause trouble when removing a detected infection, at the end of the day.

In case you would like AVG technical support agents to investigate a slowdown issue noticed after AVG installation, please do not hesitate contacting AVG technical support or describe the situation in AVG Forums.

AVG LiveKive™ login issues on mobile devices

A few users reported they are not able to log into the AVG LiveKive client on their mobile devices even though the correct credentials were provided. We have induced the issue in our environment with different mobile devices as well. Here you can see an example of the error message displayed on IOS devices:

The issue is being investigated by developers at the time of writing this short article. Please accept our apology for the inconvenience. We will update you as soon as possible.

Rootkits

In the past week, we noticed several users fighting rootkits. Please note that although AVG detects rootkit-like behavior, some of the detected rootkits could be used by legitimate applications and does not mean any harm. Before removing a rootkit, make sure it is not used bylegitimate software. If unsure, please contact AVG technical support for assistance.

Please check these FAQ articles in case you would like to know more about rootkits and their removal:

What is rootkit?

How to deal with rootkits?

Modern rootkits overwriting the Master Boot Record (MBR) may sometimes prevent the MBR sector from being fixed when the operating system is running (and the rootkit itself is active). In such case, the MBR needs to be overwritten with the host operating system offline. This can be done by the Windows recovery console.

Rewriting the MBR improperly may prevent the operating system from booting. We recommend performing this operation only if you are absolutely sure or if asked to do so by AVG technical support (detailed information will be provided in such case). More information about rewriting the MBR sector can be found in this AVG Forums article. After fixing the MBR sector, we strongly recommend running a full computer scan using updated AVG to remove possible infection remnants.

Please do not hesitate to contact AVG technical support or describe the situation in AVG Forums if an infection cannot be removed or is repeatedly coming back after its removal.

The decrypted code creates a hidden IFRAME tag with malicious reference in it:

At the time of the infection discovery we have registered couple of malware-serving domains:

vjlnwoof.dhcp.biz: 146.185.255.191 hosted in Russian Federation

mvulhlky.tld.cc: 199.59.241.250 hosted in China

ring.t3.estrack.net: 220.77.243.249 hosted in South Korea

The malicious JavaScript is detected by the latest version of AVG as variant of Script/Exploit.Kit Trojan family. If recognized by AVG LinkScanner it is reported as BlackHole Type exploit.

While writing this article our sensors reported another alert on a domain Staticyonkis.com. Their advertisement delivery is infected by the same BlackHole malware. The number of blocked intrusions from this domain reported by our clients is around 496.000 hits and the number is still increasing. The VirusTotal detection ratio of this malware is rather low 7/42.

Jiri Kropac

I encourage you to read it (it’s attached to this blog post). Clocking in at a little over three pages, the paper addresses an issue that can no longer be ignored. Of course, watchdog groups, legislators, and businesses themselves aren’t taking this issue lightly.

Quite the opposite, they’ve been busy trying to define it—especially when it comes to mobile phones, the great keeper and transmitter of vast amounts of personal information.

Earlier this year, US Representative Ed Markey (D-MA) released a “discussion draft” of The Mobile Device Privacy Act, proposed legislation which would require consumer consent before monitoring software begins collecting and transmitting information.

Now, it’s important to note something about this bill. Yes, its focus on mobile privacy correctly underscores the rapid rise of the smartphone over the PC as the Internet device of choice.

But, I believe this bill is the product of fear rather than vision, and I further believe that the bill is doing more to hurt consumers than help them. It’s all because of one provocative but simple truth: Users don’t want privacy.

Now before you jump to the comments section of this post, let me clarify my position. Of course, everyone wants some level of privacy. But after listening to 114 million active users and over one million Facebook fans, we at AVG believe consumers want privacy that they define. In other words, users want control over their privacy.

Let’s face it. The smartphone is the most personal of digital devices. We use it to post family photos on Facebook. We use it to share details from our daily lives on Twitter. We use it to tell loved ones we’re running late. Day after day, hour after hour, we voluntarily choose to relinquish solitude—our privacy—to share aspects of ourselves with each other.

So you see, we don’t necessarily hold privacy sacred. We just want the right to decide what is strictly private and what is not. We want control over what personal data is collected, and how it is used.

