News and Media Releases from AVG (AU/NZ)

AVG Threat Labs to Provide Innovative, Free Detection Tools to Internet Community

Wed, 01 Sep 2010 14:00:00 GMT

AVG Threat Labs to offer Customers Quantitative, Qualitative Insight to Internet Threats, Scams

MELBOURNE and AMSTERDAM, 2 September 2010 - AVG Technologies, developers of the world's most popular free anti-virus software, today announced a limited public beta test of its new online tool, AVG Threat Labs. Designed to help consumers combat criminal elements on the Web, Threat Labs is an innovative online information portal that merges the quantitative Web threat detection data that AVG routinely collects from its almost 100 million users with data from AVG's LinkScanner technology.

AVG users with LinkScanner already installed are protected in real-time from sites containing malware. Threat Labs complements this software by enabling the user to type in the URL of a specific Web site to gather more information. Users not currently using AVG software still benefit from visiting Threat Labs as this unique tool provides an instant and complete safety analysis of a Web site including detection statistics, a detection timeline, an analysis of linked sites and a detection map. AVG's Threat Labs augments AVG's existing free, downloadable anti-virus software and enhances the company's unique "people powered protection" approach to security.

"Web threats are constantly evolving and it is our mission to provide consumers with the resources they need to not be victims of Internet crimes," said JR Smith, Chief Executive Officer of AVG Technologies. "What really excites me about Threat Labs is that it is all about what makes AVG a different security software company from our competitors because it is based on people powered protection. From the standard AV tools and malware detection, to more cutting edge resources like threat labs and our new social media tools, AVG is committed to a product line that is effective against the risks we understand today and the threats that are evolving as we speak."

The full consumer launch and availability of AVG's Threat Labs is slated for late September 2010. It will be part of a set of tools for the AVG Internet Security suite to help consumers more safely navigate the murky waters of social networks, as well as resources such as Threat Labs that bring together the quantitative data with reputational data to empower consumers on the Web. AVG's product suite will create a global army of citizens, nearly 100 million strong, working together to thwart Internet crime.

AVG Threat Labs Beta can be accessed at http://www.avgthreatlabs.com/sitereports. AVG Anti-Virus Free or AVG LinkScanner® can be downloaded free of charge.

AVG Technologies and MokaFive Partner to Secure Virtual Desktops

Tue, 24 Aug 2010 14:00:00 GMT

World’s first integrated solution automatically protects security of virtual environments

Melbourne and Amsterdam, 25 August 2010. - AVG (AU/NZ) has announced that AVG Technologies, makers of the world’s most popular free anti-virus software, has formed a partnership with MokaFive™, the virtual desktop management company. The partnership adds a critical security layer to the virtual desktop marketplace, as more enterprise companies are turning to desktop virtualisation as a secure solution for bring your own computer (BYOC) and work from home initiatives for employees.

With this announcement, AVG Anti-Virus is now integrated into the MokaFive virtual desktop management suite to provide the industry’s first complete solution for a secure virtual desktop that can be deployed directly on the end user’s personal machines. The solution enables consumers who work for enterprises to use AVG’s free software to protect their personal workspace, while at the same time assuring that sensitive corporate information contained in the virtual desktop is always kept safe.

Driven by the continued growth in virtual desktops, expected to grow to 49 million units worldwide by 2013 (Gartner, Mar 2009), virtual desktop security presents a new set of security challenges. AVG, which boasts the world’s largest consumer security user base, at 110 million users worldwide, is in a prime position with its consumer focused, enterprise-strength solutions to protect virtual environments on consumer desktops and laptops. Millions of customers already trust the security of their physical desktops to AVG, and now users can enjoy the same level of protection for their corporate-issued MokaFive “LivePC” virtual desktops. With this partnership, AVG is now extending its leadership in endpoint security to both physical and virtual machines.

“Virtual desktops are the future, and AVG strives to be at the forefront in providing integrated security solutions for users,” said JR Smith, President and CEO of AVG Technologies. “As the world’s leading provider of consumer security tools, we are pleased to partner with MokaFive to protect the security of virtual desktops as these become the de facto end-user computing environment.”

“MokaFive is continuing its lead in virtual desktop management by extending the security perimeter of the enterprise to users’ personal machines,” said Dale Fuller, MokaFive CEO. “With the addition of AVG’s award-winning anti-virus, MokaFive enables corporations to offer flexible work from home and BYOC initiatives without compromising security.”

Availability:

AVG anti-virus is the latest security feature included in the MokaFive Suite, ensuring the security of virtual desktops on any host device regardless if it is Macintosh or Windows. For details on capabilities and benefits, please visit www.mokafive.com or contact sales@mokafive.com.

Turkey and Russia Feature the World’s Riskiest Web Surfers

Mon, 23 Aug 2010 14:00:00 GMT

AVG study looks at the safest and most dangerous places to surf the Internet - Australia No. 37th and New Zealand No. 63rd riskiest

Melbourne and Amsterdam, 24 August 2010. Where in the world are you most likely to be hit by a malicious computer attack or virus? According to Internet Security company AVG Technologies, it’s the Caucasus region, with web surfers in Turkey, Russia, Armenia and Azerbaijan all being the most likely to face threats while online.

However, at the other end of the scale, some of the world’s safest surfers can be found in Japan and Taiwan, while seven of the 10 safest countries in which to surf the Internet are in Africa. As a continent, South America was ‘safest’, and North America ‘riskiest’. Meanwhile, globally your chances of being attacked while online on any given day are 1 in 73.

By compiling data for 144 countries (including Australia and New Zealand), involving 127 million PCs, AVG was able to look at the incidence of security threats that its software had to deal with in the last week of July 2010. From these figures, AVG was able to average out the likelihood of the average web user facing a web security attack. Key results are as follows:

Turkey leads the league table for the world’s riskiest web surfers, with AVG’s software having to step in to protect one in 10 using the Internet. Web users in Russia (1 in 14 were hit), Armenia (1 in 24), and Azerbaijan (1 in 39) also suffer high rates of attacks.
Other areas where web surfers are disproportionately at risk include Bangladesh (1 in 41), Pakistan (1 in 48) and in SE Asia, Vietnam and Laos (where the chances of facing an attack are both 1 in 42).
Closer to home Australia ranked 37th (1 in 75 attack ratio), while New Zealand came in at 63rd (1 in 103).
What about other major Western countries? The US is at number nine when it comes to the riskiest places to go online (1 in 48), UK is ranked 31st (1 in 63), while German web surfers come in at number 41 (1 in 83).
However, other major developed nations fared much better with web surfers steering clear of suspicious websites. Though Sierra Leone (1 in 692) and Niger (1 in 442) were ‘safer’, if you look at broadband penetration in these countries as well as overall Internet use, surfing the web in Japan (1 in 404 attacked) arguably offers the safest experience.
Meanwhile Taiwan (1 in 248 attacked), Argentina (1 in 241 attacked), and France (1 in 224 attacked) all came in the top 20 list of the world’s safest surfers.

South America and Africa 'Safe'

Analysing the data by continent, your chances of getting attacked while surfing the web in North America are 1 in 51. In Europe it is 1 in 72, while in Asia (including Asia Pacific) it is 1 in 102. The safest continents are Africa (1 in 108), and by a long way South America (1 in 164).

While African countries make up seven of the top 10 ‘safe surfing’ list, it’s noteworthy that the chances of being attacked in all South American countries is more than 1 in 100. The ‘riskiest’ country in South America was Peru at 1 in 131, which globally still only ranks 78th out of 142 countries.

AVG Urges Travellers to Keep Safe

According to AVG spokesperson, Roger Thomson, "This research tells us a lot about the typical behaviour of web surfers worldwide. Internet users in Turkey, Russia and some Central Asian countries, the Caucasus, South-east Asian and Indian sub-continent states show disproportionately higher rates of being attacked than the global average of 1 in 73.

"Some of this may be a tendency to access semi-legal or illegal download sites, while some of it probably is down to being less cautious when it comes to sharing links and files online. For example, it’s worth noting that in Japan where both Internet use and broadband penetration are high, AVG software only picked up a web attack for every 403rd user. Awareness levels in Japan about risky behaviour online are probably higher.

"However, our research should also serve as a wake-up call to people going abroad. Very often you may access your files on a computer that doesn’t belong to you, or you may access a shared network - neither of which incidentally are things we would ever recommend.

"In those cases, we would urge that web users exercise caution, not only when it comes to going online in our top 50 risk list, but in general.

"Finally the key point is that all these web attacks were successfully caught and stopped by AVG. Even the global average of facing a 1 in 133 attack on any given day does not present great odds if averaged out across a year. Hence the importance of making sure that your computer really does have the right antivirus software installed," Thomson concluded.

Make sure you're safe while surfing the web:
Download AVG Anti-Virus Software.

Security Fears and Cloud Computing: Building Trust In New Data Delivery Models

Mon, 23 Aug 2010 14:00:00 GMT

Cloud computing could fundamentally change the way businesses adopt new applications and computing power but it also introduces new threats from a security perspective.

Melbourne and Amsterdam, 17 August 2010 - Cloud computing has been widely heralded as the "next big thing" in technology circles. At the same time it has arguably been overcomplicated in terms of the way it has been described.

Peter Baxter, VP Sales Strategic Partners at AVG Technologies, says: "What if we told you that Hotmail was a good example of cloud computing, would that make it more straightforward? The concept really is as fundamental as a user tapping into a data centre via his or her Internet connection to get access to an online service, which in this example would be Hotmail email.

"Let's expand this definition while still keeping it simple. As our web usage has become more sophisticated and web pages themselves have become more dynamic, the definition of an online service has progressed," Baxter says.

"Where we once used the web to find information, we now interact with the web as its services have evolved to become applications in their own right. These services now exhibit computer functionality in the same form that you would expect to get from our own PC."

Did You Know:

Cloud computing is bound by the same trust issues as any other technical service, but with the additional complexity of adding another layer of abstraction.
If architected and deployed correctly, cloud computing can bring new, more scalable streams of computing power.
Security thought-leadership association, the Jericho Forum, has outlined steps companies should take before signing up to cloud services in its Cloud Cube Model.
AVG LinkScanner® safe search and surf technology can apply more than 100 different potential threat indicators to a web page.

So cloud computing power begins life in a centralised data centre and is then delivered to users as individuals, or on an aggregated level to an entire company. This so-called enterprise level rung of the computing ladder is where we would use the term Software-as-a-Service or SaaS.

Cloud Computing Without Trust is Just Low-Hanging Fog

If cloud computing is delivered (and quite crucially, also deployed) intelligently, it is a positive game changer as it has the potential to deliver real cost savings through the sharing of hardware and software resources that its operation naturally dictates. Compound this fact with the efficiencies that can be brought about in terms of flexibility when demand for IT escalates (or equally declines) and it is clear to see that this cloud computing paradigm has an important place to play in modern data centres everywhere.

The caveat here though is that cloud computing requires trust in the service provider who hosts the data centre and without trust we have no guarantee of security.

So how do we move forward? Well, while cloud computing is still in its adolescence (comparatively speaking) we need to examine how much data the business will expose to externally outsourced computing power.

Security guru Bruce Schneier recommends a closer examination of the security issues related to moving more resources to the cloud. "IT security is about trust. You have to trust your CPU manufacturer, your hardware, operating system and software vendors - and your ISP," Schneier states on his blog, 'Be Careful When You Come to Put Your Trust in the Clouds'. "Any one of these can undermine your security: crash your systems, corrupt data, allow an attacker to get access to systems.

"When a computer is within your network, you can protect it with other security systems such as firewalls and Intrusion Detection Systems (IDS). You can build a resilient system that works even if those vendors you have to trust may not be as trustworthy as you like," says Schneier. "With any outsourcing model, whether it be cloud computing or something else, you can't. You have to trust your outsourcer completely. You not only have to trust the outsourcer's security, but its reliability, its availability and its business continuity."

How Do We Get Inside the Cloud?

The Jericho Forum has developed a series of strategies that it believes companies should adopt when dealing with cloud computing providers. These strategies are encapsulated in what is known as the Jericho Forum's Cloud Cube Model, which discusses the key factors that companies should consider before entering into an agreement with a vendor or service provider.

Adrian Secombe, Jericho Forum board member and chief information security officer for the pharmaceutical company Eli Lilly, says: "The cloud approach to organising business can be both more secure and more efficient than the old-style silo structure.

"Viewed from a different perspective it opens a potential Pandora's Box of security nightmares… not least of which is loss of data confidentiality and integrity.

"A carefully analysed and chosen approach to implementing cloud computing can bring those security issues back under control," says Secombe. "It's essential to get the foundations right and for each business to develop a cloud model that enables consumerisation, drives down cost and reduces risk."

Apart from the potential trust concerns associated with migrating email to a hosted managed service provider, there do not appear to be any specific security threats posed by such online applications themselves.

However, up to date anti-malware software such as AVG Internet Security Business Edition can provide an invaluable protection layer for mission critical systems.

AVG's LinkScanner free software for Windows and Mac also helps to prevent web-based attacks, which could 'potentially' be integrated into cloud-based applications and associated websites. LinkScanner actually uses a cloud-based database for part of its assessment as to whether a particular website is hosting malicious code.

"AVG LinkScanner can apply more than 100 different potential threat indicators to a page. If the result is inconclusive, LinkScanner then makes a call to the cloud to check a multitude of phishing feeds plugged into the AVG research network to make a final determination regarding threat potential," Baxter states.

While cloud computing may not ultimately live up to all the hype that has surrounded it, it appears to be the logical way for the next generation of computing to develop. It's safe to say that most businesses will eventually adopt at least some aspects of the model - especially if it proves to be more economical and flexible.

"The need to trust whoever is providing the cloud service appears to be an inescapable reality but it is also apparent that there are some steps that companies can take to mitigate risk - from high-level modelling to more tried-and-tested approaches to Internet and hardware security," Baxter concludes.

What To Do

Check out the Jericho Forum cloud computing cube model before entering into an agreement with a vendor or an ISP.
Analyse how much data you will be exposing to outsourced computers and how much risk this puts your business at.
Use up to date anti-malware software such as AVG Internet Security Business Edition to protect mission critical systems.

See also AVG Technologies' CEO, J.R. Smith's blog - Security must be a key consideration when considering cloud computing.

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

AVG Independently Ranked On Top For Protection

Tue, 17 Aug 2010 14:00:00 GMT

AV-Test Product Review and Certification Report - Q2/2010.

Melbourne, 18 August 2010 - From time to time you might read some heated debate online concerning comparisons between antivirus applications. Everyone has their own favourite, and will defend their choice in the strongest language possible, even in the face of evidence against. That aside, in order to make an informed decision about the best way to protect yourself online, it's good practice to seek an unbiased review.

Enter AV-Test. This is an independent security test site dedicated to providing rigorous, performance-based reviews of antivirus and data suites, committed on a quarterly basis. The latest report is now available, and it pits AVG Internet Security against 18 other antivirus programs, running on Windows 7.

What will come as no surprise to you is that AVG Internet Security comes out right on top with a protection score of 5.5 out of 6, alongside well-known competitor Symantec, and above our esteemed "rival" Avast. Six of the products submitted for testing by other security vendors failed to be awarded an AV-Test certificate.

Now, to be clear, our intention for posting this information is not to crow about how great we are, but to provide some outside analysis. We'd like you to feel secure in selecting AVG as your antivirus of choice. We want you to know that we've got your back covered 24/7, and that we're constantly upgrading and improving our software to make sure you have the best protection possible - and now we have independent proof.

We recommend that you share this information with anyone who is on the fence about choosing an antivirus application, and let them know that we're available at any time to answer questions or concerns about this increasingly dangerous online world we live in.

Creating an Illogical Password to Beat the Bad Guys

Mon, 16 Aug 2010 14:00:00 GMT

AVG (AU/NZ)'s Guide To Password Best Practice

Melbourne and Amsterdam, 17 August 2010 - It's a sad fact, but people don't take passwords seriously enough. You could almost write a comedy sketch about the 'obvious' passwords that so many people use. A password consisting of the numbers 'one to 10' is not uncommon, as is simply the word 'password' or 'admin' or the user's first name. Last year, 20,000 Yahoo, AOL and Hotmail passwords were hacked only to find the most popular password was '123456'!

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) says, "Using the name of your first pet or school, your birth date or your mother's maiden name, is not smart either as this information is often favoured by banks as a means of identifying you. Putting it out digitally in any form (even if that is onto a comparatively secure website or not) is simply not good sense."

"To continue reading this piece, please enter a password. If you do not have a password please create one now of at least eight characters in length. Please use a combination of upper and lower case letters, plus numbers."

How familiar is that? How many times do we see those instructions and just blindly type in something meaningless so that we can continue surfing?

Borrett continues, "The problem is that there are so many 'light' password gateways today. Web sites seek to create 'sticky' pages that users will repeatedly revisit by offering password access only. But these gateways obfuscate the importance of the 'heavy' passwords that you need to keep close to your chest and that you need to create intelligently.

"Just to be clear, there is no industry de facto term that defines a 'heavy' password - we are simply drawing a distinction between a casually used password that might for example let you view an online news item, to that of your online banking password which should be ultra-robust and definitely not the same as the one you use to access social networking sites like Facebook."

So What Makes a Good Password?

Firstly and most importantly of all, a good password is a password you can stick with. You do not have to change your password every 90 days (or however often you have been advised) but you could do. There are no ground rules on this one and the jury is out from a technical perspective as to whether this process simply opens up more hacker gateways or whether it closes them down.

What is important is that you are supremely obscure. Don't use any of the cardinal numbers in order, even if you start at 3, 4, 5. Don't even use them in sequence as in 3, 5, 7. Use them backwards and interspersed with letters (both upper and lower case) and characters from the top line of your keyboard such as !, #, - and *, for example.

But that is just the start. If a hacker has managed to steal a copy of your password, it is most likely that he or she will only have an encrypted value of your password. The hacker will start using password hacker systems, which will initially attempt to use human language dictionaries and human behaviour logic to crack your secret code.

So be as illogical as you possibly can be. Don't use the word 'frogspawn' when you could use 'spawnfrog' and so on.

"Carrying that 'illogical' theme forward, use your brain to outwit any computer password hacking software. Humans are visual thinkers, so this means we can visualise clearly in our own heads something that might not be part of the real world," Borrett says.

"Have you even seen a purple elephant? Neither have I, so that's a good image - and therefore a good phrase to use. Why stop at purple, let's choose a more creative colour such as ochre, fuchsia or puce. Why stop at elephants, let's choose echidnas, possums, wombats and so on.

"Of course, some security experts say that we shouldn't use any dictionary words from any language in a password. One way around this is to use product names and numbers instead. Most of us can easily visualise an obscure product we own (e.g. scuba diving regulator) and recall its product number (e.g. Apeks XTX200). Then we just mangle the product number a bit.

"So let's be clear - we are not saying that 'OchrE59EchIdnA18!*' or 'ApEx!xtx-2o0' are not the best passwords you'll ever come up with, but it's certainly going to help you if you think along these lines," Borrett concludes.

Seven Steps To Password Perfection:

Don't use cardinal numbers in order: 1,2,3,4,5 etc. is not clever.
Think illogically; computers rely on logic to operate.
Be obtuse, think outside the box, invent a new word!
Never use your mother's maiden name or any password that your bank might use.
Mix keyboard characters such as the asterisk with letters and numbers.
Use a mixture of upper and lower case letters.
Always change default passwords from 'password' or 'admin'.

And lastly and very importantly NEVER tick the 'remember this password' box.

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

Protect Your PCs Against Adobe Reader Security Flaws

Thu, 12 Aug 2010 14:00:00 GMT

Melbourne and Amsterdam, 13 August 2010 - It should go without saying that the best way to deal with malware is, of course, not to get infected in the first place.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) says, "Being aware of what products are being targeted by the bad guys may help you as well, so it may be useful to know that at the moment Adobe products are virtually the number one target across the world with millions of PCs being hit by infected Adobe PDFs. Others are being pwned via Adobe Flash ads via Facebook and other social media web sites."

Attackers send a file that has malicious code embedded in it. Once the file is opened, the computer is infected, typically with some form of identity theft malware that then steals data.

The Adobe PDF and Adobe Flash browser plug-ins are also used in "drive-by download" attacks where malware is downloaded onto the PC while the user is surfing the web.

"Adobe products, just like Microsoft Windows and Microsoft Office, have near universal use on home and business computers making these applications prime targets for the bad guys," Borrett continues. "Unfortunately, since the bad guys realised this and turned their attention to finding security holes in them, they have been very successful."

Of course, the easiest way to avoid the risk of being compromised via these Adobe products is not to install them! However, this is virtually impossible for most home and business Internet users.

So if you must use Adobe Reader, then please take the time to secure it.

How to secure Adobe Reader

Open the Adobe Reader application and choose 'Edit' and then 'Preferences'.
On the left you will see several different categories of options to modify.
Under the 'JavaScript' category there is a checkbox 'Enable Acrobat JavaScript'. Make sure this checkbox is not ticked/selected so that you disable Adobe Reader's ability to run dangerous JavaScript from a PDF.
Under the 'Security' category, to specify that digital signatures are handled securely make sure the 'Verify signatures when the document is opened' checkbox is ticked/selected.
Under the 'Security (Enhanced)' category, make sure the 'Enable Enhanced Security' checkbox is selected to help with data protection and privacy.
Under the 'Trust Manager' category we'd recommend you disable Acrobat's ability to call external applications to handle non-PDF file attachments. So, after the 'PDF File Attachments' heading, make sure the 'Allow opening of non-PDF file attachments with external applications' checkbox is not ticked/selected.
Then click on 'OK' to exit changing the preferences.

Adobe is working to address the security vulnerabilities in its products, so it's vital to make sure you regularly check for updates to Adobe Reader, Adobe Flash and other Adobe applications. Turn on the automatic updates so that your Adobe software stays up-to-date.

Borrett adds, "And also don't forget to install a complete security suite solution like AVG Internet Security that will provide you with total protection as you work, shop, bank and play games online."

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

Only You Can Protect Yourself and Your Family From the Dark Side of the Web

Tue, 10 Aug 2010 14:00:00 GMT

AVG (AU/NZ) says using wisdom and commonsense is the best way to stay safe online - not relying on the government to do it for you.

Melbourne and Amsterdam, 11 August 2010 - You may or may not have noticed, but Australia is currently in Federal election mode. In less than two weeks the great land down under will have a new Government in Canberra with a mixture of old and new faces. Right now it seems there are some significant differences between the key parties when it comes to how they think we need to be protected from "... the dark side of new technology...." and exposure to offensive and illegal content and behaviour online.

Certainly there are people who feel vulnerable online and believe the best solution is to have the government step in and help them to stay safe. But do they really need nannying? Can the help they desire arrive in time?

The more resilient have already taken control of the situation for themselves. They've invested in good security software, like AVG Internet Security, and they keep it up-to-date. They've educated themselves, their family, friends and/or work colleagues about the dangers, how to spot the scams and threats that lead you over to the dark side, plus what to do when something goes wrong. They've already become self-sufficient.

What should everyone else do?

"Whatever you do, don't rely on the government to protect you and your family online," says Lloyd Borrett, Security Evangelist for AVG (AU/NZ). "Yes, the dangers are very real. Yes, you do need protection. But you need it now. No government is going to step in, wave a magic wand and solve the problem anytime soon. And by the time they try, it may simply be too late for you and your family. The damage may have already been done."

"It's not as if staying safe online is hard to do," Borrett continued. "It's just simple commonsense plus eternal vigilance. So take personal responsibility and follow these simple guidelines."

First, install good Internet security software and keep it up-to-date. Indeed, turn on automatic updates so all your software receives the latest security fixes. Good security software will not only protect you from viruses, spyware and other nasty malware, but also from the unsolicited spam emails that try to lure you off to the dark side.
Set strong passwords and change them regularly, especially on social networking web sites like Facebook, LinkedIn etc. Also make sure you properly set the privacy information on social networking sites so that your personal information can only be seen by those you trust and give permission to see it. You don't want cyber criminals using the information to steal your ID, or paedophiles and sexual predators using it to groom family or friends.
Stop and think before you click on any links. Do you trust the provider of that link? Does the offer seem genuine or is it too good to be true? What's the likelihood that it may take you to the dark side of the web where you just don't want to go? If you have doubts, it's safer not to proceed. If you're willing to take a chance, then please make sure you have good web scanning software, like the free AVG LinkScanner® for Windows and Mac computers. It will check the integrity and reputation of the page you're trying to visit, plus do a real-time check for any malware payloads that may be lurking on the web page.
Only accept 'friends' online that you know in real life. Paedophiles and other nasty types prey on chat rooms and social networking sites. Stranger danger applies to people online, just as it does in real life.
Know what your children and friends are doing online. Make sure they know how to stay safe and encourage them to report anything suspicious. Warn them to stay away from strangers wanting to chat, or links to illicit music or video downloads that may actually deliver vastly different content than they were expecting.
In the case of young children, you need to closely supervise them, just as you would if they were out in a public park or playing close to a busy road. The computers they use should be visible and in a communal area such as a family room, rather than hidden away in a bedroom.
For teenagers, you need to work on keeping the lines of communication open. Take a genuine interest in what they're doing, create your own accounts on the social media web sites they're using and discuss topical online issues with them. If they are uncomfortable talking to you about problems they encounter online, then encourage them to contact the Cybersmart Online Kids Helpline at www.cybersmart.gov.au.

As you can see, the only things you really need are some simple rules and explanations, plus education and supervision.

"Just don't get too carried away with the rules," says Borrett. "An example of a good rule would be that you have to be invited as a 'friend' on your children's Facebook account(s) so that you can monitor what's going on. However, completely banning a teenager who's active online from access to the Internet or access to specific social networking sites can be counter-productive. If they think you're being unjust, they'll simply go behind your back. Isn't that what you did to rebel against your parents, or was that just me?"

Certainly when using the Internet, you or family members may encounter content that you find offensive - such as explicit sexual activity, material containing excessive violence or sexual violence, drug use, criminal activity or child pornography.

Typically this will only happen if you choose to ignore the commonsense suggestions above, or deliberately make the choice to venture over to the dark side. However you end up there, if you are offended then take note of the web site address and report the inappropriate content to ACMA via its web site at www.acma.gov.au, by email to online@acma.gov.au, or by phone to 1800 880 176.

If you or your child has been harassed or bullied on a social networking site, go to www.thinkuknow.org.au for advice and tips.

If you believe someone has behaved inappropriately or in a sexual manner towards your child or children, report it to your local police, or phone Crime Stoppers on 1800 333 000.

"Governments around Australia and overseas are certainly active in providing a wide range of information and resources to help you stay safe from the dark side of the web," added Borrett.

"They also have skilled law enforcement professionals to go after the bad guys. But they're never going to be your white knight in shining armour and totally protect you from the dark side of the web without any effort on your part. To keep you and your family safe online you need to help yourself to the knowledge and resources available from governments and your friends at AVG, apply commonsense and be ever vigilant."

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

The Bad Guys of the Internet - Know Your Enemy

Wed, 04 Aug 2010 14:00:00 GMT

AVG (AU/NZ) helps home and business users understand who they need to protect themselves against

Melbourne, 5 August 2010 - Today, almost all computers are connected to the Internet. This means they're connected to other computers - which involves risk.

We use our PCs for both work and play. We shop, bank and play games online - even when we're at work - but we also work when we're at home. The web is a research tool and an entertainment centre, letting us access music, movies, TV shows and much more. In doing so we store useful information, indeed even vital private and personal information, on our PCs.

Lloyd Borrett, Security Evangelist at AVG (AU/NZ) Pty Ltd, says: "Therefore, it is extremely important that you store your information properly and keep it secure. It's also important that you protect your PCs from misuse, abuse and data loss. Why? Because there are bad guys out there and you don't want them getting their hands on your information.

"Bad guys? Yes, it's a term we Internet security people use frequently, but do you fully understand who the bad guys are? Before you can properly arm yourself against a security attack and/or breach by the bad guys, it helps if you know who to watch for so that you can put in place the proper layers of defence."

There are actually quite a few unique categories of bad guys to look out for. They are variously referred to as hackers, crackers, script kiddies, cyber criminals, cyber spies, cyber extortionists, cyber activists, cyber terrorists, cyber warriors, and even unethical friends or staff. Technically a cyber crime is any intentional breach in computer security via the Internet, or some other illegal act facilitated by the Internet.

Know Your Enemy:

Hackers

In the early days of computers, "hackers" were white hat good guys who tried to do no harm and hacker was a benign term. Hackers illegally accessed computers to learn more about them, or to find security holes in the computer or the network to which it's attached. They did nothing malicious, used their skills for good purposes and took pride in the quality of hacks that would leave no trace of an intrusion. Today's white hat hackers are typically computer security experts, who specialise in penetration testing and other security testing methodologies to ensure that a company's information systems are secure.

Crackers

During the early 1980s the lay of the land changed and we started to see the rise of "crackers". This refers to a person who intentionally accesses a computer, or network of computers, for evil reasons - typically, with the intent of destroying and/or stealing information. Today these bad guy crackers are sometimes referred to as black hats, or mostly just hackers. Usually, both hackers and crackers have very advanced computer and networking skills allowing them to develop scripts or programs to help them attack computer systems and networks.

Script Kiddies

Hacking tools can sometimes fall into the hands of "script kiddies", who often use them randomly and with little regard or perhaps even understanding of the potentially harmful consequences. These script kiddies usually have very limited computer skills and can be quite immature, trying to effect large numbers of attacks in order to obtain attention and notoriety.

Cyber Criminals

We typically use the term "cyber criminals" to describe those who use the Internet in illegal ways, or to facilitate illegal or fraudulent activities.

More specifically, cyber criminals are the people trying to put malware onto your system so that they can obtain valuable information such as credit card and bank account details, user names and passwords. This is identity theft and those responsible will either use the information to defraud someone, or sell it on to someone else who will.

Cyber criminals are also scammers and phishers who try to con you into giving them money. They might claim to need your help to transfer large amounts of money, or that you've won a prize in a lottery you never entered. Sometimes it's the promise of an inheritance from a wealthy relative you've never heard of.

Some cyber criminals illegally distribute software, music, movies against copyright laws. They might even sell illegal forms of pornography. Typically their activities are entirely profit motivated, though in the cases of cyber bullying and cyber grooming the motivations lie elsewhere.

Not all cyber criminals have sophisticated computer and networking skills. Today, the vast majority of cyber criminals simply use the malicious tools and kits marketed for profit by those creating them.

In effect, most cyber criminals are simply up-to-date script kiddies, but now they're motivated by profit, not notoriety. For about US$400, almost anyone can buy appropriate scripts and after about four hours of working through the instructions, be fully set up as a cyber criminal. Scary stuff.

Cyber Spies

People trying to illegally obtain information about companies or government organisations are known as "cyber spies". Typically when the attack is against a business it is profit driven, while when it's against government organisations it is espionage.

Cyber Extortionists

People who carry out blackmail via the Internet are "cyber extortionists". For instance, threatening to release confidential information if an individual or company does not pay a large amount of money. Cyber extortionists may put in place a distributed denial of service attack (DDoS) against the web site or network of a business and demand payment to stop the attack. They might trick you into downloading and installing malware/scareware/scamware, for example rogue anti-virus software, and then demand payment in order for it to be removed.

Cyber Activists

Relatively new on the scene are "cyber activists" who use the Internet as a fast and cheap communications tool for their public movements. They may be involved in cause-related fundraising, community building, lobbying and organising public demonstrations. One example is Iranians using Twitter to organise mass protests in 2009.

Cyber Terrorists

Of course, one man's freedom fighter is another man's terrorist, so we also have "cyber terrorists". These are cyber criminals who use the Internet to destroy computers or disrupt Internet-connected services for political reasons. Just like a regular terrorist attack, cyber terrorism typically requires highly skilled individuals, a lot of money to implement, and detailed planning. An example is when hundreds of DDoS attacks in 2007 virtually took down the Internet in Estonia.

Cyber Warriors

It seems that many countries, including the USA and China, have decided that the Internet is a valid tool to fight a war against their enemies. While the Internet can be used to greatly enhance military and economic power, it also presents a soft underbelly to present and future adversaries. Thus governments are recruiting and training "cyber warriors" to use the Internet for offensive attacks, and to protect us from such attacks by others. Sad, but true.

How to protect your business and yourself

Borrett says, "By going online, everyone is exposed to all these forms of bad guys. Thus it's crucial for both businesses and individuals to keep their information secure so that the bad guys can't gain access to it."

Here's some advice on how to stay safe online:

Have up-to-date and properly configured Internet Security software on all the PCs you use, for example AVG Internet Security at home and AVG Internet Security Business Edition at work.
Lock down desktop PCs, laptops and servers by limiting user privileges, eliminating unnecessary applications and having strong passwords. Giving up administrator privileges is a simple way to remove 90% of the risk of malware being able to install and run.
Understand who might be looking to break through your defences and how they might go about doing it. Think like the bad guys. Hopefully the information we've provided here will help you to do this."

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

Elections - who can you trust?

Tue, 03 Aug 2010 14:00:00 GMT

AVG (AU/NZ) advises you to beware scammers and malware as you search for the next hot election news topic.

Melbourne, 4 August 2010 - The 2010 Australian Federal election campaign is generating a huge level of online activity. The Internet is now the way to follow the election, whether it's through social media sites or online news sources. The rise of social networking has become a key influence in voting trends, with candidates across the political spectrum learning how to tweet, respond to a poke and live and die by the worm (or witchetty grub).

It's worth remembering that while following the election using new media, you should be alert to the issues you open yourself to while online. In recent months Facebook and Twitter have been plagued by a number of phishing and malware attacks, leaving many users inadvertently giving strangers their private data.

As the election hype continues, potential risks become more apparent as hackers attempt to use the campaign as an excuse to gain extra information about you by putting malicious links on legitimate sites or creating bogus sites to gather personal information.

Young Australians are perhaps particularly at risk with research released in July showing 18-24 year olds are the most affected by online ID fraud. With the recent high profile push to ensure young, first-time voters enrolled for the 2010 election, and Google's Student Voice invitation to 15 to 17 year-old students across Australia to vote in a simulated online election, scammers and malware cyber criminals have been provided with another hot topic with which to hit the unsuspecting.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ) explains how it's done: "Cyber criminals capitalise on the need for us to find the latest news and we often click through without thinking. Scammers are capable of doing more than just offering you a new rich friend from Nigeria. They are clever, targeted and current - and they are after your money or your identity.

"They use Google Trends and similar tools to poison the search results related to a topic. During the earthquake which devastated China in April 2010, the search engine optimisation (SEO) methods used by the bad guys were so effective that 18 of the top 20 searches were malicious. Thus they were able to fraudulently siphon donations meant for disaster relief."

Borrett's advice is to ignore and delete unsolicited requests from your 'local candidate' wanting your support during the last weeks of the election campaign or requesting personal information supposedly clarifying enrolment details: "Just don't fall for it. No legitimate organisation will ever request personal or password information over the phone or via email."

For added protection when searching and downloading:

Make sure you practice safe surfing. AVG LinkScanner® is a free web tool for both PCs and Macs that can identify web-based threats in real-time and let you know if a page or link is poisoned when your web browser tries to load the web page.
Stop and think before you download or install anything. If you ever have to install a viewer to watch a video, something is probably not right. Go to the video player application's official web site and download the application there. Never download through a link.
Make sure your anti-virus and security software is up to date. If you don't have anti-virus and anti-spyware software, you can download AVG Anti-Virus Free Edition at www.avgfree.com.au.
Finally, be careful what applications you agree to install. There are a million people developing applications, particularly with the growing market for iPhone and iPad apps, and even Facebook applications. Something tells me they are not all good guys.

You can keep an eye on the scams and viral attacks doing the rounds by checking the Australian Government web site SCAMwatch (www.scamwatch.gov.au) which contains more advice to help you recognise, report and protect yourself from scams. You can also sign up for its free SCAMwatch email alerts.

The government-operated Stay Smart Online site provides lots of helpful tips for personal and business smart online use, guides for parents and an alert service about the latest online threats and vulnerabilities within the Australian context.

Remember, ignore scams or report them to the Australian Communications and Media Authority SPAM SMS service on 0429 999 888, or by sending an email to online@acma.gov.au, or phone 1800 880 176.

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

AVG Research Shows 55,000 Computers Compromised by Cybercriminals Using Mumba Botnet

Mon, 02 Aug 2010 14:00:00 GMT

One-Third of Infected PCs in the U.S. - Other Affected Nations Include Germany, Spain, UK, Mexico and Canada

Melbourne, 3 August 2010 - AVG (AU/NZ) Pty Ltd today issued a report developed by the AVG Web Security Research Team which identified a global network of 55,000 malware-infected computers infected by the Mumba botnet.

The report, which can be downloaded at http://www.avg.com.au/resources/whitepapers/, found that the Mumba botnet has stolen more than 60GB of personal data from users including credentials from social networking web sites, bank account details, credit card numbers and emails. The United States had the highest share of PCs infected by the Mumba botnet (33 percent), followed by Germany (17 percent), Spain (7 percent), United Kingdom (6 percent), Mexico and Canada (both 5 percent).

The Mumba botnet was created by one of the most sophisticated groups of cybercriminals on the Internet known as the Avalanche Group who perfected a mass-production system for deploying phishing sites and data-stealing malware. Mumba uses the latest version of Zeus, currently one of the most common malwares.

"The unique infrastructure of the Mumba botnet means that going after the servers hosting the stolen data is now much more difficult than before," said Lloyd Borrett, Security Evangelist at AVG (AU/NZ). "As cyber criminals become increasingly sophisticated, it is paramount that consumers and corporations prevent their PCs from becoming the next victim in these dynamic cyber attacks by using anti-virus and link scanning tools such as those that AVG offers free."

AVG's award winning free anti-virus software and its innovative AVG LinkScanner® safe search and surf product protects users against the ever increasing online threats by dynamically scanning the web pages for threats in real-time before they open.

AVG Research Discovers 1.2 Million Computers Infected Using Eleonore Exploits Toolkit

Thu, 22 Jul 2010 14:00:00 GMT

Sun JVM and Adobe Acrobat Reader Vulnerabilities Top List with Infection Rates of 36 percent

Melbourne, 23 July 2010 - AVG (AU/NZ) today announced that AVG Technologies' Web security research team has discovered a network of 1.2 million malware-infected computers controlled by cybercriminals who were using the Eleonore exploit toolkit - commercial attack software which enables cyber criminals to infect and monitor compromised PCs.

The two month long study by AVG researched 165 Eleonore toolkits in use by cyber criminals and concluded that those using the Eleonore exploit toolkit were experiencing a 10 percent success rate in infecting the more than 12 million users visiting their compromised web pages. All 165 domains experienced high volumes of traffic which the cyber criminals managed to compromise.

Although you may assume that the cyber criminals making and using these toolkits are software experts, the reality is that even malicious code writers leave vulnerabilities in their code. Taking advantage of one of the weaknesses in the Eleonore toolkit, AVG researchers were able to collect statistics that allowed them to gain a better understanding of the magnitude of such attacks and the average success rate in infecting PCs by these toolkits.

The research was built using AVG LinkScanner® product data, identifying URLs that the product blocked when it identified a threat.

"The accessibility and sophistication of easy-to-use cyber criminal toolkits proves that cyber gangs are raising the bar to monetise their criminal activities," said Lloyd Borrett, Security Evangelist at AVG (AU/NZ). "That is why it's more important than ever for families, corporations and other computer users to protect their computers from being targeted by this kind of increasingly popular cyber attack by using AVG anti-virus and web security tools like LinkScanner that AVG offers for free."

The first step to silently infecting a user's machine with malware is to exploit a vulnerability in their browser or other applications running on their machine. Successfully exploiting a vulnerability enables the cyber criminal to load and install the actual malware that can steal data and enable the criminal to later auction the PC online as a DDoS bot or a spam sending machine.

Eleonore exploit toolkit utilises the following vulnerabilities to exploit PCs:

Sun JVM vulnerabilities
Adobe Acrobat Reader vulnerabilities
Various IE6 vulnerabilities
Various IE7 vulnerabilities
Various FireFox vulnerabilities

AVG's award winning Anti-Virus and Internet Security software, in addition to its innovative AVG LinkScanner product for both Windows and Mac computers, protects users against the ever increasing online web threats. AVG LinkScanner dynamically scans web pages for threats in real-time before users open them in their browser. AVG Anti-Virus Free Edition or AVG LinkScanner can be downloaded at http://www.avgfree.com.au.

If you want to read more about this report then you can see the full research in this AVG whitepaper at: http://www.avg.com.au/files/media/avg_white_paper_eleonore_23-jul-10_aunz.pdf - 6 pages (PDF | 309 KB).

Social Networking for Business: Risk or ROI?

Thu, 22 Jul 2010 14:00:00 GMT

Melbourne, 23 July 2010 - LinkedIn, Facebook, Twitter and social networking in general are argued by some to have tangible business benefits, but are these communication channels nothing more than a business risk gateway or do they have the potential to deliver a real and positive impact upon total Return on Investment (ROI)?

Did You Know?

Leading research and advisory company Gartner predicts social networking will overtake email by 2014.
A Manpower survey in January 2010 indicated that only 20% of companies worldwide have a social media policy.
In the first six months of 2010 the number of LinkedIn members grew by 40% to 70 million; Twitter grew to 190 million users; and around 250 million people log into Facebook every day.
40 per cent of businesses globally have successfully used social media for business development, according to a new survey by Regus.

According to Facebook founder Mark Zuckerberg "...people are a lot more relaxed about online privacy than they used to be. Attitudes have changed and people have 'opened up on the web' as they share information about themselves on social networking sites...". Although this action creates personal privacy risks, the real issue arises when users take this approach with them to work and are equally 'open' in a business environment.