But a recent European Union proposal would put government in control of consumers’ privacy. And the framework for protecting privacy put out by the White House calls for self-regulation with enforcement from the Federal Trade Commission. Representative Markey’s proposed legislation would leave privacy control to a largely self-regulated industry.

The problem with these well-intended proposals is that each attempts to put privacy control in the hands of government or industry, when it should be put in the hands of the people.

Give people that power and you relieve government from having to impose one-size-fits-all regulation on millions of individuals in billions of cases. Empower the user, and you give  e-commerce the fuel it needs to fly to new heights by being to develop the potential of mobile data platforms.

This is what we at AVG believe, but what do you think? Let’s talk about it here or on Facebook. Download the full report here Mobile Privacy_AVG_Final

“AVG’s solid execution across the board drove strong first quarter financial results and marked a healthy start to 2012. We are pleased with our financial performance and the fact that we have exceeded our Q1 expectations,” stated J.R. Smith, chief executive officer of AVG. “During the quarter, we grew our user base, increased our revenue per average active user and enhanced our portfolio of products and services, adding new features, such as Do Not Track.”

Click here for AVG’s full first quarter 2012 results

Over the past 18 months, we have been taking the lead in discussing how technology has fundamentally changed childhood, through our AVG Digital Diaries reports.

Our reports have been well received throughout the media, being splashed by some of the biggest newspapers and blogs on either side of the Atlantic, and each stage has provoked lots of interesting debate about this crucial topic.

With this in mind we are really delighted to have the opportunity to speak at the upcoming Cybher conference in London on 12 May. Cybher is an event for women who blog and will be a great opportunity for us to discuss the findings of our Digital Diaries surveys.

Jill Hunley, AVG’s global head of social media, will be speaking about all five stages of Digital Diaries at 11.20am and will discuss such findings as: a child has an online footprint from, on average, six months old; and the fact that more three and four year olds can play basic computer games than ride a bike.

In our latest stage, we found out that parents are often still secretly check their teenager’s social media accounts when they are 16 or 17 years old.

If you are at Cybher be sure to catch Jill’s talk or pop in and say hello at AVG’s stand. AVG will also be there in force with members of our community team taking pictures and live tweeting. Follow the tweets with the hastags #CybHer and #DigitalDiaries.

We will also follow up with a blog about the day and our activity there.

May 2012′s Patch Tuesday sees a busy set of seven ‘bulletins’ be released for public consumption. Three are classified as ‘critical’ and four as ‘important’ with a total of 23 vulnerabilities being highlighted.

The fixes themselves are channelled towards issues that have been highlighted within Microsoft Office, the Silverlight application framework for Internet apps, and the .NET programming platform.

Of note is the fact that bulletin #2 impacts all three of these technologies. Also of note is the fact that bulletin #1extends backwards to impact Office 2003 and Office 2007 editions with a ‘critical’ rating on Windows and an ‘important’ tag for Apple Max OS X users.

Patch updates can be brought into action on Windows machines using the Microsoft Update service or by using update management software. The MS12-029 #1 bulletin is said to be the highest priority at this time as this Microsoft Office vulnerability could be used to gain control of a user’s machine without requiring the user’s interaction. Reports suggest that simply viewing an attached file in the ‘preview’ pane of Outlook is sufficient to trigger an exploit based upon this flaw.

Microsoft says that an attacker who successfully exploited the vulnerability could gain the same user rights as the current user; but users whose accounts are configured to have fewer user rights on a networked system should be less impacted than users who operate with administrative user rights.

In line with Microsoft’s software fixes we now also see Adobe’s monthly patch release timed to coincide in synch — and Adobe’s May 2012 addresses five vulnerabilities in the company’s Shockwave player.

The release of these patch fixes does not necessarily mean that vulnerabilities have been widely exploited, or indeed exploited at all — although they do though exist as a call to both users and IT administrators to install the latest updates as soon as possible in order to lock down their data security.

Well so has the Economist blog, which posted an interesting article about why the breakup of Czechoslovakia in 1993 might have led to three big players in software security, AVG, Avast and Eset, emerging from the rubble of Communism.

The article concludes that fighting the Internet’s hackers may somehow be in the Czech DNA.

Martin Rehak, Head of Cognitive Security (CoSe), a firm that monitors internet traffic for anomalies that might signal industrial hacking or “advanced persistent threats” says: “We’re not criminals at heart, but we can think like them.”

For the whole story click on Security Czechs

Livewire Mobile will provide Android app stores for mobile network operators and handset manufacturers that are security checked by AVG.

Livewire Mobile will host and manage the new app stores on its Daius platform. Every app being offered to consumers will be pre-screened by AVG’s technology and every app update similarly screened on the device following the initial download.

AVG’s Mobilation® for Android security solution will be made available free of charge to every user of the secure app store to complete the security clearance process.

AVG CEO JR Smith explains the need to protect smartphone users: “The growing use of mobile devices to connect to social networks and entertainment services has made it a preferred method for cyber criminals to spread malware.”

JR points out that our recent AVG Q1 2012 Community Powered Threat Report reported a major increase in the use of social networks such as Facebook and Twitter to target Android users by tricking users to install malicious apps on their devices.

He adds: “In 2011 alone, Google removed more than 100 malicious apps from the official Android market, Google Play. This joint offering with Livewire Mobile will help give Android users peace of mind to use their phone apps to interact with their favorite social networks and entertainment services safely.”

Livewire Mobile COO Dave Moreau believes that while Google has made great advances in providing security for Google Play, malware, viruses and privacy are all significant issues for smartphone owners.

“The solution we have put together with AVG provides an innovative “clean” service for consumers and helps MNOs and handset manufacturers deliver on their duty of care to their customers.”

A few AVG users reported that the AVG Firewall is blocking the Guild Wars 2 game client update. Please proceed as indicated in this AVG Forums post should you face a similar issue. Raymond G. published a short PDF guide on how to change the AVG Firewall configuration in order to allow Guild Wars update properly in the linked Facebook discussion.

Should the issue persist, please do not hesitate to contact AVG technical support or describe the situation in AVG Forums.

AVG Service Pack 1 released

Please be informed that we have released a cumulative service pack 1 program update (AVG program version 2012.0.2127). The program update availability is limited to some regions at the moment in order to prevent overloading our update servers. The availability restrictions will be eventually removed and the update will be distributed to all users. More information about the AVG 2012 Service Pack 1 could be found in these AVG Forums posts:

AVG Free Edition

AVG paid for versions

AVG compatibility with Firefox 12

We are happy to inform you that AVG 2012 compatibility with Firefox 12 has been fixed with the recent 2012.0.2169 program update. In order to be able to install this update, AVG 2012 Service Pack 1 needs to be installed already (AVG program version 2012.0.2127). Please refer to the previous paragraph for more information about the Service Pack 1 update.

After the AVG 2012 Service Pack 1 is installed, simply click the Update now button to install the program update:

Trojan horse infection

AVG Forums visitors have recently reported a couple of Trojan horse infections which appeared to be difficult to remove. Should you face any trouble removing an infection detected by AVG, please check this AVG Forums thread for a few tips on how to remove infections. An infection is sometimes coming back when stored in the System Volume Information folder. You can disable the operating system’s restore functionality temporarily in order to remove the malware from this location as described here.

If the infection is still coming back, it could be accompanied by an undetected rootkit. We recommend scanning your computer using updated AVG Rescue CD in such case. AVG Rescue CD is able to remove known rootkits easily.

Please do not hesitate to contact AVG technical support should you require assistance with infection removal.

Disabling AVG Secure Search after removing the AVG Security Toolbar

A few AVG users mentioned that the AVG Secure Search configuration remains present after removing the AVG Security Toolbar (more information on removing the AVG Security Toolbar can be found in this FAQ article).

The procedures described in the previous weekly overview were unable to completely remove search provider remnants from all browsers, therefore we have updated the procedures and posted them in AVG Forums.

Please refer to this AVG Forums thread, if you wish to change the default search provider in your browser(s).

Alternatively, you could find detailed instructions in one of the following FAQ articles:

AVG Free Edition

AVG paid for versions

I’d like to congratulate each and every one of our Facebook community members and AVG employees for this tremendous accomplishment.

One million fans. Not even such incredibly social-savvy companies as United Airlines, VISA, Virgin Atlantic or Zappos can revel in having such a large Facebook community.

Many talk about the engagement and interaction that companies derive from large, active communities on Facebook and the benefits this can bring. But at the same time, and more importantly for AVG, it’s about the benefits the community can derive from us.