The shift in attitudes about personal information sharing among its user base caused Facebook to change its privacy rules in late 2009 with some of its 350 million worldwide users concerned that the company was out of step with identity theft and online security.

Industry opinion suggests that while businesses have adopted Facebook (and perhaps even more prevalently LinkedIn and Twitter) as a networking tool, the privacy improvements that the social networking giant brought to bear were not commensurate to the risks that now exist at the corporate networked level. Put simply, if we use social networks inside a business network then a new privacy policy alone doesn't cut it. Without directly addressing the issues of identity theft, cyber crime and web-driven targeted espionage attacks then we are leaving the door wide open.

Social networking sites in the meantime appear to be focused on how to make sites more engaging, easier to use and more 'sticky' to hold users' attention. A central part of this is getting users to post more personal content and link in with more personally connected information. All of which builds up profile and identity. Take this example to the business environment and identity becomes intellectual property - and this needs to be locked down.

Sending out information detailing which companies you are meeting with highlights your business partners and prospects to your competitors. Telling the world about your company's new product innovations prior to their official launch could weaken their impact. Perhaps worst of all, pump out details of which companies you can't stand dealing with and whose products you hate and you might just be one step away from a defamatory court case.

The danger of an unguarded approach to social networking is not just about risks to physical property on a personal or corporate level; identity theft is also a serious concern. The Australian Government web site Stay Smart Online contains useful advice on using social networking sites safely at www.staysmartonline.gov.au.

Lloyd Borrett, Security Evangelist at AVG (AU/NZ), says, "Online social networks have sprung up for business, hobbies, schools and religious groups. Used properly, they are a unique communications tool to keep in touch with friends and colleagues. But like any online tools, social networking sites can be abused by hackers and cyber criminals."

Borrett warns that both casual and business users should be careful about what they post online. Criminals use the sites to trawl for information that they can exploit, so it is an essential process to get acquainted with the privacy settings and tools on the social networks that you use. "The bottom line is - all employees should be aware of which social sites they are allowed to use during working hours."

A new term to learn - gateway data

So how exactly could a cyber criminal use information from a Facebook or LinkedIn profile to get access to a business or personal bank account for instance? Herbert "Hugh" Thompson, professor in the Computer Science department at Columbia University in New York, has coined the term "gateway data" to refer to the confidential information harvested from social networking sites.

Thompson argues that at some point there has got to be some fall-out from the over-sharing of information via social media. "Criminals have got to be able to leverage the information that people are sharing to do harm at some point - and I now think we have gotten to that point," he says.

The gateway data identified by Thompson can be used in a variety of ways. For example, discovering someone's mother's maiden name from Facebook could in turn be used to answer a password prompt question on an email account. Even if that account is a personal account, the user will have been compromised and the hacker is one step closer to all the business information that they want.

Once a criminal has gained access to the user's email there is a good chance there will be details inside which will enable them to break into a bank account for example. Other uses for gateway data include using a partial piece of information, such as the first five digits of a company credit card, to trick the user into revealing the full card number.

Basically a hacker will be looking to use lots of fragments of data to reveal a larger piece of confidential information. So the separation between your personal and business data is not as distinct as you might think; in fact there could no boundaries between them at all.

In addition to following the safe and sensible approaches prescribed by Stay Smart Online, other experts advise against installing applications from social networking sites unless the application itself is from a trusted source - and this in itself is a highly subjective judgement to make, as who do you know who you can really trust and how do you know that they themselves have not already been compromised?

"Develop a healthy dose of scepticism," Borrett advises. "When you get one of those offers to watch a video and you have to install something to watch it - don't do it. It's not worth it and you should never have to do that. These unknown applications can often contain malicious code such as viruses or worms and an enticing video is precisely the kind of tool that criminals will try to virally disseminate on the web."

Borrett also warns about the popularity of shortened URLs on sites such as Twitter. "The problem with shortened links is that they usually don't bear any resemblance to the original URLs, which means that users don't know what they're clicking. People click with the intention of going to a specific site, but the link can be easily hacked to send them to a site containing Trojans, spyware, rootkits and other malware instead."

The ROI Benefits

Okay, so all of the above makes using social networking for business seem very risky. Certainly, if you get it wrong it can be. But just what are the benefits of social networking that deliver ROI?

Used correctly, social networking typically delivers on four main goals:

Increased brand awareness. Interacting with customers, prospects, suppliers and others using social media builds awareness of you, your staff, your services and your brand. Get the interaction right and you stick in people's minds, plus drive traffic to your web site.
Improved reputation. Using social media to respond effectively to questions and feedback enhances how others think about your business and its place in their community.
Relationships with benefits. People are more likely to provide you with benefits such as their business, testimonials and referrals if you take the effort to interact with them and build mutually beneficial relationships.
Personal development. Networking with others and observing others via social networking is a great way to improve your knowledge and experience in your chosen field of expertise.

Achieving these goals can deliver tremendous benefits to your business. The ROI may be difficult to measure because the benefits are often not direct and immediate. Indeed, you're more likely to get higher returns in the future than the immediate present. However, so long as you manage to correctly balance the time and money spent with your expected returns, the ROI benefits will be worthwhile.

In summary, social networking can represent a positive force within a business communications environment and contribute positively to a profitable bottom line and a business's total ROI. It just needs a layer of management, some user policy controls in place and a degree of strategic planning to ensure that user awareness of the 'company voice' is upheld.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

Top Ten Tips to Protect You Against Identity Theft

Mon, 19 Jul 2010 14:00:00 GMT

AVG (AU/NZ) offers some advice on how to prevent criminals from stealing your identity and your money

Melbourne, Tuesday 20 July 2010 - Did you know:

Almost 6 million Australians are exposed to scams and frauds each year (Australian Bureau of Statistics);
800,000 Australians fall victim in some way;
Almost A$1 billion is lost each year, a good part of which will go out of the Australian economy;
The Australian Government year-long enquiry into the rapidly growing problem of cyber crime recommended banning people from connecting to the Internet unless they have proper anti-virus software.

Identity theft poses very real dangers which can have a severe impact on your life as well as a knock-on effect on your family and friends. The most worrying aspects of having your identity stolen are that it appears to be relatively easy to do and the consequences of losing your identity in today's digitally connected world can be appalling.

Lloyd Borrett, Security Evangelist at AVG (AU/NZ), says: "Essentially, identity fraud means criminals using your personal information for monetary gain. This can also mean they are opening bank accounts in your name, redirecting your post to another address or even securing a passport using your personal details.

"So what can you do to prevent the fraudsters getting enough of your details to be able to clone your identity and then wreak havoc with your finances, credit rating and your life? We've put together a list of tips to help you stay safe and keep the bad guys at bay."

Don't throw away anything that contains personal information unless it has been shredded or ripped up to make the document illegible. So shred the following: bank statements, utility bills, application forms, chequebook stubs, card receipts and letters that have personal details. Today a smart burglar wouldn't bother breaking into your home and taking household goods and personal items. Instead they'd just steal identity-related documents. An even smarter one wouldn't even break in. They'd just go through your mailbox and rubbish bin.
Be aware of phishing phone calls - if someone asks you to give away personal information over the phone, check their details and get a phone number to call the organisation back to check they are legitimate.
Be very alert online - phishing attacks are a growing problem. Keep your email address as private as possible and don't fall for emails asking you for personal information like bank account details, usernames, passwords or credit card details. A legitimate bank or financial institution will never email you asking you to follow a link or asking you for personal details. Report these scam attacks to www.scamwatch.gov.au.
Be careful when using social networking sites, as these can be an easy route to snatching your data. You could be giving up your personal details to the bad guys, crooks with fake profiles, or the friends of your friends who you can't possibly know and trust. When you next log on to social media sites like Facebook and Twitter, check and set the privacy settings on your accounts so that you're only divulging information to those you truly trust. Please be very circumspect as to what personal information you post on social media web sites.
Always go directly to web sites asking for personal information rather than clicking on links in an email or web site page.
Only conduct an internet transaction if you are sure the web site is valid and secure. The rise of the internet has created a playing field for fraudsters - always ensure a web site is secure before providing personal details or account information.
Remember to set strong passwords. Last year, 20,000 Yahoo, AOL and Hotmail passwords were hacked only to find the most popular password was 123456. Try to use a combination of letters and numbers and change your passwords regularly.
Monitor your credit card and/or bank statements and look for suspicious transactions. Also check your credit status regularly; this way you'll be aware who is doing credit searches on you and if any new accounts have been set up in your name. Contact Veda Advantage or Dun & Bradstreet to get a copy of your credit file.
If you move house then have your post forwarded for at least six months to prevent important mail with personal details landing on someone else's doormat.
Go with your gut feel. If it sounds too good to be true then it probably is. If you're suspicious as to whether an offer or request is genuine then get independent advice from a trusted advisor, family member or friend.

And if you suspect fraudulent activity then act fast and contact your bank, credit card, store cards, utility and phone companies so they can monitor irregular activity. Too hard? Then get an agency such as Secure Sentinel to help you resolve the situation.

Borrett says, "If you follow these simple steps and are vigilant it could save you lots of money and hours of wasted time cancelling cards and chasing up your bank to reclaim the stolen cash. You also may want to consider buying AVG Identity Protection, which sits on top of your existing anti-virus, shielding your passwords, credit card numbers, and other digital valuables from prying eyes. Even better, get a complete security suite solution like AVG Internet Security for total protection."

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

Stay Secure Online While You're Travelling

Mon, 12 Jul 2010 14:00:00 GMT

AVG (AU/NZ) offers some quick online security tips for business and leisure travellers

Melbourne, 13 July 2010 - Today's workforce is one that is increasingly mobile and networked, with people frequently travelling interstate or overseas for business purposes. When they do so, they take their laptops and other mobile devices, which often contain sensitive business data.

Lloyd Borrett, Security Evangelist at AVG (AU/NZ), says: "When people travel, they move out of their organisation's information security firewalls, but often don't consider the risks in doing so. Research shows that free wireless public networks located in airports and other public places are ripe for exploitation by cyber criminals, thus making business and personal data vulnerable to breaches."

AVG (AU/NZ) has some tips for travellers to stay safe on their business and leisure trips:

Security Settings:

Make sure your PC is up-to-date with robust anti-virus or Internet security software that includes a real-time web scanner, firewall and e-mail protection.
Ensure that you clean your devices of any spyware and malware before every trip and periodically do so even during the visit. This will reduce the risks of attacks in unsecure zones.
Ensure that the security settings (including firewall settings) on your devices are set on high and on maximum prevention.

Wi-fi and High Speed Internet Zones:

Be very careful what information you share in public locations. Even seemingly innocuous logins to web e-mail accounts could give hackers access to get into your more important data, especially if you're like most people and use the same password - maybe with a few variants - for almost all your online accounts.
Turn off shared folders. If you unwittingly connect to a malicious network, a cyber criminal could easily transfer a malicious spyware agent onto your machine that could follow you and track your online activities even after you leave the public location.
When at hotels, airports or restaurants make sure you use the secure connections offered by them.
As far as possible, while travelling, avoid logging onto any financial web sites, or using your credit cards to conduct any transactions online, especially when in Wi-fi zones.

Data on Your Device:

Ensure your laptops and PDAs are protected using hard drive password locking systems. Another effective tip to avoid outsiders from accessing your personal files is enabling screen-saver passwords. This will ensure that even if someone gets hold of your devices, they won't be able to access any information and data.
Ensure that you create back-ups of all your work and personal data that you have on your devices before your expedition and keep it in a safe and secure place.

Physical theft:

Avoid carrying written copies of passwords, credit card numbers and other PINs, which can easily be lost or stolen and fall into the wrong hands.
Use locks, combinations, chains and other devices to avoid thefts.
Avoid saving any personal data or confidential data on your laptop, mobile phone or PDAs so that the information doesn't fall into the hands of criminals in case of theft.
If your laptop, phone or other portable device is stolen, make sure that you report the theft to the local police.

Borrett also warns travellers to be very careful about who they tell about their travel movements and what they post about it on social media sites.

"Thieves have been known to follow status updates on social media pages and posts on Facebook and Twitter. They could break into your home or business while you're away. Go through and properly configure the privacy settings on any social media sites you use."

"If you do all of the above, you have an excellent chance of thwarting any would-be cyber criminals or thieves who are looking for easy pickings," Borrett concludes.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

AVG (AU/NZ) Launches New Zealand Web Site

Sun, 04 Jul 2010 14:00:00 GMT

AVG web site offers New Zealanders local pricing and NZ dollar transactions

Auckland, 05 July 2010 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security software today announced the launch of its New Zealand web site, www.avg.co.nz, for its hundreds of thousands of Kiwi users to purchase, upgrade and download their software locally.

The web site, with local New Zealand pricing and support for New Zealand dollar transactions, provides a convenient and more cost-effective platform for Kiwi users and resellers to experience the superior benefits of AVG security software. For its Resellers, AVG is providing this via a new AVG Reseller Centre portal.

Peter Cameron, Managing Director AVG (AU/NZ), says the new web site is also about AVG's ongoing commitment to protecting New Zealand consumers and businesses.

"We want to ensure Kiwis have the easiest possible access to their Anti-Virus and Internet Security software and can stay protected from cyber criminals without having to battle with the vagueries of currency exchange," he says.

"AVG is widely known for its free and consumer products. In addition our existing New Zealand resellers have been highly successful in the small and medium business market with our AVG Internet Security and AVG Internet Security Business Edition products," Cameron continues.

Earlier in the year AVG (AU/NZ) signalled more activity was planned for New Zealand in 2010 and that local resellers and SMEs were a top priority, as the company builds on its reputation as a leader in protecting valuable data as well as working, banking, shopping and gaming online. Cameron added that AVG has recently recruited additional staff to support the New Zealand market.

"Going forward we're looking to recruit new resellers to our sales channel, train them and keep them up-to-date on vital security issues via our regular newsletters, bulletins and webinars," he says.

The AVG Reseller programme recently introduced the Direct Renewal Guarantee where the focus is on rewarding channel partners whose customers renew, upgrade or increase products via the AVG (AU/NZ) web site.

We're only a small business, we don't need a formal IT security policy

Tue, 29 Jun 2010 14:00:00 GMT

AVG (AU/NZ) explores another great security myth of our time

Melbourne, 30 June 2010 - AVG (AU/NZ) Pty Ltd suggests some essential steps to protecting small and medium sized businesses (SMBs) from online threats and provides simple guidelines on developing an IT security policy.

Big corporations have large-scale IT deployments that generally encompass desktop and mobile devices. They are more than likely to have a formal IT security policy in place, which has been approved and ratified by their board. Small and medium sized businesses (200 employees and less) on the other hand will very often have no such IT security policy in existence.

Lloyd Borrett, Security Evangelist for AVG (AU/NZ), says: "Now this should be a big surprise to us all, but I'm afraid it's probably not. What kind of IT security policy are we talking about then?

"Well, it's really pretty ground level stuff, to be honest. Do all users have guidelines for distribution of inappropriate content? Do all users know when their Anti-Virus, Anti-Spyware and Firewall settings need to be updated? Do all users know what the company policy is regarding the use of personal devices from PDAs and smartphones to USB sticks and media players on company premises with company equipment? Do you have a business-grade security package such as AVG Internet Security Business Edition 9.0 underpinning your commercial interests in the first place?"

In a SMB these fundamentally important security and privacy-related considerations have, more often than not, simply not been fully addressed.

While the previously mentioned aspects of IT are mainly user-focused, the problem is higher level than that. The IT manager (if there even is one!) may be overly reliant on 'patch' releases and other updates to cover vulnerabilities before they are exploited. Now even if the company does have some level of web application firewall in place, this on its own is inadequate protection to mitigate the vulnerabilities that exist. So what do these SMBs need to do?

Every company - from a sole trader or a two-person partnership upwards - should lay down an IT security policy. There are many ways in which malware can sneak into your company networks and AVG is here with both the tools and the advice to help you deal with this reality.

Simple staff guidelines for IT security can be found on web pages like AVG's Seven Pillars of Online Security Wisdom and you can keep your ideas up to date via social media channels. Let's just add one extra point. If you happen to work from home, you need to secure your home WiFi network too!

A 2008 survey carried out for TechRepublic found that 39 percent of employees purchase their own laptop for work. As the site's editor in chief Jason Hiner pointed out, this represents a huge problem for IT in terms of security, compliance and customer privacy. "That's why there's a push for IT to officially support more of these user-owned devices so that it can verify or set up enterprise-approved security and privacy settings," wrote Hiner.

Carry these findings back to our SMBs and you'll most likely see that 39 percent rises to significantly over the 50-percentile mark if not higher. Suddenly the old, "Oh we don't need anything formal for our IT set up as there's only fifteen of us," starts to sound REALLY dangerous doesn't it?

With any IT security policy, whether it is intended to cover 1000 employees or two, a healthy degree of common sense is also needed - and this is true however formal or relaxed the directives it aims to stipulate are. What this mean is, if some staff are tasked with using Twitter, Facebook or even Second Life as social networking tools for business, then set policies and instructions in place to manage this, but accept that the medium itself is extremely dynamic and somewhat harder to quantify. The social network is here to stay, so it is better to embrace it and put an IT security layer in between it and your company data, than to pretend it's not there in the first place!

The essential steps to protecting SMBs for online threats can be broken down into three categories:

Security Policy

Decide whether computers, laptops and software are to be supplied by your company, or by your staff - and reflect these decisions in your policies, purchasing and processes.
Document a simple acceptable-use policy for any computer that is used for company business or media that is used to store or transport company data.
Create an acceptable password-strength policy and ensure that all computers and other IT equipment are password protected.
Require that all security incidents are promptly reported and managed to a business stakeholder.

Technology

Ensure all operating systems (Windows, Mac OS, Linuk etc.), software utilities (Adobe Flash, Adobe Reader/Acrobat, iTunes, QuickTime etc.) and application software are updated with the latest security patches as they are developed - preferably using automatic update technology.
Ensure all computers have an up-to-date, business quality security software suite on them.
Every computer should have its own firewall software, in addition to any premises-based network firewall you may be running.
If managing your own file storage and email servers, ensure these are also running up-to-date, business quality security software.

Process

Ensure all staff receive basic online security training and instruction in your policies.
Ensure regular backups are taken of all company files, data, email and other systems.
Change all passwords regularly, especially when an employee or contractor leaves the company, and in particular change administrator passwords or shared passwords to centralised networks or systems.
Take security breaches seriously - isolate any compromised systems from the network and involve an IT security professional if necessary to ensure the malware is fully removed.

Borrett says, "I want to make one final point to really try and clarify just how passionately we feel about the need for SMBs to adopt an IT security policy and bring in an Anti-Malware protection layer.

"For a small company, the intellectual property assets of the business are arguably even more valuable than those of a large corporation with a large staff skills base and manufacturing plant. With much of that intellectual property held in electronic form, the prospect of data loss or corruption is catastrophic.

"You can leave yourself out in the cold and at risk, or you can opt to properly protect your business."

It's a simple choice, so which way are you going to take your business?

AVG Nets Key Industry Accolades

Thu, 24 Jun 2010 14:00:00 GMT

Internet security leader Named Ventura 2009 Award winner by Enterprise Investors and Receives VB 100, ICSA Certifications

Melbourne, 25 June 2010 – AVG (AU/NZ) Pty Ltd today announced continued positive results, awards, certifications and accolades across the global security industry for the AVG Technologies' range of anti-virus and Internet security products. AVG received two accolades in the Ventura 2009 Awards and achieved the VB100 Award in June 2010 for AVG Internet Security Business Edition on Windows Server 2008 R2.

The Ventura Awards, now in their ninth year, are a prestigious annual awards program that recognises the achievements of companies represented by Enterprise Investors (EI), the oldest and one of the largest private equity and venture capital management firms in Poland and Central and Eastern Europe. The awards identify EI's leading portfolio companies and of the managers committed to those companies' growth the best portfolio companies. Its 2009 winners had AVG on top in two categories: Most Dynamic Enterprise and Manager of the Year, won by J.R. Smith, CEO of AVG Technologies.

Additionally, AVG Internet Security Business Edition also was awarded the VB100 certification from UK-based Virus Bulletin (www.virusbtn.com) for June 2010. This is the 15th award in a row AVG has received from Virus Bulletin. The VB100 (virus) award is granted to any product that passes the test criteria under test conditions in the VB lab as part of the formal VB comparative review process. In addition, AVG also received ICSA certification on AVG Internet Security on Windows 7 32-bit and AVG File Server Edition on Windows 2008 Server 64-bit.

"We're delighted AVG has received these awards and certifications, which are further evidence that AVG is doing something right," said Lloyd Borrett, Security Evangelist at AVG (AU/NZ). "AVG prides itself on being innovative, agile and responsive to changing customer demands, while delivering high quality products, and these accolades are confirmation of its ability to do exactly that."

Don't Play Online Without Protection!

Thu, 24 Jun 2010 14:00:00 GMT

AVG (AU/NZ) Looks at the Dangers of Surfing the Web

Melbourne, 25 June 2010 - In the latest of its security advice articles, AVG (AU/NZ) Pty Ltd warns users of the dangers of surfing the web.