Our business is online security. When one million parents, students, business professionals, road warriors, gamers, and other people just like you stop by AVGFree on Facebook, it’s our job to make sure they walk away with all the information they need to keep their families, their workforces and themselves safe online.

But at the same time we are not just telling people what to do. We use blog posts, surveys, contests, videos and other content and activities that truly engage our community members. We inform them of safe web habits. We alert them of the latest threats. We recognize and engage our community of advocates and VIPs, so they will continue to help us protect users. We ask. We listen. We respond.

This is how we protect us.

Why is one million fans a big deal? Because there is “safety in numbers”. The bigger our community, the more power we have to help people protect themselves online.

But we’re not done yet, because there’s many, many more to win over, in fact 901 million Facebook users, all using computers, laptops, notebooks and mobile phones to connect to the web.

One million down, 900 million to go.

AVG and I are extremely committed to all internet users and are driven to protect you by making you our customer and part of our protected online community.

Join me and AVG’s community of one million users on AVGFree.

We asked presenter Amanda Monks to go along and produce a short little video of the event in London’s Soho Hotel. Check it out to see what she found out.

AVG Digital Coming of Age study launch event

The Website Safety badges are completely free and can be used in a number of ways to increase trust and interaction with your users.

Simply take a look at the variety of Safety Badges available below, pick one you like and copy the relevant code to your webpage or blog. Each one offers something different and will display assorted safety information so there is one for everyone.

AVG Website Safety Badge

This allows you to show the world that your website is safe thanks to the daily safety check performed by AVG ThreatLabs engines and world wide community of AVG users.

By clicking on the widget you allow your visitors to see your website safety report.

Here’s the code you can copy and paste straight away:

<!– Do not modify below this line –><div id=”avgthreatlabs_safetybadge”><noscript><a href=”http://www.avgthreatlabs.com?utm_source=H&utm_medium=NA&utm_campaign=SBW” target=”_blank”>AVG Threatlabs</a></noscript><script language=”javascript” src=”http://www.avgthreatlabs.com/security-badge/js/security.js”></script></div><!– End –>

AVG Domain Safety Widget

Some of you may know this one already. It’s a well known domain safety check box, we have on our AVG Threat Labs portal. Initially it has been offered for webmasters and bloggers interested in providing security tools on their website.

Given all feedback we received to date, we decided to offer now this search box as stand alone widget available for everyone who wants to be safe online.

This widget allows you to embed a search box on your website, so that a visitor can look up the safety of any site on the web from your website. Here is the code:

<!– Do not modify below this line –><div id=”avgthreatlabs_safetyratings”><noscript><a href=”http://www.avgthreatlabs.com?utm_source=H&utm_medium=NA&utm_campaign=SRW” target=”_blank”>AVG Threatlabs</a></noscript><script src=”http://www.avgthreatlabs.com/scripts/widget/domain-search-widget” type=”text/javascript” charset=”utf-8″></script></div><!– End –>

AVG Top Infected Sites Widget

This widget allows you to embed a list of the websites that have generated the greatest number of threat detections over the last 30 days.

Each link then goes to the full site report of that website on AVG ThreatLabs portal. This one has been designed for webmasters and bloggers interested in websites security data.

<!– Do not modify below this line –><div id=”sites_with_most_detections_widget”><noscript><a href=”http://www.avgthreatlabs.com?utm_source=H&utm_medium=NA&utm_campaign=TSW” target=”_blank”>AVG Threatlabs</a></noscript><script language=”javascript” src=”http://www.avgthreatlabs.com/stc/tpl/crp/script/threatlabs/topsites_mostdetections.js”></script></div><!– End –>

Let’s summarize

AVG Safety Widgets are super easy to implement, they increase the trust in your site, they may improve your conversion rates… they are FREE!

AVG SMB Security Boot Camp: Part Eight- Developing a Security Policy

Creating a company security policy need not be a major headache. Approach the process knowing that every element of your IT you lock down is one less weakness in your business.

The key to this task is making your security policy bite. It needs to have teeth and it needs to be enforceable. This means that breaches of policy do not go unrecorded without action being taken upon employees themselves. Making your security policy part of your terms and conditions of employment is the only sure fire way of achieving this.

Before laying down a set of unworkable over stringent control measures, it is important that you talk to all departments (or all employees if the business is smaller) to not only get buy-in to the process, but also to ensure that you take into consideration the operational needs of each business function without rendering them unworkable.

As crucial as it is to gain departmental employee-wide buy-in and acceptance of your security policy, it must also be fully endorsed and supported by senior management, Human Resources and the business owner. This must form part of your foundational first steps.

Keep things realistic and do not try and mitigate for every IT security issue imaginable. Technology shifts rapidly, so make this a living document that can be augmented and adapted over time.

Your first IT security policy should probably have a shelf life of around three to five years, but a constant process of revision and maintenance of the document is essential to keep the information relevant.

You should aim for clear and precise use of language. The most obvious pitfall that exists here is employees claiming that they did “not understand” the policy document. For example – don’t say “stipulations” when you can simply say “rules” and so on.

Clearly state to whom the company’s security policy applies to. This should extend to “any user of the company’s equipment and facilities” including temporary staff, company partners, third party consultants and even remotely connected overseas users.

Establish roles and responsibilities at the outset. Compartmentalize your policy if necessary so that different departments or employees have different usage privileges and rights. This may not happen until the second revision of your policy, but keep it front of mind.

Your security policy should encompass how employees “deal with” data from a storage, transmission and transactional perspective. Basically, if company data is on the move, then your policy needs to know about it.

Above all, make your IT security policy achievable. Create it in a form suitable to fit your business and your firm’s culture. It should show that you have performed due diligence to mitigate risks and threats to your business.

Be authoritative, be reasonable and be clear. Your goal is to reduce ambiguity and provide clarity. A sound IT security policy is the foundation of any sound business model so start creating yours today.

AVG SMB Security Boot Camp: Part Seven- Social media and staying safe

Social media has migrated from home and personal use firmly into the business world after proving its worth in terms of helping connect and communicate like minded individuals and friends.

Where once Facebook and Twitter were consigned to employee lunch breaks, they are now being used to build brand awareness and offer improved customer service.

But any Internet-based communication mechanism is likely to find itself susceptible to hackers and purveyors of malware and spam.

Social media is no exception here, so a social media computing policy should be an additional control to allow any SMB to make the most of these technologies without compromising their data or systems.

Like a mobile worker policy, a social media policy should form part of your business’s security policy, even for SMBs with fewer than 10 employees.

It is important to remember that social media brings many users together into one place at one time, so for hackers this is a great hunting ground.

Social networks are built on user and community trust; so users often lower their guard and are more likely to click on links sent from their contacts, industry colleagues and friends. But user profiles can be easily “hijacked” and used to send personalized notes containing viral links to an individuals’ contacts. Internet security protection that checks the safety of links “before” a user clicks on them is a good start in keeping protected.

Creating an imposter profile on a social media service is extremely quick and easy to do – and a whole list of celebrities have been hacked. URL shortening services make it easy for hackers to disguise malware-laden links and distribute viral attacks.

Connected web services often ask a user to allow access via another service, such as “sign in using Facebook”. This can allow hackers to penetrate far and wide and gain access to additional information that could compromise your data or your company if you have business sensitive data stored on your smart phone or laptop.

Next steps:

• Write a social media security policy for your business.
• This should include protocols about engagement with customers online, downloading apps and games, using IM services and also do and don’ts when using social media to ensure your business is kept safe.
• Educate employees on security safety and warn them of common risks encountered through social media.

AVG SMB Security Boot Camp: Part Six- The Mobile Workforce

The opportunity to work on the move has been firmly grasped by small businesses all over the globe. Neat, fast and clever consumer technologies and gadgets have been easily adapted to meet the needs of the small business.

For the employer, it appears to be a no brainer. Employees being able to work productively whenever and wherever through an Internet connection is appealing in itself; and then there is the saving in expensive office space or facilities.

However, whereas workers may be up to 50% more productive and businesses may save on fixed costs, there are some pitfalls to beware of.

A simple fact: Mobile connections will never be as safe as on-premise “hard wired” connections.

So mobile connectivity to the company network brings with it implicit risks as data is transferred. This means educating your mobile workers on staying safe and protecting your data.