Whatever adventure you're looking for, online or off, whether it's navigating your way along a dangerous road, climbing down a steep cliff or diving into shark infested waters, you still ensure that you follow the correct safety procedures. So why should surfing the web be any different?

Browsing the web superhighway requires exactly the same level of caution that you would take when driving on a standard highway. After all you wouldn't drive your car without a seatbelt, so why surf the web without anti-virus protection?

Lloyd Borrett, Security Evangelist for AVG (AU/NZ), said: "The web is booming like never before and the methods of defrauding people online continue to evolve. Unsolicited e-mails announcing lottery wins or phishing correspondence asking for banking details have become the new, hot scams. Without the proper protection you could be a sitting target."

Thousands of con artists, grafters and fraudsters are trawling the web looking for online victims, and while web users may have become savvier, scams are becoming more sophisticated.

Social web sites are a popular stomping ground for cyber criminals. In recent months Facebook and Twitter have been plagued with a number of phishing and malware attacks, leaving many users inadvertently giving strangers their private data.

Bank account details, date of birth and email addresses are valuable pieces of information. So, for those who shop online without adequate anti-malware protection you could be unknowingly handing over your financial details to online fraudsters.

Research carried out in the UK by AVG Technologies in June 2010 backs up these fears. It found that one in 10 Internet users is surfing the web without security protection and putting their personal information at risk.

AVG said that users underestimate the financial and emotional cost of losing valuable data from their computers. The study found that £718 million (A$1.2 billion) worth of downloaded music is at risk because people who store their music online do not have adequate security.

The research also revealed that men are less likely to use computer security software than women. Meanwhile, 95% of web users over the age of 50 install software which protects from viruses.

The moral of the story is that if these consumers had used anti-virus software it would have protected them against strangers tracking and stealing their personal data.

Here's a quick guide to the top scams you're most likely to see on the web:

Online auction fraud
Fake eBay accounts encouraging people to bid for and purchase a non-existent product.

Phishing scam
Emails that appear to have been sent from your bank warning you about identity theft and asking you to log in and verify your account information.

Congratulations, You're A WINNER
Email telling you that you've won a competition and directing you to visit a website and provide proof of ID.

Nigerian 419 Letter
Email usually written in capitals informing you about online scammers.

Postal Forwarding
Online advert looking for a 'correspondence manager' asking to accept wire transfers into your account.

As Borrett puts it, "You wouldn't drive without the protection of a seatbelt, would you? No. So why go online without the right online protection? You know it makes sense!"

Millions of Australian and New Zealand families protect themselves on the web superhighway the free way, with AVG Anti-Virus Free Edition for the Windows and Linux operating system platforms. It delivers both anti-virus and anti-spyware protection. It also includes AVG LinkScanner® which protects against website based phishing attacks and malware. AVG LinkScanner is also now available as a stand-alone solution for both Windows and Mac users.

The Australian Government web site SCAMwatch (www.scamwatch.gov.au) contains more advice to help you recognise, report and protect yourself from scams. You can also sign up for its free SCAMwatch email alerts. AVG (AU/NZ) has a comprehensive range of security tips on its web site at www.avg.com.au/resources/security-tips/.

Who suffers most as a result of a data breach - customers, employees or the business?

Wed, 23 Jun 2010 14:00:00 GMT

Protecting data on your own computer is relatively straightforward but what about information that connects to your business, which is out of your IT department's control?

Melbourne, 24 June 2010 - AVG (AU/NZ) Pty Ltd looks at the dangers and costs of data security breaches and what each business, no matter how large or small, should be doing to safeguard themselves.

Did You Know:

The Australian Government is currently considering legislation to fine companies for failing to safeguard customer data
Only 28 percent of companies in a recent survey had formal policies on Internet security in place
330 million records containing sensitive personal information have been involved in data security breaches since 2005

Lloyd Borrett, Security Evangelist at AVG (AU/NZ), says, "Updating anti-virus protection, keeping up with security patches and assuming that any questionable online link is bad news, are just some of the ways that average business PC users can keep themselves secure."

But what risks exist to the data that is out of our central control? A whole range of public and private sector companies hold confidential information on various elements of our business, which we trust them to keep safe. Unfortunately sometimes that trust is misplaced.

Incidents when data is lost or stolen from a company are known as data breaches and they are on the increase. A recent study from the United States National Cyber Security Alliance revealed that 65 percent of small businesses surveyed hold customer data, while 33 percent admitted to storing credit card information. Despite admitting that the Internet was critical to their operations, only 28 percent of the companies surveyed said they had formal policies on Internet security in place. More concerning, only 35 percent said they provided any kind of training on Internet safety and security to their staff, and only 14 percent said they had anyone solely focused on IT security within the company.

The size and shape of the typical company most likely to be hit by a data breach is easy to define - it is all businesses. From sole traders and two-man partnerships to government departments and big corporations, the hackers who perpetrate the intrusions that lead to a data breach are not fussy. They don't discriminate among their targets and here's why. A small business may have a good deal of valuable corporate data that cyber-criminals will want to "scrape", yet only have a relatively weak and porous data security layer in place protecting it.

The inaugural Australian Cost of a Data Breach report conducted by the Ponemon Institute and PGP Corporation aimed to quantify the costs associated with public and private sector data breaches. Sixteen organisations participated in the study between September 2009 and January 2010, all of which had experienced one or more data breach incidents during the past year. The incidents that were reported involved between 3,300 and 65,000 compromised records, and were found to cost an average of $123 per compromised record. Malicious attacks and botnets accounted for 44 percent of these data breaches.

The UK's Revenue and Customs Department (HMRC) was subject to one of the most infamous data breach incidents in recent history when records relating to around 25 million individuals were exposed after two CDs went missing. The subsequent fall-out resulted in a legal inquiry into data practices at HMRC and across the government sector and in a positive result for consumers: more powers for the UK's Information Commissioner and the Data Protection Act which he regulates and enforces.

The United States is similarly tightening up legislation to regulate companies that are careless with information. Lawmakers recently introduced two new bills designed to compel companies to be upfront about data breaches - the Personal Data Privacy and Security Act of 2009 (S.1490) and the Data Breach Notification Act (S.139). An enforcement body has also been set up which is known as the Office of Federal Identity Protection part of the Federal Trade Commission. The lawmakers were motivated to tighten up data protection efforts given that some experts estimate that 330 million records containing sensitive personal information have been involved in data security breaches since 2005.

While Australia is yet to introduce similar legislation, it will happen fairly soon. In 2008, the Australian Law Reform Commission (ALRC) made 295 recommendations to the Government on privacy laws and practices, which are being implemented in stages, including a key recommendation that organisations be required to notify the Privacy Commissioner and affected individuals of any serious data breaches, with civic penalties to apply for failure to report breaches.

The message here is that corporate data is as much a part of a company's assets as is its intellectual property, its staff and skills base and its fixed cost assets from the carpets to the photocopier - and it must be treated as such. Failure to realise the gravity of this core tenet of modern business is tantamount to flagrantly posting the entire corporate database on the company's homepage. Businesses have a commercial responsibility to close the door to the data centre, keep it locked and ensure that policies exist to govern who the key holders are.

The Australian Government Stay Smart Online web site (www.staysmartonline.gov.au) advises companies to make sure they have policies in place when it comes to protecting customer data but also advocates a range of measures similar to those that home users should follow when it comes to securing their own information. "Keeping your customers safe requires that your own computer systems are fully protected," the organisation advises. "The best policies in the world won't protect your customers if your network and resources are at risk of attack or preventable failures."

The Australian Government Office of the Privacy Commissioner has helpful information about privacy issues for business on its web site at www.privacy.gov.au. You should especially read "Don't Leave Privacy to Chance… Take Steps to Protect Personal Information" at www.privacy.gov.au/materials/types/guidelines/view/6849. But how do you know if a business which holds information on your company has been breached?

Borrett says, "There are some tell-tale signs to look out for:

unusual or unexplainable charges on bills;
phone calls or bills for accounts, products, or services that you do not have;
failure to receive regular bills or mail;
new, strange accounts appearing on invoices; and
unexpected denial of corporate credit cards."

Based on those clues, if a business suspects that their details might have been exposed by a security attack on the company they should contact the company in question initially by phone and letter if necessary. Contacting the main credit reporting companies - Dun & Bradstreet and Veda Advantage - is also a smart move, as is filing a report with the local police so there is an official record of the incident.

It's also important to consider if a breach in one organisation could have an impact on other confidential information. For example, a thief has access to an employee's Tax File number, then the company should contact the Australian Tax Office. The personnel department or the employee themselves should also contact the Roads & Traffic Authority if any driver's licence or car registrations have been stolen.

There are many organisations and agencies that can help if you think your employee's data or your own corporate data has not been properly safeguarded but, as with many things, prevention is often more effective than a cure. So when it comes to the many channels via which data breaches can target both you and your customers, the best approach is to only share information when you have to and only with companies you trust. If you can standardise this within your company's core operational procedures and ensure that this ethos is carried downwards into the entire staff base, then you will be taking the safest possible corporate steps on the road ahead.

So to finish, let's return to our first question - customers, employees and stakeholders: who suffers as a result of a data breach? The answer should be clear at this stage. Quite simply everybody suffers from hacks that lead to data leakages. Operationally, the business suffers directly from a potential loss of trading profits, so corporate and individual stakeholders are worse off. Employees are compromised and customers lose faith in the company's ability to function at a level even vaguely resembling best practice. It's a vicious circle and a downward spiral, but the shame of it is that it is all so preventable. We urge you to lock down your data now.

AVG LinkScanner® for Mac Stays One Step Ahead in Keeping You Secure

Tue, 15 Jun 2010 14:00:00 GMT

Free Product Offering Ensures Mac Users Remain Safe from Increasing Intensity and Sophistication of Web Attacks

Melbourne, 15 June 2010 - AVG (AU/NZ) Pty Ltd today announced AVG LinkScanner® for the Mac operating system. AVG LinkScanner for Mac is the first free AVG product designed for Mac OS X Leopard or Snow Leopard and supports Internet browsers Safari 3.x, Safari 4.x, Safari 5.x and Mozilla Firefox 3.x and higher.

AVG's Free LinkScanner for Mac product protects users against the ever increasing online Web-threats by dynamically scanning web pages before they open in a Mac to see if they are genuine sites. If it detects something suspicious, AVG Linkscanner notifies the user that the web site is malicious.

According to AVG research, 99 percent of all malicious threats are delivered through the Web and cannot be stopped with traditional anti-virus software. These threats can come and go within hours and can live on familiar, big-name sites and even on third-party applications on popular social networking sites, without users even noticing. And, with the growing popularity of social networking sites such as Facebook, Twitter and others, the bad guys are using these sites as their main vehicle for spreading malware.

Like AVG's extremely popular free AVG LinkScanner for Windows offering which has more than 95 million users, AVG LinkScanner for Mac allows users to surf, search, email, shop and use social network programs online with the confidence that the pages they visit are safe and the places they choose to visit online are safe to enter personal and private information. AVG LinkScanner updates continuously with data garnered by AVG's industry-leading research team and user community, checking each web page a user tries to visit in real-time before it opens on the Mac, warning users to refrain from opening them if AVG LinkScanner detects threats.

"Mac users have traditionally been less vulnerable to virus threats and attacks because of their lower market share, but that is quickly changing and no operating system is immune, as these attacks are leveraging the web to deliver malware that targets web browsers and application vulnerabilities," said Lloyd Borrett, Security Evangelist for AVG (AU/NZ).

"AVG LinkScanner for Mac takes the first step to ensure customers are safe and won't end up losing their money, identities and precious digital memories. In addition, this new product has been enhanced to better protect users from being scammed or phished and from entering personal information into infected games, quizzes, surveys etc., on social networking sites. We want to help everyone keep their private personal information private! And, because AVG believes strongly that security software like AVG LinkScanner is critical, we believe it should be free."

AVG LinkScanner for Mac can be downloaded free from www.avgfree.com.au/Mac.

AVG Researchers Identify New Social Network Application Threats

Tue, 08 Jun 2010 14:00:00 GMT

Political Hacktivists Deface Facebook Members' Pages to Make Statement

Melbourne, 9 June 2010 - AVG (AU/NZ) Pty Ltd has announced that researchers at AVG Technologies have discovered a new threat to Facebook: "Political Hacktivism", or the non-violent use of illegal or legally ambiguous digital tools in pursuit of political ends. Over the weekend of 5-6 June 2010, AVG researchers noticed that a number of Facebook accounts had seemingly been hacked by Turkish hackers in retaliation for the recent Gaza blockade incident.

The threats seem to take two forms which AVG researchers note probably indicates there are two individuals or groups involved, and it appears they are Turkish hackers. These tools include web site defacements, redirects, denial-of-service attacks, information theft, web site parodies, virtual sit-ins, virtual sabotage, and software development.

"The number of hacked accounts is fairly small, so far less than fifty, which would indicate that it is not an automated attack, but the number is still increasing, albeit slowly," said Roger Thompson, AVG Chief Research Officer. "This is the first time, as far as I am aware, that Facebook has been a victim of political hacktivism."

Thompson continued, "Given that the attack seems to be being run by Turkish hackers, and that Turkish hackers had once claimed a world record for defacing 37k pages in a single day, we should not discount the thought that they might find an automated way to move, and we should be extra vigilant with what we click. Think before you link."

This hacktivism on Facebook is another in a continuing string of malicious attacks to the popular social networking site.

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said: "AVG recognises the power that social networking brings to our professional and personal lives and does not advocate giving up on the technology altogether. However, we do have some recommendations on how to best protect yourself."

Make sure you practice safe surfing. AVG LinkScanner® is a free web tool that can identify web based threats in real-time and let you know if a page or link is poisoned, when your web browser tries to load the web page.
If you ever have to install a viewer to watch a video, something is probably not right. Go to the video player application's official website and download the application there. Never download through a link.
Make sure your anti-virus and security software is up to date. If you don't have anti-virus and anti-spyware software, you can download AVG Anti-Virus Free Edition at www.avgfree.com.au.

"Remember that any information available about you online is potentially there forever," Borrett continued. "Friends and family you trust, but also friends of friends who you may not trust, plus current and future employers, and the bad guys can all easily access your information if you don't appropriately change the privacy settings on social networking sites and be discerning about who you accept as your 'friend'. You can check what information about you is publicly available online by typing your own name into a search engine."

AVG (AU/NZ) has a comprehensive range of security tips for home and business users on its web site at www.avg.com.au/resources/security-tips/.

The Australian Government web site Stay Smart Online also contains useful advice for protecting yourself from Internet threats at www.staysmartonline.gov.au. The new publication "Protecting yourself online: what everyone needs to know" contains practical advice and important information for everyone on how to stay safe online. You can also view or sign up for the plain language, free Stay Smart Online Alert Service at www.staysmartonline.gov.au/alerts.

AVG (AU/NZ) Supports National Cyber Security Awareness Week

Sun, 06 Jun 2010 14:00:00 GMT

AVG provides the help you need to protect yourself online

Melbourne, 7 June 2010 - AVG (AU/NZ) Pty Ltd today announced its support for the fourth annual National Cyber Security Awareness Week 2010. The week aims to help Australians understand cyber security risks and educate home and small business users on six simple steps they can take to protect themselves online.

AVG (AU/NZ) believes that cyber security protection and education is an important issue every day of the year. "AVG's award-winning Anti-Virus and Internet Security software products help to protect the active Internet users of more than 4.6 million PCs across Australia and New Zealand from global cyber criminals," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "Cyber crime is increasingly sophisticated and organised, but complex and poorly understood. It's under reported because victims are embarrassed and confused.

"Sure, like other security companies, AVG helps to protect people using advanced technologies," Borrett continued. "But by participating in National Cyber Security Awareness Week we can also continue our efforts to help people understand how the bad guys have brought age-old fraudulent human and social engineering exploits into the online world.

"Ignorance of the risks and nature of cyber crime is what poses the greatest threat to Internet users. 80% of cyber crime attacks are easily preventable, if you know what to do."

AVG (AU/NZ) will support the week by participating in the Cyber Security Roundtable for People with Disabilities on Monday 7 June at Parliament House, Canberra. Leading advocates in the cyber security and disability sectors will discuss industry and government initiatives designed to create a safer online experience. Borrett will speak and participate at the Roundtable to shine a light on the current and likely future state of the online security landscape and what everyone needs to do to stay safe online.

Borrett will also be speaking at the separate Community and Small Business sessions for National Cyber Security Awareness Week being held in Bendigo, Victoria on Tuesday 8 June, which are being hosted by Continuing Education Bendigo.

On Thursday 10 June, Borrett will be at ANZ Bank headquarters in Melbourne to speak and participate in an expert panel session looking at how cyber crime is impacting government and business alike and the things people can and should be doing to address associated issues.

AVG (AU/NZ) will continue its well received series of informative security tips (www.avg.com.au/resources/security-tips/) which are fast becoming a rich resource of material to help families and business.

As a part of National Cyber Security Awareness Week 2010 the Australian Government launched the "Protecting Yourself Online – What Everyone Needs to Know" booklet. It contains practical advice on how people can secure their computer, be smart with their online finances and identities, and keep themselves and their family safe online. The booklet is available on the government Stay Smart Online web site at www.staysmartonline.gov.au. You can also view or sign up for the plain language, free Stay Smart Online Alert Service at www.staysmartonline.gov.au/alerts.

The Seven Pillars (Components) of Online Security Suite Wisdom and You

Mon, 31 May 2010 14:00:00 GMT

AVG (AU/NZ) Explains the Different Components of Internet Security Software

Melbourne, 1 June 2010 - AVG (AU/NZ) Pty Ltd continues its series of informative security tips by explaining for consumers and business people the major components of Internet security software.

So you've decided not to risk it any longer. You are going to install some much needed online security software. That's a great decision! Now all you have to do is pick your package and away you go. It's as simple as that isn't it?

"Well, not always," says Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "You see, there are products featuring protection aimed at anti-virus, anti-spy, anti-spam, firewall and many more areas."

What on earth do all these tools do and how do you know if you need them?

Let's take a look at what would normally be included in a security package. "Basically there are seven typical components of an online Internet security suite and depending on what you do online, you may, or may not, need them all," Borrett continues.

Seven pillars of online security suite wisdom if you like - and knowing what kind of guidance and protection you need now becomes critical. You might never have tried to 'define yourself' before, but now is the time as you will probably be making a decision on what type of product you need based upon what type of user you are.

The seven pillars (components) of security wisdom

Anti-virus software:- everybody's bread and butter for the online safety:
This is the one that everyone has heard of. Anti-virus software is often free for the basic editions and it knows about, detects and prevents viruses, worms, Trojans and some other malicious software code intended to damage your computer or your data (basically, your personal information). Malicious software code may also intend to use your computer to launch attacks on others, and anti-virus and Internet security software can prevent that too.
Anti-spyware software:- if you don't have it today, then you need to get it:
This is protection against the category of spyware, adware and other malicious software that tries to watch what you are doing online in an attempt to steal your information; passwords, bank account number, etc. This is part of the reality of our everyday world and will soon be as commonplace to your PC usage as your keyboard is to you now. Today, most free and commercial anti-virus and Internet security products include anti-spyware protection.
Link scanning software:- essential for the casual surfer and the heavy web user:
A 'Link scanner' integrates into your Internet connection and automatically warns you if you are about to visit a web page that is a potential threat. You may have found the web site through a link in a search engine's results list, or through a link that has been sent in an email. This type of tool is an essential must-have for both heavy and light users for different reasons: the light user may not see enough potentially malicious links to build up a general awareness of what is harmful - and the heavy user might surf so fast that they fail to spot them, either way a link scanner becomes essential. AVG LinkScanner®, available as a free stand-alone product and included with other AVG free and paid products, provides real-time protection by checking every page for web exploits before it's passed to your browser. Today, most other anti-virus products don't include a link scanner.
Anti-spam software:- essential for new users, extremely nice for all of us to have:
Spam is the common term for 'junk' e-mail which you never asked for and don't want. Spam is gradually getting more malicious, as it can now be the carrier of a 'phishing' attack - asking you to go to 'your bank' or 'your Facebook account' and then to enter your username and password. Anti-spam software filters out these messages so they never reach your inbox in the first place. Most regular PC users have their own spam filters set up via their e-mail client, but a little extra protection doesn't hurt.
Behaviour monitoring software:- especially useful if someone else helps look after your PC:
Different vendors have different names for this (AVG calls it Identity Protection), but essentially this is software that forms a layer on top of your anti-virus package to detect any suspicious behaviour of programs on your computer. Typically, behaviour-monitoring software doesn't need to get updates from the Internet. Instead of watching for the latest known threats it watches out for software doing things that it shouldn't. If you are one of those people that uses a friend or even a local software support company to help you run your PC, or you like to do shopping, banking or gaming online, then this kind of security layer is essential for peace of mind. Today, most free and paid anti-virus products don't include behaviour monitoring protection, but some Internet security products do.
File download, online chat and social networking protection:- are you a heavy web application downloader?
This is software that specifically checks downloaded files for Internet threats after they have been received, but before you open them. If the file is perceived as a threat, it is normally blocked or archived somewhere on your PC where it cannot be activated. This type of product has a useful place on any PC for sure, but it will be of most value to those users who typically download a lot of applications from the web and/or are heavy users of web-based applications themselves. Today, most free anti-virus products don't include this layer of protection.
Firewall:- not just for large enterprises and corporate businesses:
A Firewall watches everything on your computer that tries to exchange Information with the Internet and also watches anything on the Internet that tries to send data back to your computer. It then either blocks information exchanges that it knows shouldn't be happening, or checks with you whether the software that you are running really needs to connect the Internet the first time that software tries to do so. While you might still perceive this kind of protection layer as something only used by companies, Firewalls have a place in all systems and it won't be too long before we start to think about bringing in Firewall protection layers. Some paid anti-virus products and most Internet security products include a firewall.

Borrett concludes, "Think about each of the above security components and how it might apply to you. Now that you're building up a robust understanding of Internet threat defence layers, you can feel more confident about selecting an online security product that will provide complete protection for everything you love to do on the web!"

The Australian Government web site Stay Smart Online also contains some useful advice for protecting yourself from Internet threats at http://www.staysmartonline.gov.au. You can also sign up for its free Cyber Security Alert Service.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

AVG Internet Security Free for Staff at Home with Purchase of AVG Internet Security Business Edition

Sun, 30 May 2010 14:00:00 GMT

AVG (AU/NZ) Helps Business 'Make the Match' Between Online Threat Exposure and the Right Protection

Melbourne, 31 May 2010 - AVG (AU/NZ) is offering any business which purchases its award winning AVG Internet Security Business Edition protection for network workstations and servers, a free copy of its AVG Internet Security suite for use at home by every employee covered under the business license. This premium combination delivers complete protection for the business, plus complete protection for staff at home. The special promotion runs until the end of July 2010.

AVG (AU/NZ) has seen the sophistication of online threats move well beyond viral attack. Switching from anti-virus to full Internet security protection is vital to business continuity, plus the integrity of business information and business IP. And the company also recognises the benefit of greater employee understanding of cyber threats and their impact on the business as a whole.

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said: "The Internet provides unrivalled business opportunities for competitive advantage, but also increases exposure to the hundreds of thousands of online threats and poisoned web sites which are being generated daily.

"When employees go online both at work and at home, they're indirectly connecting with millions of other people via the Internet. That alone poses a big threat to the security of business data - never mind the disruption that comes from a malware infection that puts your business network out of commission for hours, even days.

"AVG (AU/NZ)'s offer of free AVG Internet Security software for employees not only provides broad reaching protection for staff at home, but also helps business owners raise awareness of cyber threats. With heightened levels of understanding, employees will reduce their unintentional or careless behaviour when online. Having staff conscious of their Internet safety and fully protected both at work and at home has benefits for all."

Making the Match: Internet 'active' or Internet 'passive' - determining levels of protection

AVG (AU/NZ) is also helping businesses 'Make the Match' between their exposure levels to online threats and implementing the most appropriate level of Internet security.

Internet 'passive' business users, who use PCs in a limited way for internal data and systems, surfing the Internet and sending e-mails, can be confidently protected by AVG Anti-Virus Business Edition.

Internet 'active' businesses use the Internet for such activities as complete online transactions with suppliers or customers involving sensitive data; storing personally-identifiable information about customers or employees; or exchanging sensitive business information over e-mail and instant messaging.

These businesses have a very high level of exposure and need the complete protection of AVG Internet Security Business Edition, which is engineered to be light on resources and fast in operation.

AVG Internet Security Business Edition's multiple layers of protection include:

High-efficiency Anti-Virus, Anti-Spyware and Anti-Rootkit scanning to provide great malware protection without getting in the way of business
Data Protection module to ensure safe online business transactions by adding a vital extra security layer of protection against unknown threats
AVG LinkScanner® web protection technology which blocks access to poisoned web pages
Enhanced Anti-Spam module which prevents e-mail from phishers, scammers and spammers from clogging workstations
Anti-Spam Server Protection module which keeps the e-mail server running smoothly and prevents viruses and other threats from spreading via e-mail
Enhanced two-way firewall which works in the background to keep hackers and botnets out without interrupting business
Linux-based AVG Rescue CD which makes sure the network can be recovered from a serious existing infection
Enhanced centralised administration and management with automated updates, remote repair and security policy enforcement

The award-winning AVG Internet Security Business Edition protects Windows based business workstations, file and e-mail servers. It's used across the world by SMB, government, education and enterprise businesses to protect from 5 to 1000s of networked systems.

AVG Internet Security Business Edition is available both direct from AVG (AU/NZ) and via the extensive network of AVG resellers nationwide. Prices start at just A$318 for a 5 computer, 1 year licence, which with the special 'Make the Match' offer includes 5 free 1 computer, 1 year licences of AVG Internet Security valued at A$70 each.

In addition, AVG (AU/NZ) also has discounts of up to 50% off RRP available for schools, colleges and universities, plus up to 30% discount for local, state or federal government, churches, charities and other non-profit organisations.

Great Security Myths #2: I Don't Need Anti-Virus Protection, I Bought an Apple Mac!

Thu, 27 May 2010 14:00:00 GMT

AVG (AU/NZ) Explains Why Mac Owners Should Not be Complacent Online

Melbourne, 28 May 2010 - AVG (AU/NZ) Pty Ltd warns that Apple Macs running the OS X operating system, or some flavour of Linux distribution, are not immune to viruses, malware and other forms of Internet-carried spambots, Trojans, hacking and phishing.

Free Image Copyright: Wikimedia Commons

That's right, Apple Macs running the OS X operating system, or some flavour of Linux distribution, are open to attack from cyber criminals.

Now of course hackers and spammers are not stupid and they know that Windows users represent the 'low hanging fruit' in terms of potential targets. The sheer weight of numbers that the Windows' user base carries with it makes it the primary target for malware attacks - and it's going to stay that way for the foreseeable future.

"But," Lloyd Borrett, Marketing Manager, AVG (AU/NZ), says: "The web changes everything. More specifically, web services, social media and online applications change everything.

"Suddenly you are operating one step further away from your Mac's desktop and you are at the mercy of live real-time contact from third parties and the World Wide Web in general. This levels the playing field in some senses, so that suddenly your Mac is not a Mac for a moment - instead it's just a computer."

With the growing popularity of web services from Twitter and Facebook and so on, the opportunity to spread malware hidden in a simple link has, arguably, never been greater. Because of this, AVG has been working on porting its Anti-Virus products to the Apple Mac OS X format for the last two to three years. AVG's security software solutions for Linux have already helped it in that regard.

So Mac's do have vulnerabilities and people should be increasingly aware of browser security concerns. Without identifying specific security holes in Safari or Opera (or Firefox for that matter), AVG contends the operating system is no longer the primary target for Internet-driven user attacks by cyber criminals. The target is the application itself and the user's behaviour within it.

Apple's popularity is growing all the time even if its market share is still somewhere around less than 10 percent globally. Just this year security researchers found eight fresh zero-day vulnerabilities in Apple's Safari browser.

"What matters most is that viral attacks are constantly evolving and looking for fresh blood," Borrett continued. "So, everyone needs to think about Internet security protection. It's as simple as that."

Technical Facts

Looking objectively at the Mac operating system and tools, there is arguably a larger total surface area of code open to potential attack.

Combining rich use of Flash and Java with support for multiple file formats does not exactly put up extra barriers. Digging deeper, Address Space Layout Randomisation (ASLR) has been around since Windows Vista as an anti-exploitation technology, yet it is only present in Mac OS X 10.5 in some library offsets and therefore does not offer complete protection in the way that the technology was designed.

Borrett concludes: "So Apple Mac, Windows or Linux, the fact is that regardless of the operating system each of us is using, we're all in this together. Everyone needs to be aware of what they are clicking on and use their commonsense - if something doesn't look quite right, it probably isn't!"

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

Essential Protection Against Computer-Based Attacks

Wed, 26 May 2010 14:00:00 GMT

AVG (AU/NZ) Advises How to Avoid Internet Security Threats

Melbourne, 27 May 2010 - AVG (AU/NZ) Pty Ltd continues its series of informative security tips by showing how consumers and business people can recognise Internet security threats well enough to avoid them.

Lloyd Borrett, Marketing Manager at AVG (AU/NZ), says: "With a little knowledge, a little caution and a little rigour applied to processes you use to make sure your operating system, Internet browsers and other PC applications are always up to date - and by using a good online security product - you can be confident that you are protecting your electronic information and your online lives against virtually every Internet threat that is likely to attack."

Deception attacks: The best defence against deception attacks is to never open an attachment or file, never download anything from the Internet and never visit web sites that you are directed to from an embedded link. But just how practical or fun is that? There is too much great content out there to learn from, to enjoy and to make life simpler.

So let's get practical and down to basics. Back in the real (online) world, there are a few fundamental steps that every Internet user should take if they want to avoid being deceived.

Use caution when downloading or opening files
Ask yourself: "Do I recognise this person sending me a file or telling me to visit a web site? Can I be sure that it's really them? Is the message written in language and style that my friend or this organisation would normally use?"

Incredibly, it is both free and easy to fraudulently send an e-mail that appears to come from someone else's e-mail account! So what should you do to be on your guard? Do you reply to an e-mail that looks a little strange and ask the sender whether they intended to send it and to confirm where they got the file if there is an attachment? Do you ask them if they themselves exercised similar caution when they received the file?

In truth, you're not going to want or be able to engage in that kind of discourse with every slightly suspect link or attachment that you see, so if you don't recognise the sender and it looks suspicious then delete it. So put simply, be careful where you click and exercise a little EXTRA common sense!
Use caution when following links to web sites
If you are asked to visit a web site, ask yourself whether the 'URL bar' (the 'address bar' at the top of your Internet browser) starts with exactly the same Internet domain name you would usually use to access that company's site? If in any doubt - check!
Don't surf the web or open files when you have Administrator privileges
One of the easiest ways to protect yourself from many deception attacks - those that install unintended software on your computer - is to avoid logging into your computer using the 'Administrator' account, or using a personal account that has 'Administrator' privileges.

If you do need to log in as Administrator (to change your system settings etc.) , make sure at least that User Access Control (UAC) is enabled. If you are using Windows Vista or Windows 7, then you will be asked if you really want to install. This is easy to turn on from the Windows CONTROL PANEL just by typing "UAC" into the search box.
Protect yourself with up-to-date Internet security software
Finally, of course, keep the online security software up-to-date on your PC - it really is essential! All the main security software companies, including AVG, spend millions every year to ensure that whenever there's a new Internet security threat, we work out what the risks posed by that threat are, how the mechanics of the threat may cause it to target you and how to protect your computer from it.

Exploit attacks: The makers of operating systems, Internet browsers and the most common software applications spend vast amounts of time and money looking out for new security threats that exploit potential problems within their products, and whenever one is found (by anyone) they usually fix the hole in their software quickly and release an update. This software fix is usually known as a 'patch' or as an 'update'.

All computer users should regularly visit their operating system vendor's web site (e.g. http://windows.update.com for Windows) and run the update software to keep their OS and tools bug free. In fact, if your OS allows for automatic updates - turn them on!

Similarly, you should follow the update guidelines and visit the web sites of the companies that supply all of the software you use, to ensure that you are always running the latest version and are up to date with security fixes.

Essential protection against malicious exploit attacks is ensured by maintaining up to date online security software. Anti-virus and Internet protection products from all of the main Internet security vendors are updated to protect against exploitable holes in common software as soon as those holes are found. Some of these security products even use techniques to watch your computer for potential Internet-based threats that may be trying to exploit software holes that haven't yet been discovered.

Essentially, these products maintain a database of viral threat 'definitions' (also known as signatures) that contain the details of known viruses that have been intercepted and recorded to date. They also contain characteristic and behavioural data common to recent and emerging viruses - and it is this behavioural data that holds an important part of the key to beating the malware that seeks to make our lives a misery.

AVG LinkScanner® safe search and surf protection alerts you to poisoned web pages that can let hackers into your network, so make sure it's installed on your computer - it's available as a free standalone product (www.avgfree.com.au) or as part of AVG Internet Security 9.0.

"Today there's just no excuse not to have at least a basic level of protection in place since it literally costs nothing," says Borrett.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

Facebook Privacy is Complicated

Tue, 18 May 2010 14:00:00 GMT

AVG (AU/NZ) advises users to check their Privacy settings on Facebook

Picture Credit: Paperiaarre

Facebook is one of the most popular web sites with more than 400 million registered users, half of which log into the social network every day. Over recent days, a fire storm has erupted over Facebook's revised privacy settings. Essentially, privacy settings now require users to manually "opt out", if they wish to protect their personal information. If they don't do this, some of their personal data will be publicly shared.

As this infographic shows, controlling your privacy settings on Facebook is quite complex. If you want to keep all of your personal information private, you will need to invest some serious time and go through all of the 50 privacy settings with contain more than 170 options. To make matters worse, Facebook seems to make it increasingly difficult to change the privacy settings and opt-out of public sharing.

The good news is that Facebook does at least provide some guidance on Privacy on its web site. However, the bad news is that the Privacy Policy is 5,830 words long. The really bad news is that even after navigating the 170 options, some personal information may still be shared across Facebook! (NB. Under the Account Settings option, untick the options for sharing information with advertisers, if you do not want your details shared with them.)

According to Facebook’s Privacy Guide, the site segments its members into three broad areas - Friends, Friends of Friends and everyone else. Using the inbuilt privacy controls, you can decide which person has access to which parts of your data. However, it is not always easy to configure these settings for each user. So what can you do to make your life on Facebook a little bit easier?

Lloyd Borrett, Marketing Manager at AVG (AU/NZ), suggests: "You may wish to create a number of groups for your Facebook 'Friends'. For example, Friends, Family and Work. This will allow you to assign a number of different sharing settings with each group. Therefore, only certain people see the data that you wish to share. All Facebook ('The Unofficial Facebook Resource') has published an excellent article on protecting your privacy and is well worth reading too."

"Our advice is to take a serious peek into your privacy settings and make sure you are happy with what you are or aren't sharing. And don't forget you need to LOG OUT of Facebook once you finish reading posts. You just don't know what information could be leaking."

See also:
Facebook Shares Personal Information Across the Web By Default
AVG warns you need to logout of Facebook if you want to maintain your privacy http://www.avg.com.au/news/avg_reports_facebook_shares_personal_information_across_the_web_by_default/

Ten Tips for Staying Safe on Facebook
Say what you want on Facebook but be careful about it, warns AVG (AU/NZ)
http://www.avg.com.au/news/avg_ten_tips_for_staying_safe_on_facebook/

For more AVG security tips, see http://www.avg.com.au/resources/security-tips/.

AVG Researchers Identify Massive Propagation of Rogue Applications through Facebook

Mon, 17 May 2010 14:00:00 GMT

Adware uses subterfuge to entice Facebook members to click.

Melbourne, 18 May 2010 - AVG (AU/NZ) Pty Ltd today revealed research by AVG Technologies into a very aggressive, expansive push by rogue applications on Facebook this past weekend. AVG researchers indicated that from midnight to 9 am EST on Saturday, 15 May 2010, AVG software detected and blocked more than 300,000 rogue applications. That rate was more than three times the rate of the number two for the day for rogue anti-spyware.

"This latest issue really underscores how powerful, while at the same time vulnerable, social networking applications are. This attack was actually stunning in terms of scale," said Roger Thompson, AVG's Chief Research Officer. "Facebook is very responsive to threats when we identify them, removing these applications as soon as they find them, but the rogue applications are still able to generate huge traffic, just because of the viral nature of social networks. It is staggering how many threats were propagated before they were stopped."

Ironically, the attack, which offers a picture of a girl in a bikini to entice the victim to install an adware-supported viewer, was not viral according to AVG researchers, and was first seen in different forms last week. AVG's system is set to alert the research team when certain nefarious behaviours and activities are detected. By 9 am EST, AVG's servers had detected more than 200,000 of this particular threat. By comparison, the second highest detection at that same time was about 24,000 of a particular rogue anti-spy, so at one point, this push was nearly ten times the number two detection.

Last week's rogue push peaked at about 80,000 for the day, and had dwindled to just a couple of hundred per day by Friday, 14 May 2010. At that point AVG researchers were hopeful that the adware attack would cease; however, all indications point to the fact that they were just gearing up for a fresh start… and a powerful one at that.

Thompson added, "Interestingly, they launched it on a Saturday. I guess they figure we don't watch on the weekend, but malcode researchers are all cut from the same cloth as Inspector Gadget… we're always on duty."

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said: "We recognise the power that social networking brings to our professional and personal lives and we don't advocate giving up on the technology altogether. However, AVG does have some recommendations on how to best protect yourself"

Make sure you practice safe surfing. AVG LinkScanner® safe search and surf protection is a free web tool that can identify threats in real-time and let you know if a page or link is poisoned, before you click.
If you ever have to install a viewer to watch a video, something is probably not right. Go to the video player application's official web site and download the application there. Never download through a link.
Make sure your anti-virus and security software is up to date. If you don't have anti-virus software, you can download AVG Anti-Virus Free Edition. For greater protection, there is AVG Internet Security 9.0.

Borrett advised, "As with any online activity be smart, be aware, be careful, and you can stay as safe on Facebook as anywhere else online."

For more AVG security tips, see http://www.avg.com.au/resources/security-tips/.

Also, the Australian Government web site, Stay Smart Online, has some useful tips at http://www.staysmartonline.gov.au/smart-online/social-networking

Why Security Software? Understanding the Threats

Mon, 17 May 2010 14:00:00 GMT

AVG (AU/NZ) explains the basics of online security and what threats really are

Melbourne, 18 May 2010 - AVG (AU/NZ) Pty Ltd continues its series of informative security tips by going back to basics to help educate consumers and business about Internet security and today's online threats.

The Internet is fast becoming the single defining place to go to for information, communication, financial management, employment and entertainment. Once you get into the habit of going online more and more often, it is easy to become confident that you'll be alright. Nothing bad has happened to you yet has it? You tell yourself, "I'm careful and I don't visit weird sites, so why do I need security software?" But it only takes one malicious attack to slip through your carefully constructed personal net and you may suffer the consequences for a long time.

Lloyd Borrett, Marketing Manager at AVG (AU/NZ), says: "What most people don't fully understand and don't have the time to research, is the way in which threats can present themselves and how to identify the right solution for their own PC."

Borrett advises that Internet threats can be broadly categorised into five groups:

Malicious software designed by hackers to cause disruption, perhaps by damaging your computer's operating system or your installed applications, or often, by destroying your important files.
Malicious software, web sites or e-mails intended to steal information from your computer; this commonly includes identity information such as login details for your e-mail, social networks, shopping sites or bank accounts. In the end, what the bad guys are after is your money.
Malicious software that tries to use your computer, your Internet connection or your e-mail account for the purposes of launching a criminal attack against other people or organisations.
Malicious software and spam that tries to show you information you don't want and haven't asked for - perhaps by constantly popping adverts on your computer or taking you to Internet sites you never dreamed of visiting.
Downloads, auto-downloads and auto-updates - are these essential health care top-ups or hidden menaces? Well, some downloads you will genuinely need and some application updates are essential, but the threat lies in those downloads that are NOT chosen by the PC owner or are brought about unwittingly while a user is simply surfing an infected web site. If a download happens in the background so the user does not see it happening, or if a download contains a rogue malware element then this represents the greatest danger of all, i.e. hidden threats that use stealth to cover their entry into your system and may remain undercover until they are ready to wreak maximum havoc.

"Installation or activation of this malicious software should of course require an action from you, such as double-clicking an attachment to open it and then confirming that you want to execute whatever it contains. However, you are unlikely to open such a program or document if you know that it is malicious, so the criminals who design this software use two main tricks: deception and exploitation," he explains.

Deception: Malicious software is disguised or hidden within software or files that you believe you want to install or view, thus you are tricked into opening software you didn't actually want. Similarly you may be directed in an e-mail to visit a site that looks like one you commonly use, such as your online bank, and you are asked to type in your user name and password. Again, deception is being used to take you to an unsafe site in disguise. It is simply there to capture your identity.

Exploitation: Operating systems, Internet browsers and the programs that are used to open attachments, such as office software or document readers, often have software 'holes' or 'bugs'. This vulnerability is also exploited to launch unsafe software without your explicit consent.

So now you know what the threat might look like, do you feel confident that you would always recognise one and avoid it? Perhaps a little investment into some online security software might not be a bad thing after all.

AVG is widely known for the multi award-winning AVG Anti-Virus Free product used by millions of Australian home users to combat computer viruses, spyware, malware and online threats, as well as AVG LinkScanner® safe search and surf protection. You can download them from www.avgfree.com.au.