Next steps

Write a policy document that outlines some do’s and don’ts for mobile workers. Here are some tips:

1. Don’t connect to a free Wi-Fi connection in a public place unless it is advertised by the café owner and is secured with a password key.
2. Do not engage in any ecommerce or commercially sensitive operations from public Internet connections; wait until you are in a secure environment.
3. If you supply your staff with a smartphone then explain the risks of downloading apps from the Android Market, some of these contain malicious code that could steal your data.
4.  Be wary of location-based mobile apps that require additional user information to be shared. Location tracking and your privacy could be compromised.
5. Close your Bluetooth connection when in public places.
6. Ensure you have the latest mobile security in place to help protect against fraud and viruses.

The AVG Web Threats Research team found this little landmine on Twitter in the last week. We suspect it was planted by a Blackhole operator.

Clicking on the “free Antivirus” link takes you to the nearly inevitable:

And, if an unsuspecting Twitter user is innocent enough to click through the download boxes, the result is a recent rogue clone: Windows Guard Solutions.

And, that’s not all. The site also is loading exploits in the background so even if the user is smart enough to tell it’s FakeAV they still get nailed with malicious code. AVG LinkScanner warns of two Blackhole features and three rogue features on the site.

If you’re a Tweeter, be aware that clicking on links in Tweets can take you places you really don’t want to go. Use an antivirus product on your PC and use common sense.

2. Blackhole-linked spam

Operators using the Blackhole exploit kit have been using spam emails to lure potential victims to sites that download malcode. Below are some examples that we’ve investigated:

Site impersonated: Apple Store

Site impersonated: any bank

Site impersonated: LinkedIn

Site impersonated: PayPal

Site impersonated: U.S. Bank

3. Rogue security products clone graphic interfaces

The criminals running rogue security product scams have continued cloning their products and renaming their graphic interfaces.  Below are some we’ve seen in the last week:

Clone name: Windows Efficiency Reservoir

Clone name: Windows Cleaning Tools

Clone name: Windows Component Protector

Clone name: Windows Warding System

Clone name: Windows Antivirus Patch

Clone name: Windows Shielding Utility

Clone name: Windows Care Taker

4. Amex Phishing

The AVG Web Threats Research Group encountered the below American Express phishing scheme in the last week. The spam email tries to convince American Express users that the email address in their account has been changed and provides a link to fix the problem if the change was not correct (which of course it isn’t).

The phishing site steals not only the victim’s Amex login information, but Social Security number, mother’s maiden name and credit card data. One big giveaway to the scheme is the fact that the URL of the site is clearly not that of American Express.

– AVG Threat Research Group

So what did the first quarter of 2012 Q1 2012 reveal in terms of threats?

Blackhole Toolkits:

Cyber criminals are adopting an increasingly entrepreneurial attitude through the marketing of ‘commercial’ crimeware kits.  These kits are available to purchase online and effectively give anyone the tools to become a cyber criminal.

This quarter, other commercial crimeware kits lost market share to the most advanced crimeware offering, the Blackhole exploit kit.

During 2011,AVG research shows that the Blackhole toolkit was most popular  and the toolkit of choice for cyber criminals, with AVG research showing that on average, 70 per cent of attacks were performed by variants of Blackhole.

Blackhole is a sophisticated and powerful exploit kit, mainly due to its polymorphic nature, and it is heavily obfuscated to evade detection by anti-malware solutions. These are the main reasons why it has a high success rate.

Commercialization of crimeware

Blackhole creators ‘commercialized’ their product by providing a subscription-based service. Budding cybercriminal buy the rootkit and then try and sell it on to recoup their investment and are therefore also breaking the law.

But what is really interesting is that the Blackhole creators have found a novel way to hold onto the money stream by releasing updates to subscribers only and thereby reducing the numbers of non-paying customers.

Due to the illegality of the practice, it is reasonable to assume that the Blackhole creators expect some of their customers to redistribute or resell copies of the tool kit that they purchased. This is software piracy but because the software itself is illegal, it is not possible to seek legal redress through the normal legal channels.

Is the new Blackhole business model planned obsolescence?

We cannot rule out the possibility that the Blackhole creators don’t try too hard to encrypt the exploit code. Decrypting Blackhole isn’t particularly difficult for anti-virus researchers.

The ease of decryption of the code by the security industry provides a sort of ‘planned obsolescence’ of the creators’ product, meaning any version of the kit which is more than a few days old would be useless.

This allows the creators to create a revenue stream from new versions, which they release as updates only to paying subscribers.

With the planned obsolescence business model, the Blackhole creators are assuring themselves of a recurring stream of revenue from their subscribers.