"Today there's just no excuse not to have at least a basic level of protection in place since it literally costs nothing," says Borrett. "We also have paid consumer products, like AVG Internet Security 9.0, designed to deliver extra protection for the things people love to do online, like shopping, banking and gaming; downloading music, photos and videos; chatting with friends; and using Facebook and Twitter."

AVG's business solutions include the powerhouse AVG Internet Security Business Edition 9.0 solution for protecting workstations, file and e-mail servers, as used across the world by businesses from 5 to 1000s of networked systems.

The Australian Government web site Stay Smart Online also contains some useful advice for protecting yourself from data theft at http://www.staysmartonline.gov.au. You can also sign up for its free Cyber Security Alert Service.

AVG (AU/NZ) has a comprehensive range of security tips on its web site at http://www.avg.com.au/resources/security-tips/.

Think about your security protection for all of our sakes, please, because the more safe foundation points we can all help build, the safer the total breadth of cyberspace will be.

AVG Technologies Teams Up with Affinegy for a Secure Digital Home

Sun, 16 May 2010 14:00:00 GMT

Affinegy to integrate AVG Internet Security suite to combine desktop safety with full connected home and wireless security for easy and safe digital lifestyle management

Melbourne, 17 May 2010 - AVG (AU/NZ) Pty Ltd has announced that AVG Technologies has begun working with US-based Affinegy, provider of intelligent home networking solutions to millions of broadband subscribers, to fully integrate AVG Internet Security 9.0 with Affinegy's DigiDo™ Platform. Together with AVG, Affinegy will allow service providers to offer consumers the first easy-to-use and comprehensive secured Internet experience, whether at home or on-the-go.

"We are excited to work with AVG to deliver advanced, comprehensive desktop security across the connected home, while offering an easy, seamless consumer experience," said Affinegy CEO Melissa Simpler. "As home users connect more digital devices to each other and to the Internet, this integrated offering will provide a complete solution for installing, managing, expanding and fully securing their digital lifestyle networks."

As consumers rapidly expand their digital footprint both inside and outside the home, they become increasingly vulnerable to security breaches. The integration between the Affinegy DigiDo Platform and AVG Internet Security 9.0 will offer unprecedented protection against this growing threat, by providing:

The real-time protection needed against malicious attacks that occur through seemingly harmless social networking sites and general Internet use
A secure check of links before and during navigation with AVG LinkScanner® to ensure the safety of Internet destinations
A wireless security manager with network-wide encryption updates, smart profiles and easy protection of the home router
Automatically-managed, network-wide updates of home and desktop security manager, with the ability to check security settings for the whole home network and update all computers to the latest protections from any computer
Easy-to-use, highly graphical user interfaces that intelligently guide the end user's configuration and management of their network security and connectivity, both at home and on-the-go.

"As consumers take more of their lives online and embrace a digital lifestyle, it is increasingly important for service providers to offer complete solutions that do more than protect individual computers. Technologies must not only manage our consumers' digital lifestyles, but also secure them," said J.R Smith, CEO, AVG Technologies. "AVG is dedicated to ensuring a secure and smooth digital experience, and working with Affinegy will help us to extend that support to better provide for our home users and their networks."

About Affinegy - www.affinegy.com
Affinegy provides software solutions that enable seamless connectivity between consumers, their devices and their content, whether inside or outside the home. Affinegy's DigiDo™ Platform is a flexible, extensible suite of digital lifestyle enablement applications, which allow consumers to easily install, manage and expand their home data and entertainment networks. Leading service providers, consumer equipment vendors, and ISVs offer Affinegy solutions to their customers as the control point for their connected home experience. Deployed in nearly 5 million households, Affinegy solutions increase product and service adoption, slash inbound support costs, and provide an open architecture for delivering new value-added services for the consumer digital lifestyle.

Who's the Bigger Threat? Staff or Cyber Criminals?

Thu, 13 May 2010 14:00:00 GMT

Melbourne, 14 May 2010 - Internal staff have traditionally been viewed as a bigger threat to business security than external hackers. AVG (AU/NZ) looks at whether this still holds true given the increasing sophistication of cyber criminals.

Did You Know?

A decade ago, viruses and other forms of malware were authored primarily by young, attention-seeking amateur coders
Research by Verizon suggests 74 percent of data breaches are generated by external sources
Figures cited by the World Economic Forum indicate that online theft alone in 2009 totalled around US$1 trillion

Conventional wisdom indicates that the biggest threat to most companies' IT networks comes from disgruntled employees rather than shadowy cyber criminals. Staff have access to passwords, and, in the case of the IT department, administrator privileges. What's more, they usually know what they are looking for and what it might be worth to a competitor.

The concept of the so-called 'insider threat' has been an enduring one in IT security circles and appears to be based in part on an early-nineties FBI study that concluded that 80 percent of IT security attacks were perpetrated by insiders. However, a lot has changed in 20 years - a millennium in Internet time. While once hackers and virus writers were often kids after kicks, today cyber crime has matured to become a huge business. Figures cited by the World Economic Forum indicate that online theft alone in 2009 totalled around US$1 trillion.

This effective 'industrialisation' of cyber crime may well have had an effect on perceptions of whether the 'insider threat' should still be the main priority when it comes to IT security. Organised criminal gangs intent on cracking into corporate networks in the same way they might target a bank vault may seem to be a more pressing threat than the odd wayward or disgruntled employee.

Lloyd Borrett, Marketing Manager at AVG (AU/NZ), explains why companies might want to reconsider where the bulk of their security resources are allocated. "A decade ago, viruses and other forms of malware were authored primarily by young, attention-seeking amateur coders (script kiddies or script bunnies) seeking to earn notoriety in underground hacker communities.

"The security landscape has, however, changed markedly during recent years. Organised criminal gangs realised that there was money to be made from malware and recruited skilled programmers to create malicious programs. These programs were not designed to cause disruption, but to enable the theft of money or data or both. This has led to the creation of an underground economy in which criminals can buy and sell data and the programs that are used to steal that data."

For more information, see the AVG Report "Why Traditional Anti-Malware Solutions Are No Longer Enough".

But while external threats appear to have become more organised with the backing of criminal networks, does this necessarily mean that it has overtaken the dangers posed by disgruntled staff?

Experts appear to be divided on the issue, in part due to the definition of what constitutes an internal threat as opposed to an external one. While the nature of cyber crime may have changed over the last 20 years, so has the average business.

Companies have become more fragmented and rely increasingly on consultants and outside expertise. Other factors, such as mergers and acquisitions, have made the previously stable borders of some large companies become increasingly volatile as they merge with competitors and take on their staff.

Dawn Cappelli, senior member of the technical staff at Carnegie Mellon University's Computer Emergency Response Team (CERT), recently explained how the organisation has had to tweak its definition of an 'insider' to keep pace with business practices. "Our definition of a malicious insider is a current or former employee, contractor or business partner," she explained. "We've added the business partner aspect to the definition because of recent trends we're seeing."

For its part, CERT, one of the main computer security organisations in the US, still supports the idea that internal threats are where companies should be focusing the majority of their IT security attention. The organisation has a section of its web site "Insider Threat Research" devoted to the issue.

"Insiders, by virtue of legitimate access to their organisation's information, systems and networks, pose a significant risk to employers. Employees experiencing financial problems have found it easy to use the systems they use at work everyday to commit fraud," the organisation claims in a report entitled The "Big Picture" of Insider IT Sabotage - www.cert.org/archive/pdf/08tr009.pdf.

But while organisations such as CERT are clear about the threats posed by insiders, other companies believe the increasing sophistication and organisation of cyber criminals have changed the game irrevocably. Communications company Verizon clearly believes that external threats are where companies should be focused.

The 2009 Verizon Business Data Breach Investigations Report (www.verizonbusiness.com/uk/products/security/risk/databreach) revealed that 74 percent of data breaches resulted from external sources, while 32 percent were linked to business partners. "Only 20 percent were caused by insiders, a finding that may be contrary to certain widely held beliefs," the report stated.

The Verizon report does go on to admit that many internal security breaches go unreported as companies are able to contain the negative publicity that might result from an incident being made public. However, the company still concludes that even with fewer internal incidents being reported, research conducted over several years backs up its argument that external attacks still pose a bigger threat. "Results from 600 incidents over five years make a strong case against the long-abiding and deeply held belief that insiders are behind most breaches," the company states.

But while some security specialists are focused on separating external threats from internal ones, other experts believe that being too focused on where the attack originated could prove to be a dangerous distraction.

"The whole insiders vs. outsiders debate has always been one of semantics more than anything else," security guru Bruce Schneier stated in a blog post. "If you count by attacks, there are a lot more outsider attacks, simply because there are orders of magnitude more outsider attackers. But if you count damages, insiders generally come out on top - mostly because they have a lot more detailed information and can target their attacks better." (http://www.schneier.com/blog/archives/2008/06/it_attacks_insi.html)

Schneier believes that companies would be better off taking a more holistic view of IT security and thinking in terms of how to safeguard their data and systems from attack no matter where it originates. "Both insiders and outsiders are security risks, and you have to defend against them both. Trying to rank them isn't all that useful," he states.

The Australian Government web site Stay Smart Online also contains some useful advice for protecting your business from data theft http://www.staysmartonline.gov.au/small-business-security/data-theft. You can also sign up for its free Cyber Security Alert Service.

Ultimately, it seems that while the danger posed by increasingly sophisticated cyber criminals may have increased over recent years, the more fragmented nature of many companies means that staff, partners and even customers also present a viable concern for insider attacks. While businesses would benefit from considering the different tactics employed by either group (cyber criminals or insiders), the best overall approach is to have a robust and adaptive security strategy in place to keep pace with the fast-evolving nature of IT security.

Facebook Shares Personal Information Across the Web By Default

Wed, 12 May 2010 14:00:00 GMT

AVG warns you need to logout of Facebook if you want to maintain your privacy

Melbourne, 13 May 2010 - AVG (AU/NZ) recommends that everyone consider the advice from AVG Technologies' Chief Research Officer, Roger Thompson, and actively LOG OUT of Facebook every session in order to prevent their privacy being compromised if they don't. As Thompson revealed today…

Pssst... You want to see something reeeeeaaaally scary?

Here it is...

On 29th April 2010, I surfed to CNN.com to check out the news... something I do quite often... I happily read about the oil spill and the asteroids, and then noticed the bit I have circled in red. It's a bit hard to read, but it says "Log in | sign up", and then "Friends' activity", followed by "View more friends' activity"!

Not 'View friends' activity', but 'more' friends' activity. I'm not logged in, but CNN knows who my friends are on Facebook! And just to prove it, the next line shows a post by one of my friends, recommending a video.

Given that Facebook has 400 million users, the odds make it unlikely that they just 'happened' to grab one of my friends.

I thought to myself, "They knew who I am! Dang! I wonder how many other web sites know that?"

And then, a couple of weeks later, I noticed that CNN.com had changed.

Now it says, "Hi! Log in or sign up to personalise", followed by "Log in with Facebook to see your friends activity", followed by some generic Facebook messages.

So I'm thinking, "What's going on? Is CNN no longer getting the information, or is CNN no longer disclosing that they have it?"

The answer is neither of those.

As is often the case, it turns out there's a more prosaic, but still alarming explanation. One of my AVG colleagues, Jas Dhaliwal, knew what was going on. He explained...

"CNN and over 100,000 other web sites are using Facebook's new social plugins that were announced at their F8 Developers conference a few weeks ago.

"The 'social plugins' are designed to show which of your friends are voting '"like' on a site's specific news stories. If none of your Facebook friends are clicking the 'Like' button, then Facebook aggregates the popular stories that are 'liked' on the site as a whole.

"The social plugins take the step of Facebook Connect, one step further. Connect was designed to be a 'Single Sign-On' for the web. In other words, you log into Facebook once, and when you visit other sites around the web, it would log you on to their site, using the Facebook credentials already provided.

"At the recent F8 conference, Facebook announced that they were going to remove the Connect button. So, if you've logged in once, it will remember your login. The social plugin caches that login data and uses a custom API to show which of your friends (i.e. your social graph) are visiting the same site.

"Why? Because, I'm likely to stay longer at a site, if I know my friends have been there… so says the psychological theory. Facebook have done a very, very bad job at explaining this. For most people, when they see CNN's Facebook plugin they are surprised, because as a user, you haven't given CNN or Facebook explicit permission to connect to your social graph/friends list."

Jas Dhaliwal concludes, "If you want to stop this type of behaviour, and thus do not want to see the stories that your friends are interested in as they visit the web, simply click "Log Out" of Facebook. This is something nearly no one does. Simply, closing a Facebook tab or window DOES NOT log you out of Facebook. I think the user community needs to be educated specifically on this."

Folks... you need to LOG OUT of Facebook once you finish reading posts. You just don't know what information could be leaking.

Just today, CNN was talking about the so-called Bling-Ring, where some LA kids made a point of robbing celeb's homes. They would use Google Earth to survey the homes, and find ways in. Paris Hilton lived in a gated community, but the kids found via Google Earth that there was a gully that went under a fence, and when they went and looked, found they could easily walk right in.

Then they simply watched Twitter until Paris announced that she was going out, and walked right up to her house.

And what about the social platforms that have location information? Telling your friends "I'm at the coffee shop" is fine for those interested in joining you for coffee, but there will be bad guys out there with larceny in their hearts.

Privacy, folks.... it's a serious issue.

Beware of Disposable Facebook Applications Installing Adware

Sun, 09 May 2010 14:00:00 GMT

Melbourne, 10 May 2010 - The researchers at AVG Technologies have recently been watching with interest the bad guys producing and distributing a profileration of Facebook applications that install adware.

Two AVG blog posts by Roger Thompson, AVG's Chief Research Officer, describe what they're seeing and what you need to be aware of to stay safe when you encouter this sort of Facebook application.

Disposable Facebook apps installing adware
http://thompson.blog.avg.com/2010/05/disposable-facebook-apps-installing-adware.html

Impressive numbers for disposable Facebook Apps
http://thompson.blog.avg.com/2010/05/impressive-numbers-for-disposable-facebook-apps.html

How Secure is Your Mobile Phone and What Can You Do About It?

Tue, 04 May 2010 14:00:00 GMT

AVG (AU/NZ) Continues its Series of Security Hints and Tips for Business

Melbourne, 5 May 2010 - Today's smartphones are, to all intents and purposes, miniature laptops. Many of the latest generation of smart phones run applications concurrently, just as their big brothers, the netbooks, do. Social networks have expanded exponentially at the same time, and those networks are spawning applications by the thousand every day. Facebook now has more than 400 million users and a million of those users are writing Facebook applications. Many of these apps will run happily on a mobile phone, and in fact are being demanded by mobile phone users.

While the phones themselves are rarely hit by viruses or worms (yet), they can help to spread malware when connected to a network, just like USB drives. Hackers and criminals have also been known to use text messages to direct unsuspecting users to infected web sites, according to Lloyd Borrett, Marketing Manager at AVG (AU/NZ).

"These messages, supposedly from a legitimate company, may try to convince you to visit a malicious web site by claiming that there is a problem with your account or stating that you have been subscribed to a service. Once you visit the site, you may be lured into providing personal information or downloading a malicious file," Borrett warns.

Other risks with smartphones relate to downloading content. Borrett's advice is for companies to warn employees not to download games or other unnecessary applications onto business-owned phones, just as they should not download such applications onto their work computer.

"There are many sites that offer games and other software you can download onto your cell phone or PDA. This software could include malicious code. Avoid downloading files from sites that you do not trust. If you are getting the files from a supposedly secure site, look for a web site certificate. If you do download a file from a web site, consider saving it to your computer and manually scanning it for viruses before opening it."

Aside from e-mail and web access, other ways criminal code could gain access to a mobile device is via the wireless networking technology known as Bluetooth. Borrett's advice when it comes to Bluetooth is to ensure employees know to keep it switched-off when it is not needed.

"Make sure that you take advantage of the security features offered on your device," Borrett says. "Attackers may take advantage of Bluetooth connections to access or download information from your phone. Disable Bluetooth when you are not using it to avoid unauthorised access."

Smartphones are also increasingly being used for purchasing goods and services, which makes them a primary target for cyber thieves. According to AVG's chief research officer Roger Thompson, "Viruses have, and will continue, to make it onto mobile devices from time to time. Just last month, we had a couple of iPhone viruses (or, more correctly, worms), but a virus is really only a virus if it spreads, and the malicious software we're going to see infecting mobile devices will be much more subtle than your typical virus."

Mobile malware will log keystrokes and snoop out user ids and passwords from mobile devices, according to AVG's Thompson. "There will also be malware that transmits information about our browsing habits to its masters, who will use that information to decide what ads to serve us," he says. "It's quite likely that the more nefariously-inclined will build up databases of background information about us, to be used to profile us for future criminal activity." Please feel free to read more of Roger's thoughts on this topic at http://thompson.blog.avg.com/2009/12/virus-migration-from-desktop-to-mobile.html.

The Australian government web site "Stay Smart Online" www.staysmartonline.gov.au explains you can tell if your mobile phone has been infected with malicious software, if:

there is a sudden large increase in your phone bill with no clear reason
your phone has e-mails and messages in the sent folder that you did not send, or
the user interface has changed without you taking any action to change it.

If you notice any of those things, you should contact your mobile phone manufacturer and/or phone company for instructions on how to remove the malicious software.

For more information on securing your mobile phone, please visit http://www.staysmartonline.gov.au/secure_your_mobile_phone. See also the following blog entries by AVG CEO J.R. Smith:

Test Yourself: Are You at Risk of Identity Theft?

Mon, 03 May 2010 14:00:00 GMT

AVG (AU/NZ) suggests you take the Privacy Awareness Week online ID Theft Test

Melbourne, 4 May 2010 - It's annual Privacy Awareness Week time (2 to 8 May 2010) and AVG (AU/NZ) suggests you might like to take the easy online multiple choice quiz which looks at 11 situations in which you might be subject to ID theft. The test from the Office of the Privacy Commissioner, Australia can be found at http://www.privacyawarenessweek.org/id_theft_tool/index.html.

Of course, if you're already running AVG Identity Protection or AVG Internet Security software on your PC, then you already have great protection against computer based identity theft. But just how secure is the information in your wallet, your mailbox or your mobile phone?

Taking the test will give you an overall assessment of how exposed you are to identity theft. Along with the test you will also find some simple and practical tips to help you better protect your privacy.

AVG (AU/NZ) Reveals the Evolution of a Successful Piece of Malware - Zeus 2.0

Sun, 02 May 2010 14:00:00 GMT

AVG provides an under the covers look at the evolution of the successful Zeus 2.0 malware threat

Flickr Credit: Sebastia Giralt

Melbourne, 3 May 2010 - AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, thought you might find it interesting to see how one of the most successful pieces of malware out there, codenamed Zeus, has managed to stay alive for such a long time.

"Zeus is probably the malware most used by cyber criminals specialising in financial fraud," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "It's a do-it-yourself crimeware kit responsible for millions of dollars in losses by consumers and businesses.

"Once your computer is infected by Zeus it becomes part of a criminal botnet," Borrett continued. "It can steal information such as your banking details, credentials for social networking sites and e-mail accounts. It is truly a global threat."

Although you may have read about Zeus (also known as Zbot) in the past, that was probably about Zeus 1.0 or its many sub-versions 1.2, 1.3, etc. that have spread all over the web for several years now. This article is about the latest Zeus version that hit 'the market' recently - Zeus 2.0.

The fact that Zeus keeps developing and new releases are still coming out from its developer/s indicates the amount of money involved. The provider of Zeus obviously makes enough money to keep funding ongoing development, otherwise this project would have been dead a long time ago, as has happened to other less successful malware threats.

The latest version of Zeus introduces new features and enhancements to make the work of security vendors even more challenging to detect it.

Here are some 'improvements' in the new Zeus 2.0 that AVG Technologies found in the samples they analysed:

Zeus 2.0 incorporates new encryption layers to hide its data and communication. Those of you that found ways to break the 1.x encryption and get the keys may find v2.0 much more challenging.
In v2.0 the binary is installed in "%APPDATA%\{random chars}\{random chars}.exe". Zeus 1.x was using a hardcoded filename and was usually installed under %WINDIR%\System32.
While Zeus 1.x infected the whole PC if it had sufficient permissions, Zeus 2.0 by-design infects only the current user. That's also the reason why file paths and registry entries have changed. This new behaviour makes Zeus 2.0 less detectable but also limits the damage if several people are using the same PC.
Zeus 2.0 registers itself in HKCU\..\Run key while Zeus 1.x normally registered itself in UserInit Key.
Zeus 2.0 binaries and configuration files are no longer protected by ring-3 rootkit.
Zeus 2.0 does not hook code in svchost.exe, lsass.exe, services.exe.
Since v1.3, Zeus Builder is protected with "hardware-based licensing system", thus fighting "malware piracy" and preventing AV researchers from analysing the builder engine.
In v2.0 Mutex and event names are now pseudo-random GUID strings. Zeus 1.x used hardcoded mutex names like _XXXX_2109, __SYSTEM__64AD0625__, etc.

This change is probably business-driven, as it allows several copies of Zeus from different "vendors" (infections) to co-exist on one PC. This maximizes the monetisation of a single infected PC by various hackers - each can steal the bank credentials of the same user and cash out.

These are not all the changes in Zeus 2.0; however, they ensure that even users with very limited rights on their computer will get infected.

Zeus 2.0 commands for botnet were completely changed. The new commands are much more descriptive: user_flashplayer_remove; user_flashplayer_get; user_ftpclients_get; user_homepage_set; user_url_unblock; user_url_block; user_certs_remove; user_certs_get; user_cookies_remove; user_cookies_get; user_execute; user_logoff; user_destroy; fs_search_remove; fs_search_add; fs_path_get; bot_httpinject_enable; bot_httpinject_disable; bot_bc_remove; bot_bc_add; bot_update; bot_uninstall; os_reboot; os_shutdown;

What should we expect to come on the next Zeus update? Here is our guess:

The following commands are present in the malware body but are not implemented yet: bot_httpinject_disable; bot_httpinject_enable; fs_path_get; fs_search_add; fs_search_remove; user_destroy.

As long as Zeus continues to make money for its developer/s, we will continue to find new releases and new features in the market.

Preventing the infection from such malware requires more than just one security technology. AVG uses multiple security layers: proactive, reactive, real-time and reputation-based technologies to provide its free and paid users with the most advanced protection against the most advanced malware threats out there, including Zeus 2.0.

How Malware Can Sneak Into Your Company Networks And How To Deal With It

Tue, 27 Apr 2010 14:00:00 GMT

Melbourne, 28 April 2010 - There are myriad ways that viruses, Trojans and other types of malicious code can get into your business and it pays to be up on all of them. Security company AVG (AU/NZ) offers some advice.

Did You Know:

Social networks are a valuable tool for today's businesses but open up significant security risks
Phishing and other social engineering tricks can (and do) fool even the smartest people
Even Instant Messaging isn't safe

Completely blocking users' access to the Internet would go a long way towards keeping viruses and other malware out of your company, but it wouldn't do a whole lot of good for your business. So you need to be aware of - and take steps to protect - the ways the bad guys get access to your valuable information.

Here's an overview of the main threats and how to protect against them.

1. Web Surfing and Social Networking
- It's the Wild Web Out There

The web is a cyber criminal's dream come true. It's instantaneous. It's anonymous. And it's very, very easy to fool people. A web site that looks at first glance to be your bank's web site can easily be a clever forgery. And that video-viewing download you're being offered? Chances are you don't need it - and you certainly don't need the spyware that may well be hidden behind a realistic-sounding application name.

"The Web has become the attack vector of choice. With e-mail, attackers had only a limited number of ways to a computer: either with an infected attachment, or with a link to a web page which would deliver the malware. While attackers still use e-mail, they have discovered that the Web in general - and social networks in particular - provides them with a much broader range of options," according to AVG (AU/NZ)'s Marketing Manager, Lloyd Borrett.

Social networking sites are of particular concern when it comes to malware distribution, according to the recent "Trial By Fire" survey conducted by consultants PriceWaterhouseCoopers (PWC). (See http://www.pwc.com/us/en/it-risk-security/publications/trial-by-fire.jhtml)

"Today a new generation of employees worldwide is accessing social networks from work in great numbers, often without the knowledge of the IT department - and in circumvention of the traditional countermeasures employed by many," the PWC report states.

Traditional virus/malware protection was not designed to cope with the here today, gone tomorrow threats that typically infect social networks. And you can be sure those thousands of Facebook application developers are not focusing their efforts on the security of their applications.

Blocking social networks is no longer feasible - they're an integral part of marketing and recruitment programs in many companies today. A more equitable solution can be found in technologies like AVG LinkScanner®, which checks web pages for security risks before allowing the page to download to the user's browser. LinkScanner is included in AVG's business security products.

2. E-mail and Spam
- Oldies But Still Baddies

For many years, the virus writers' distribution method of choice was e-mail attachments. Although still a popular method of attack, e-mail is a far less effective way to fool people into opening things they shouldn't. The bad guys have learnt that using the world wide web to deliver attacks is more efficient. "When e-mail was the primary attack vector, simply installing an anti-virus and exercising caution when opening attachments mitigated the majority of threats," explains Borrett.

In addition to installing a reputable security solution and keeping it updated, educating employees on responsible e-mail behaviour is fundamental to e-mail security efforts. One important reminder comes from the Australian government web site "Stay Smart Online", www.staysmartonline.gov.au. "Many viruses can 'spoof' the return address [in an e-mail], making it look like the message came from someone else. If you recognise the return address but weren't expecting the message, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments," the organisation advises.

You might also want to consider configuring your e-mail system to block the automatic downloading of attachments; this will have the added benefit of discouraging employees from overloading the e-mail network with unnecessary attachments.

3. Instant Messaging
- Chatting Your Way To Trouble

While not yet as ubiquitous as e-mail, instant messaging (IM) is gaining momentum as a business communications tool, and carries many of the same risks as e-mail, as well as some unique to the IM environment. Viruses and other malware can be hidden in files sent over IM. Links embedded in messages can lead to infected web sites.

IM even has its own version of spam, sometimes called SpIM - Spam over Instant Messaging. Microsoft warns users to be aware that, "Some IM services link your screen name to your e-mail address when you register. The easy availability of your e-mail address can result in an increased number of spam and phishing attacks." So users should take care when they register for an IM account that they don't inadvertently advertise their e-mail address.

AVG Helps the Environment One Download at a Time

Wed, 21 Apr 2010 14:00:00 GMT

AVG explains how using security software helps the environment

Melbourne, 22 April 2010 – Today is Earth Day, and that means that many of us are thinking about the environment and what we can do to make a difference and improve it for this generation and generations to come. Each one of us can chip in and take action, and no effort is too small. The important thing is to keep those good environmental habits and activities going beyond Earth Day so that they become a part of the way we live our lives.

The challenge for those of us who use technology on a regular basis is that our gadgets have a negative impact on the environment in certain areas. Since minimising the extent of our connected lifestyles simply isn't an option for many of us, it's important to note that there are things that we can do to lessen the negative impact that all of that tech has on the environment.

A lot of computer users are aware of the customisable energy options that are a part of their operating systems and can make their computers more efficient, but did you know that using security software on your computer can also help the environment?

For example, viruses and other threats that infect your computer and run in the background consume your system's resources, which means that your computer has to work harder and therefore use more energy. By preventing these threats from becoming a reality on your system, your security software helps to make sure that your computer only runs what you want it to run and doesn't use an excessive amount of energy.

In addition to this, the current versions of AVG software have reduced scan times by up to 50% and improved memory usage by 10-15% over previous versions. So along with preventing threats from stealing energy, the security software itself also has less of a footprint on your system's resources, which is a win-win for you, your computer, and the environment.

How to Stay Safe Online in 2010

Tue, 13 Apr 2010 14:00:00 GMT

Melbourne, 14 April 2010 - AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, is often asked just what people need in order to be safe online these days. Is a firewall enough? Is anti-virus protection enough? Do I need anti-spyware and anti-malware as well? People are understandably very confused.

Here, then, is a basic explanation about what protection you need in order to be safe while banking, shopping, gaming, downloading and chatting online...

Viruses are bits of malicious code that spread by themselves. They still exist, but there are not so many of them around any more because they don't help the "Bad Guys" make money. In other words, the Bad Guys could still write viruses, but they don't much because viruses don't tend to assist in stealing stuff.

Instead, the Bad Guys tend to write spyware, worms and other malware such as key-loggers and remote controlled backdoors, which allow them to steal bank account login details and important personal identification like credit card numbers and tax file numbers.

These days, anti-virus, anti-spyware and anti-malware have merged into what most security software suppliers label as their "Anti-Virus" product. Then these companies typically also have an "Internet Security" suite that adds extra layers of protection like firewall, web protection, identity protection etc.

Firewalls stop intruders, such as worms and hackers, forcing their way in from the outside. A good enhanced or two-way firewall also stops anything such as a key logger or identity theft program sending any captured information back through the firewall to the Bad Guys.

The single most important thing to understand is that 99% of all attacks now originate from the web. When a web browser is started, it starts from a trusted place.... inside the firewall. The web browser creates a trusted tunnel through the firewall. If a victim visits a web site of hostile intent, the attack malware code is able to go right through the firewall and has a chance of executing on the victim's PC.

What this means is that your anti-virus product of choice should include a dedicated web scanner. We have AVG LinkScanner® for exactly that reason. It does a real-time check for web-based threats every time you try to open a web page in your web browser. If an active threat is detected, you are warned not to continue trying to view the web page. Thus the threat is blocked before it gets onto your PC.

The next thing to understand is that good Internet security protection should include a good behaviour monitor, such as AVG Identity Protection.

Traditional anti-virus/anti-spyware/anti-malware products work by scanning for known malware. This is called "signature scanning". Think of it as being like the bouncer at the door of a popular venue being asked to keep out certain people based on having photos of their faces. That works great, as long as you're dealing with a known bit of malware (or face), but if it's new, it gets past the scanner until it's updated. Simple as that.

The Bad Guys know this, and, using automated tools, produce 20,000 to 50,000 new variants each day which they release into the "Zoo" of known malware. They only actively use 500 to 2,000 of these variants each day in the "Wild" to do bad stuff. The others are produced to make it hard for the security software companies to know which are the 500 to 2,000 variants that you really need to be protected from.

A behaviour monitor, however, is not signature based, but instead watches for malicious behaviour of the applications and processes running on the PC. For example, a new program that installs itself so that it survives a reboot and also starts monitoring keystrokes, is very suspicious to a behaviour monitor. In our analogy, it's as if the bouncer is now considering the dress, walk, demeanour and overall manner of those approaching the venue. A newcomer who doesn't fit acceptable behaviour patterns is now highlighted for special consideration.

The best way to do security is in layers... think about a slice of Swiss cheese. Any individual slice is full of holes, but if you get two slices and place them on top of each other, they cover up most of each other's holes. Get a third slice and there are no holes left.

Computer security works the same... that way, each layer only has to be 80% effective, but if you have enough layers, there are no holes left. That's important, because the more you strive for 100% with any one layer, the bigger and fatter it gets, with more potential for conflicts and issues. It's classic 80/20 stuff... you can solve about 80% of just about any problem with just 20% effort.

As Lloyd Borrett, Marketing Manager for AVG (AU/NZ) says, "It takes multiple layers of defence to protect against the wide variety of attacks and threats. A single technique cannot protect against every possible threat. An efficient layered approach provides multiple layers of defence that will allow one technique to catch things that may have slipped through the outer defences."

What this all means to an end user is that they need:

a specialist web-scanning layer to block most of the attacks immediately, e.g. AVG LinkScanner, followed by,
a traditional anti-virus scanner that's focused on the actual malware that's in the Wild and being actively used by the Bad Guys, as opposed to what's just in the Zoo and not a threat, e.g. AVG Anti-Virus, followed by;
a behaviour layer to pick up anything that gets by the web scanner and traditional anti-virus/anti-spyware/anti-malware scanner, e.g. AVG Identity Protection.

All of these layers of protection are available separately. But they work best when bundled into an efficient all-in-one solution.

"Solutions like the AVG Internet Security suite, where all of the multiple security layers are designed to work efficiently together, with one easy 'set and forget' update process, provide complete peace of mind," said Borrett.

Such a solution mightn't win too many magazine "shoot-outs", because the highly dynamic, multi-faceted, real world threat landscape is really hard to emulate and test against properly. But the real benefit to an end user is that they have a lightweight, nimble product that protects them. And that's what AVG is doing to enable its 110 million users to stay safe online every day.

AVG Technologies Fortifies its Cyber Crime Research Labs

Mon, 12 Apr 2010 14:00:00 GMT

AVG Technologies Names Key Addition in Yuval Ben-Itzhak and Adds Researchers to Aid in Worldwide Cybersecurity Investigations

Melbourne, 13 April 2010 – AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security software, announced today that AVG Technologies has fortified its AVG Virus Research Labs team to help fight cyber crime worldwide.

AVG's Virus Research Lab leverages its network of more than 110 million computers worldwide – each installed with AVG LinkScanner® technology - to detect exploit trends in real-time and report back data that is in turn licensed by top security software companies to update their products. The Virus Research Lab works regularly with law enforcement and industry leaders to detect and prevent online bank fraud, consumer phishing schemes, identify theft scams and many other cyber crime activities.

AVG Technologies recently appointed security industry veteran Yuval Ben-Itzhak as senior vice president of engineering, as well as added two more researchers to assist in detecting trends and preventing exploits.

Ben-Itzhak was formerly Chief Technology Officer (CTO) for a global Web security company, where he led the company's vision, strategy, innovation, IP and technology. Ben-Itzhak was also founder and CTO of KaVaDo Inc., a leader in web application security.

An innovator, Ben-Itzhak holds a number of various US patents and patent applications. He is frequently quoted in the international business and technology press and has been a key speaker in dozens of security conferences around the world. Ben-Itzhak was selected as InfoWorld's "Top 25 Most Influential CTOs of 2004" and Computerworld's "40 Innovative IT People to Watch, Under the Age of 40" for 2007.

"The AVG Virus Research Lab is the cornerstone of our operations, working at the front lines to hunt down the bad guys and protect our customers from their malicious schemes," said Roger Thompson, Chief Research Officer, AVG Technologies. "Consumers, small businesses and law enforcement all rely upon AVG for security trends insights and specific remedies to halt exploits."

Ben-Itzhak and the staff in the AVG Virus Research Lab offer regular comments and analyses of the latest spyware, viruses, Internet exploits and other cybercrime trends at viruslab.blog.avg.com.

How to let staff use their Personal Technology Securely

Thu, 08 Apr 2010 14:00:00 GMT

Melbourne, 9 April 2010 - More and more of us would like to use our personal computer at work, but how can companies allow that while keeping their internal networks secure? AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, shares its thoughts on this.

Did You Know?

End users, not the IT department, will be responsible for 50 percent of business IT procurement in 2010
Virtualisation specialist Citrix has a "Bring Your Own Computer" program which saves the company money
One-third of the new generation of workers want to choose their hardware and applications

Why Traditional Anti-Malware Solutions Are No Longer Enough

Given the P in PC stands for 'Personal', it's not surprising that many consumers have a close relationship with their computer in a way that isn't traditionally associated with other appliances. Very few heated conversations over coffee centre around one brand of one washing machine being cooler than another. Conversely, put a Mac and PC fan in close proximity, and things will eventually get ugly.

This emotional bond to personal technology - which also extends to mobile phones, MP3 players and notebook computers - means businesses have increasingly had to adjust to requests from staff to use their own technology at work.

According to research by technology analyst group Gartner, by 2010, end users, not the IT department, will be responsible for 50 percent of business IT procurement decisions. Management consultants Accenture focused their research on a group of young workers it calls "Millennials" and found around one-third of this new generation of workers not only wanted to use the computer of their choice at work, but also wanted control of the applications they use too.

"The message from Millennials is clear: to lure them into the workplace prospective employers must provide state-of-the-art technologies," said Gary Curtis, managing director of Accenture Technology Consulting. "And if their employers don't support their preferred technologies, Millennials will acquire and use them anyway."

Businesses are reacting to the trend towards personal technology at work in a variety of ways. For the more traditional firms, the idea of giving staff carte blanche to bring their own technology to work is totally unacceptable. Allowing an employee to bring his or her sticker-festooned game-spec laptop to work is tantamount to a written invitation to stop working and indulge in personal surfing during business hours. More progressive companies realise that allowing personal computers in the office is just another step in the blurring lines between work and home.

However, while some companies might want to reduce the restrictions on consumer technology at work, there are issues that go beyond cultural concerns - namely IT security. The requirement to standardise technology across a company has some financial benefits in terms of volume buying, but studies by some companies have shown that giving staff a stipend to buy their own device and effectively support it, can result in a lower cost than realising the savings from large scale procurement and paying IT support staff to maintain the devices.

Instead of focusing on saving cash, some companies insist on a homogeneous approach to PC procurement across the business, as it is perceived to be the easiest way to ensure that PCs and mobile phones can be secured effectively. The more standard the hardware, the more easily it can be monitored, patched and updated centrally.

The emergence of so-called virtualisation technology however, offers a potential solution to the problem of allowing staff to use their own technology without compromising the security of the company's network and data. Traditionally, desktop computers have only been capable of running one operating system at a time, but with virtualisation, they can run multiple instances (virtual machines) of the operating system on the same piece of hardware.

Analysts like Gartner advise companies to use this virtual machine (VM) approach to effectively create a safe compartment within an employee's personal computer, or even mobile phone, so that any interaction with the company's network is limited to that safe-zone. Instead of loading company applications onto their home machine - and creating licensing issues - staff can access a secure and virtualised set of applications held on the company's servers. This also prevents users from infecting the company network with any malware that might be on their machine, and from copying and storing sensitive data outside the firewall.

Gartner believes that there are other strong motivations for organisations to consider employee-owned notebook programs based on a locked and well-managed VM approach: "They provide a mechanism for 'containing' the operational environment of existing rogue users. This category usually consists of executives and key knowledge workers, whose personal influence is sufficient to be able to flout corporate policy (with exceptions permitted on the basis of trust)."

Businesses that are already using a virtualised approach to managing employee-owned devices include Citrix, which launched a "Bring Your Own Computer" program in 2007. This plan makes use of the company's own virtualisation technology to allow staff to use their own hardware at work. Employees install software called the Citrix Receiver onto their computer, and are then able to access corporate applications and data securely.

The increasing adoption of virtualisation for desktop machines means that more and more companies may be able to cut the ties between hardware and software and allow users to bring their own technology to work. However, as technology becomes more prevalent, it unfortunately becomes a greater target for hackers and cyber criminals. As you can imagine, the personal connection between computers and their users is unlikely to diminish anytime soon, so as the bad guys find the chinks on the virtualisation approach, the security community will strive to evolve fresh ways to protect the devices we need and love.

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said, "This kind of thing was seen as sheer madness by IT departments a few years ago as they focused on standardising everything. But now more applications used by staff at work and home are available in a web form, such as e-mail. The trend toward cloud computing means it will be quite difficult to stop the blurring between work and home life from happening.

"Companies need to embrace this change and begin to address the governance challenges so as to minimise security risks," Borrett continued. "They should encourage their staff to use a comprehensive security solution on their computer, like AVG Internet Security, and include it as part of their remuneration package."

AVG Internet Security Products for Home and Business Win Awards

Thu, 25 Mar 2010 13:00:00 GMT

Double Winner for Info Security Product Guide's Global Product Excellence Awards

Melbourne, 26 March 2010 - AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, has today announced that two AVG products - AVG Internet Security 9.0 and AVG Internet Security Business Edition 9.0 - have won Global Product Excellence Awards sponsored by Info Security Products Guide.

AVG Internet Security 9.0 won in the category "Security Solution for Consumers", while AVG Internet Security Business Edition 9.0 won for "Security Solution for Enterprise (Small) and SOHO".

"We are honoured that the Info Security award selection committee chose to recognise both our consumer and business products," said Tony Anscombe, Ambassador of Free Products, AVG Technologies. "These awards validate our efforts to battle against cyber criminals and keep our customers safe online."

AVG Internet Security 9.0
AVG Internet Security 9.0 is AVG's flagship software product for home users. Multiple layers of protection means users don't have to worry about identity theft, spam, or viruses. And its integrated AVG LinkScanner® technology provides real-time protection from accidentally visiting harmful web sites. With up to 50% faster scanning time, home users now can have faster, smarter security that won't slow their computer down. http://www.avg.com.au/products/avg-internet-security/

AVG Internet Security Business Edition 9.0
AVG developed AVG Internet Security Business Edition to protect workstations and servers so that businesses can focus on their operations and not worry about their security software. AVG Internet Security Business Edition is a scalable security solution for Small and Medium-sized Businesses (SMB) that uses cutting-edge technologies like application white-listing and "in-the-cloud" automated testing. Enhanced remote administration ensures easy deployment and delivers centralised management of security incidents. http://www.avg.com.au/products/avg-internet-security-business-edition/

"In an interconnected world, threats have no boundaries, and security has to remain a prime requirement," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "Cyber criminals and cyber threats are becoming increasingly more sophisticated. Sixty percent of transient threats, for example, come and go in less than a day. AVG products deliver solutions to these threats that keep both homes and business safe. It's great to see this being recognised by Info Security Products Guide again this year."

About Info Security Products Guide
www.infosecurityproductsguide.com
Info Security Products Guide sponsors leading conferences and expos worldwide and plays a vital role in keeping end-users informed of the choices they can make when it comes to protecting their digital resources. It is written expressly for those who are adamant on staying informed of security threats and the preventive measures they can take. You will discover a wealth of information in this guide including tomorrow's technology today, best deployment scenarios, people and technologies shaping info security and independent product evaluations that facilitate making the most pertinent security decisions. The Info Security Products Guide Awards recognise and honour excellence in all areas of information security.