Social infections and Android:

Consumers are going mobile and so are cyber criminals.

It is no surprise that as more consumers access their favorite social media platforms  through their mobile device that cyber criminals have realized that this a route to a large number of potential victims.

Cyber criminals create malware that spreads on social networks and infects mobile devices to discreetly SMS premium rate numbers at great cost to the compromised party.

The Android platform, with its significant market share, is a big focus for cyber criminals, but social networks are also an increasingly popular channel of attack.

About the report

The Threat Report is put together by collecting data from AVG’s millions of users over a three month period. The gathered data provides an overview of web, mobile devices, spam risks and threats. All statistics referenced are obtained from what we call the AVG Community Protection Network.

The AVG Community Protection Network is an online neighborhood watch, helping everyone in the community to protect each other. Information about the latest threats is collected from customers who choose to participate in the product improvement program and shared with the community to make sure everyone receives the best possible protection.

You can download and read the full AVG Community Powered Threat Report for the first quarter of 2012 from the AVG.com press site here.

What are cookies and what should users know about handling them?

Almost every PC user will have at some point or another come across cookies when using a browser to surf the Internet. Do you want to accept cookies? Do you want to enable cookies, block cookies and of course delete cookies? These are all questions that most of us have been asked by our machines at some point over the years.

What are cookies anyway?

A cookie is a small data file containing information about a particular website and a user’s history and track record of visiting the site itself. A cookie file may be updated just once, or multiple times if a user revisits a site’s various different subsections and engages in different levels of registration or other interactivity.

The cookie file can be updated by both the user’s own computer and also by the web server where a particular website’s pages “live” in cyberspace. When a user submits information to the website during normal usage, data is written to the cookie file.

Cookies can of course be deleted, but while a user agrees to leave them actively enabled on his or her machine they will continue to play a role communicating with a website’s “scripts” (small computer programs), which have been specifically built to talk to cookies to learn what preferences a user may have for any particular web pages.

Given this basic amount of detail on what cookies are and how they work, you can see that they are not necessarily a bad thing. Most users would probably agree that they are happy about their favorite websites knowing who they are so that they can be presented with custom-tailored content specific to their likes and interests.

Why is there a negative view of cookies?

So while it is true that cookies will only ever be able to store information a user has willingly given up and submitted, something of a negative aura has arguably been created around the residency of cookies on users’ machines. This may be down to natural user skepticism related to some “fear of being watched”, but the presence of cookies from websites that have been ranked as safe by a user’s anti-malware Internet security protection software do not necessarily or automatically pose a threat to a machine’s data and applications.

Indeed, the apprehension borne out by some user’s discomfort with cookies has been reflected in moves taken in the European Union by the Privacy and Electronic Communications Directive. This edict, is intended to require web site owners to seek consent from users before they can send cookies to their machines.

With public policy cookie guidelines about to now solidify, reports have suggested that there are as many as 14 tracking tools in action on many sites today. The prevalence of this many tools could mean as many as 140 cookies and trackers are working together on any single webpage that users will typically visit.

Some users also think that the “stockpiling” of cookies by their machine will use up valuable hard disk space and potentially slow their computer down. This should not generally be a concern; cookies themselves are typically very small files of around 4 kilobytes, so 300 cookies would take up just over one megabyte of space.

The other main “concern” that has evolved from the use of cookies is related to website advertising i.e. if a site starts sharing cookies with services driving commercial advertisements to the user’s browser then this can quickly be perceived as “invasive” in some instances. In fact, just over two thirds of cookie/tracking technology has been estimated to belong to third party advertisers.

The upshot of current governmental discussion (in Europe at least) are the now fairly hard hitting comments that have been made by the Information Commissioner’s Office (ICO), which has said that website owners “must try harder” in terms of complying with new cookie laws. The ICO wants companies to present cookie information “upfront” and tell people that cookies are present, what they are doing and, ultimately, to request users’ consent to store a cookie on their device before doing so.

So-called “zombie cookies” do exist that will persist on a user’s machine after repeated deletion (a trick accomplished by a script writing them to the computer in more than one place), but for the purposes of this overview we can classify zombies as malicious and therefore a target for Internet security software.

So is a cookie a piece of malware or a computer virus of some form? Unless your security software flags it up as such, the answer is no.