AVG Comes to the Rescue: Ships FREE Emergency Boot-up CD

Tue, 23 Mar 2010 13:00:00 GMT

A powerful toolset for the rescue and repair of infected machines.

Melbourne, 23 March 2010 - AVG (AU/NZ) Pty Ltd, the distributor for Australia, New Zealand and the South Pacific of the award-winning AVG Anti-Virus and Internet Security software, has today announced that AVG Technologies has released another free product: the AVG Rescue CD.

The AVG Rescue CD, which is already included in AVG's product line for businesses, is used to recover computers that are not able to boot or are infected in a way that will not allow normal operation. AVG is now making the AVG Rescue CD available to all customers (including AVG Free customers). It can be downloaded to any CD or USB stick and then inserted into the damaged computer and used as the recovery disk.

This powerful offering contains all essential tools for users, including:

Comprehensive administration toolset
System recovery from virus and spyware attacks
Suitable for recovering Windows based operating systems
Ability to perform a clean boot from the CD or a USB stick

Upon booting a damaged computer using the AVG Rescue CD, the software will automatically mount all hard drives of the computer and scan them for viruses and malware. The AVG Rescue CD will also automatically restore a safe network connection to the computer. For advanced users, the AVG Rescue CD also includes a Windows Registry editor, a TestDisk utility for recovering deleted files and lost partitions, a file browser for navigating folders, and a Ping tool for basic network diagnostics.

The AVG Rescue CD is a Linux-based boot utility with essential AVG security software already integrated. The AVG Rescue CD can be downloaded for free at http://www.avg.com.au/products/avg-rescue-cd/ and burned onto any CD or DVD, or extracted directly onto a USB flash drive.

"The AVG Rescue CD has been a must-have toolkit of essential utilities for system administrators and other IT professionals for many years," said Lloyd Borrett, Marketing Manager AVG (AU/NZ). "It's fantastic that it's now freely available for anyone to download and use. All AVG (AU/NZ) paid customers using the AVG Rescue CD can phone our local technical support team for full support."

AVG Anti-Virus Free Edition 9.0 Wins Australian PC Authority Best Value Award

Sun, 14 Mar 2010 13:00:00 GMT

AVG Anti-Virus Free Edition 9.0 gets 5 out of 6 stars.

Melbourne, 15 March 2010 - AVG (AU/NZ), the distributor for Australia, New Zealand and the South Pacific of the world's most popular free anti-virus software, today announced that AVG Anti-Virus Free Edition 9.0 received an overall rating of 5 stars and the Best Value designation from Australian PC Authority in their April 2010 issue group test of security software products. The product also retained its "A-List Alternative" ranking by the magazine.

As Australian PC Authority said, "When it comes with such a minimal footprint and such a low profile, the overall proposition is still very attractive - especially when you get the added bonus of LinkScanner thrown in for free."

Lloyd Borrett, Marketing Manager AVG (AU/NZ) said, "After weeks of waiting, to finally hear that AVG Anti-Virus Free Edition 9.0 had been elected Best Value by Australian PC Authority was just incredible."

"With such strong competition these days, to win any group test is always immensely satisfying. Especially when our basic level free product is being compared with not only other free products, but also top-end paid products."

"As pioneers of free antivirus security software more than a decade ago, it's a joy to see how AVG has been adopted by more than 4.6 million users across Australia and New Zealand and how people have benefited from the availability of a reliable base level of protection against the cyber criminals."

"For me, that's where the real satisfaction comes from - working with a brand that's constantly trying to improve every detail to make your chosen security solution safer, faster and easier to use. AVG's software engineers and security researchers work hard to refine the protection provided while reducing the use of system resources. That's not an easy task when you also want to improve ease of use, plus deliver industry leading technologies like AVG LinkScanner's real-time protection against web threats, all at the same time."

"Online is the ultimate test bed and fortunately the sum of AVG's improvements has been confirmed by PC Authority and its elite test team as delivering the best value. If only they had also tested AVG's complete protection solution, the paid AVG Internet Security 9.0 suite, AVG might have had a clean sweep in the awards!"

AVG Anti-Virus Free Edition 9.0 is available to download, free forever, from www.avgfree.com.au.

Social engineering: Deceiving people, not machines

Thu, 11 Mar 2010 13:00:00 GMT

The weakest part of any business computer system is almost always the human being using it - something cyber criminals know only too well.

Melbourne, 12 March 2010 - Social engineering is extremely pervasive and frequently effective...

Security experts easily convinced workers to reveal their passwords in exchange for a free pen.
Over half the computer users questioned in a recent AVG survey had received phishing emails.

Cyber criminals are often portrayed as technical geniuses plying their trade through the use of deviously complex computer code. While there is some truth to this, gaining access to a computer can be as simple as fooling someone into a revealing a password. This tactic of exploiting the "human aspect" of computer use is known as "social engineering" and is widely recognised as one of the most effective techniques used by cyber criminals.

"Human beings are often the weakest link in the security chain," warns the US government advice site Stay Safe Online. "Criminals and con artists know this and exploit it. Learn how to spot the tricks they use."

It's Easy to be Fooled

Things to look out for include such simple tactics as phoning a random extension and tricking whoever answers into revealing their network password by asking seemingly-innocuous questions. "If an attacker is not able to gather enough information from one source, he or she may contact another source within the same organisation and rely on the information from the first source to add to his or her credibility," warns US government security agency US-CERT.

A fraudster used this technique to make calls to the Barclays Bank in the UK, eventually convincing a call centre worker to issue a credit card in the chairman's name. Armed with the credit card and personal details about the chairman, the conman then went to a Barclays branch and withdrew £10,000 of the banking executive's money. Ouch!

An example of how easily people can be tricked by social engineering was revealed by the organisers of the InfoSecurity Europe conference. Experts convinced 90 percent of workers stopped at Waterloo Station in London to reveal their passwords in exchange for a free pen. Some more suspicious workers refused at first, but eventually revealed enough information for the experts to accurately guess their password.

Kevin Mitnick, one of the most notorious hackers of all time, has admitted that social engineering was a fundamental part of his approach. "When the average person conjures up the picture of a computer hacker, what usually comes to mind is the uncomplimentary image of a lonely, introverted nerd whose best friend is his computer and who has difficulty carrying on a conversation, except by instant messaging," Mitnick explains in his book The Art of Deception. "The social engineer, who often has hacker skills, also has people skills at the opposite end of the spectrum - well-developed abilities to use and manipulate people that allow him to talk his way into getting information in ways you would never have believed possible."

Beware the Phishers

But social engineering doesn't have to be done in person or over the phone. One of the most popular social engineering techniques is phishing, which is when cyber criminals bombard computer users with emails purporting to be from banks or other trusted entities where valuable information is protected by passwords.

Recipients are encouraged to respond to the mail by clicking a seemingly-legitimate link and entering their login credentials. "An attacker may send email that appears to come from a reputable credit card company or financial institution and that requests account information, often suggesting that there is a problem," explains advice on the US-CERT web site. "When users respond with the requested information, attackers can use it to gain access to the accounts."

Recent research conducted by AVG revealed that around 55 percent of the 250 users surveyed had received phishing emails. The survey particularly looked at how increased use of social networking sites such as Facebook, Twitter and MySpace were contributing to the growth of phishing and other security threats.

Other interesting results included:

21% accept contact from members they don't recognise
52% let friends access social networks on their machine
64% click on links offered by community members
26% share files within social networks
20% have experienced identity theft
47% have been victims of malware infections

The emergence of social networking sites has led to a blending of programming-type hacking techniques with social engineering, a threat acknowledged by AVG back in 2007.

"The anti-virus industry has been in a transition period for the past two to three years as malware has morphed from simple viruses to complex malicious web site hacks that combine exploits and social engineering to scam unsuspecting users of their data," said Lloyd Borrett, Marketing Manager, AVG (AU/NZ).

Education is Key

When it comes to protecting against social engineering attacks, technologies such as those provided by AVG's Internet Security software have an important part to play, but experts agree that educating staff is fundamental.

"An educated workforce is the main line of defence against online threats in business," is the advice from the UK government-backed Get Safe Online campaign.

US-CERT is more specific in its guidance: "Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. If an unknown individual claims to be from a legitimate organisation, try to verify his or her identity directly with the company."

The best strategy for businesses is to instil in their staff the notion that handing over any information to someone whose motives are suspect or unknown is not a good idea. This "paranoid" attitude should be brought home to new hires from day one; new employees are the most susceptible to social engineering techniques, according to Kevin Mitnick. "New employees are a ripe target for attackers. They don't know many of the people yet, they don't know the procedures or the dos and don'ts of the company. And, in the name of making a good first impression, they're eager to show how cooperative and quick to respond they can be," he warns.

Of course, it always makes sense to back up education with protection, so businesses should also ensure they have up-to-date security software in place. AVG's Anti-Virus and Internet Security products include AVG LinkScanner®, a technology that can quickly and accurately determine whether or not a web page is hosting a phishing attack.

Criminals will always be able to find the chinks in any company's computer security armour but, by paying attention to the people as well as the computers, businesses can make it much harder for the cyber criminals to break through.

Online references:

Stay Safe Online - US National Cyber Security Alliance: http://www.staysafeonline.org/

US-CERT - United States Computer Emergency Readiness Team: http://www.us-cert.gov/

Barclays chairman loses £10,000 in identity scam: http://business.timesonline.co.uk/tol/business/law/article3164914.ece

Office workers give away passwords for a cheap pen: http://www.theregister.co.uk/2003/04/18/office_workers_give_away_passwords/

The Art of Deception by Kevin Mitnick: http://en.wikipedia.org/wiki/The_Art_of_Deception

Get Safe Online - UK: http://www.getsafeonline.org/

AVG and LimeWire Secure World's Largest Peer-to-Peer Network

Wed, 10 Mar 2010 13:00:00 GMT

LimeWire Integrates AVG's SDK into Its Premium File-Sharing Software Offering Users Anti-Virus Protection

Melbourne, 11 March 2010 - AVG (AU/NZ), the distributor for Australia, New Zealand and the South Pacific of the world's most popular free anti-virus software, today announced that LimeWire LLC has licensed the AVG Anti-Virus SDK engine from AVG Technologies. LimeWire has integrated the anti-virus/ anti-spyware protection into LimeWire Pro, its premium file sharing software. Through this partnership, all files will be scanned before LimeWire PRO will allow them to play or execute on an end user's computer, which prevents infected files from harming machines. LimeWire PRO users will see the "Protected by AVG" assurance whenever a downloaded file is safely scanned and cleaned.

The agreement is part of the AVG's new Global Strategic Alliances (GSA) group 2010 partner program focused on development, licensing initiatives and strategic partnerships in security, social media and the online community.

Millions of people use peer-to-peer networks every day to exchange audio, video, documents and other files. LimeWire is the leading provider of peer-to-peer networking applications and distributes the most popular peer-to-peer application in the world with 50 million monthly users. LimeWire has integrated AVG's security SDK into LimeWire PRO, its premium file-sharing software, to automatically scan each download to help keep LimeWire's users secure.

"Peer-to-peer networks have come a long way. People are using peer-to-peer networks to share files and documents, and we are pleased to be protecting them," said Rocco Donnino, SVP of Global Strategic Alliances, AVG Technologies. "AVG is committed to securing our online world, whatever it takes."

The ad hoc architecture of peer-to-peer networks affords no central point where security policies can be enforced, making the networks vulnerable to infected files, adware, spyware and other malware creeping into the system. It is incumbent upon users to secure their computers in order to protect both their own computers and the general health of their peer-to-peer network.

"LimeWire is committed to providing peer-to-peer's best user experience and we are vigilant about user security," said Jason Herskowitz, VP Product Management, LimeWire. "We are always looking for ways to improve, and with AVG's seamless integration into LimeWire, we will be providing users with peer-to-peer's most secure technology."

"It's great to see a peer-to-peer software solutions provider like LimeWire taking a pro-active approach to online security," said Lloyd Borrett, Marketing Manager AVG (AU/NZ). "Plenty of peer-to-peer users don't understand the security risks associated with some of the files they're downloading and sharing over the Internet. Now LimeWire PRO users can safely use their peer-to-peer connections on the BitTorrent and Gnutella networks to share pictures, videos and audio with friends."

More Than 40 Percent of World's Malicious Web sites are Hosted in the United States

Wed, 10 Mar 2010 13:00:00 GMT

Germany and China Round out the Top Three Countries with Web Servers serving malware

Melbourne, 11 March 2010 - AVG (AU/NZ), the distributor for Australia, New Zealand and the South Pacific of the world's most popular free anti-virus software, today unveiled the results of an AVG Technologies' research study which shows that - contrary to popular opinion - most malicious web sites are hosted on US servers and not in other countries like China.

The AVG research study is based on the analysis of threats reported during the last 6 months from AVG's 110 million worldwide users of its AVG LinkScanner® web security product. The research indicates an increase in malware-serving web sites targeting end users, which typically focus on stealing online banking credentials, credit card information, personal identities and passwords to social sites.

The detection and analysis of exploits was based on AVG's unique crowd-sourced methods for analysing web content for malicious or dangerous intent as reported by AVG's vast network of LinkScanner installations worldwide. AVG's research shows that malicious code is not just an issue with outlaw servers located in countries with weak laws and lax enforcement. Monitoring active web servers serving exploits around the world indicates that 44 percent of the corrupted servers are hosted in the United States, followed by Germany and China at just 5 percent each. Many of these malware-serving web sites are legitimate sites compromised by hackers to serve exploits on their behalf. In total, exploitive servers were found in nearly 4,600 locations throughout the USA.

It is important to note that this research makes no statement about who owns or is directing the efforts of these servers - for those criminals and/or criminal networks could be anywhere in the world - and they are.

"The results of this study shatter the myth that malicious code is primarily hosted in countries where e-crime laws are less developed," said Karel Obluk, Chief Technology Officer, AVG Technologies. "Our research shows that malicious content is much more likely to show up on web servers in the U.S. than one in Asia or Eastern Europe. This makes perfect sense since the USA is a primary target market for the criminals and has rich and mature Internet infrastructure making the threats both highly accessible and cheap to host. What is most striking is the clear rise in the number of malicious servers in the last six months. Today's hacking techniques are highly evasive so the average user cannot tell if a website is serving malware or not. A web security product is needed."

Obluk continued, "Even more important to note is that, on average during this six month period, about 50 percent of the domains hosted on these servers were online and hosting threats only one day or less. This transient nature makes them very hard to find and add to traditional reputation-based protection systems in time to be helpful to users."

"As a preventative measure, users should look for web security protection when going online," said Lloyd Borrett, Marketing Manager, AVG (AU/NZ). "Today's bad guys are smarter and create threats that are more sophisticated, hiding in legitimate web sites that are sometimes poisoned for less than a day. This makes a real-time solution like AVG LinkScanner absolutely critical to protect against web based threats."

AVG LinkScanner is free and is included as a part of all AVG Anti-Virus and Internet Security products. AVG LinkScanner can be used also as a free stand-alone product delivering extra protection alongside other brands of antivirus and Internet security software. AVG LinkScanner, or AVG's other free security products, can be downloaded at: www.avgfree.com.au

Top Five Tips for Securing your Business Reputation

Tue, 09 Mar 2010 13:00:00 GMT

AVG (AU/NZ) shows how your business reputation can be protected from online scams.

Melbourne, 10 March 2010 - There have been recent reports of how a Twitter scam has affected some well known UK politicians, issuing embarrassing Tweets from their personal accounts. Whilst these headlines may seem amusing, Lloyd Borrett, the Marketing Manager at AVG (AU/NZ), says it is worth considering the potential impact of this type of scam on your business reputation.

Reputation is everything in the world of a small business, often taking years to establish. Being targeted by a similar scam can have a detrimental effect on the reputation of your company. In a recent National Cyber Security Alliance (NCSA) study on small business security, 69% of small business owners said they would let their customers know if they suffered a security breach, whilst almost half agreed that their customers are concerned about the IT security of their business.

Knowing that a supplier's IT infrastructure is not as secure as it should be would worry most people, particularly if they share critical business data with that supplier/company. Yet with so many more businesses using cost-effective social media tools to market their company, the threat of customers being sent inappropriate messages from your company's social media account, or the social media account of one of your employees, is real. The potential impact on your reputation, by undermining your customer's trust in your ability to safeguard their data, is great.

So to help safeguard your business reputation, AVG (AU/NZ) has put together a few tips to ensure you get the most out of your security software, allowing you to focus on building your reputation, not repairing it:

Make sure your security software is robust and up to the job. AVG Internet Security Business Edition software is certified by the major independent security certification bodies to be effective against a comprehensive range of threats.
Secure your network against insecure behaviour by employees. You can't always control where your staff go online at work. (If you try, you'll probably have a rebellion on your hands!) AVG Internet Security Business Edition includes LinkScanner® which stops users visiting poisoned web pages that can let hackers into your network. So make sure it's installed on every PC.
Set your security software to update itself at least once a day. Protect against new and unknown viruses that appear between updates by ensuring AVG Data Protection is active on all workstations. AVG Internet Security Business Edition contains the Data Protection module.
Make sure you set the highest level of security on laptops employees take home or on the road. The AVG Administration feature included with AVG's business edition products will help you to set and monitor the security settings on all of your protected PCs. However, once those PCs are disconnected from the business network, they're out of your control. So leverage the power of AVG's LinkScanner, Anti-Malware, Enhanced Firewall and Data Protection layers to keep their protection solid when your staff are away from the office using home, WiFi or other non-secure Internet connections.
Deal with computer security problems as soon as they arise. AVG optionally alerts you whenever it finds a problem - day or night - and takes the necessary action to protect your network automatically - you don't have to do a thing. If you have the time, review the log - it can give you valuable information about employee training or other preventive measures that will help improve security.

Following the above tips should ensure your business reputation doesn't suffer from an online scam. As the saying goes, "An ounce of prevention is much better than a pound of cure."

For more information, see www.avgatwork.com.au.

VeriSign and AVG Integrate VeriSign Trust™ Seal within AVG LinkScanner® Search Results

Tue, 02 Mar 2010 13:00:00 GMT

Integrated Offering Helps Consumers Easily Identify Trustworthy Sites When Searching the Web

Melbourne, 3 March 2010 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security software, announced today that VeriSign, Inc. (NASDAQ: VRSN), the trusted provider of Internet infrastructure for the networked world, and AVG Technologies, developers of the world's most popular free anti-virus software, have an agreement to display the new VeriSign Trust™ Seal within AVG LinkScanner® search results pages. For all web sites that are customers of the VeriSign Trust Seal, this feature is now available in the latest version of the AVG LinkScanner software, and over time, will enable tens of millions of consumers to more easily identify safe sites.

Last week, VeriSign announced the VeriSign Trust Seal, which includes authentication for business and domain control, daily scanning of web sites for malicious software and seal-in-search capabilities for customers. The announcement included details about VeriSign's first third-party integration for seal-in-search with TheFind, an Internet shopping search engine. VeriSign intends to work with multiple third-party web sites and consumer client software vendors such as AVG Technologies to enable maximum benefit and availability for consumers.

By helping identify trusted sites within search results, the integration of the VeriSign Trust Seal into AVG LinkScanner's real-time threat protection benefits consumers. When a user searches the web using AVG LinkScanner, sites that carry the VeriSign Trust Seal will appear in search results with the VeriSign trust mark. Displaying the seal differentiates the site's link from other search results, communicating to consumers that the link leads to a site trusted by VeriSign, which can help drive increased traffic to online businesses.

"In our present era of multiple online threats, it's hard for consumers to know which sites are safe to visit and which are best avoided, creating barriers for businesses as consumers shy away from online interactions," said Fran Rosch, senior vice president of Business Authentication at VeriSign. "The integration of the VeriSign Trust Seal in AVG's LinkScanner, which has more than 110 million active users worldwide, gives consumers additional protection when they go online, and leads to more visitors for online businesses."

"Today's bad guys are smarter and create threats that are more sophisticated, hiding in legitimate web sites that are sometimes poisoned for less than a day, which makes a real-time solution absolutely critical," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "Anti-virus software alone cannot address these threats. The VeriSign Trust Seal integration with AVG LinkScanner will help consumers protect themselves by enabling them to know what's behind any web page and trust it, when it's most critical - before they click. Adding the VeriSign seal delivers another layer of visibility into the health, security and safety of a site."

The agreement is part of AVG Technologies' new Global Strategic Alliances (GSA) group 2010 partner program focused on development, licensing initiatives and strategic partnerships in security, social media and the online community.

AVG LinkScanner is free and is included as part of all AVG Anti-Virus and AVG Internet Security products. AVG LinkScanner can be used also as a free stand-alone product alongside other brands of anti-virus and Internet security software. AVG LinkScanner or AVG's other free security products can be downloaded at http://www.avgfree.com.au.

The seal-in-search service is offered to all VeriSign Trust Seal customers. For more information, visit http://www.verisign.com/trust-seal/index.html.

Staying Safe While Doing Your Online Business Banking

Tue, 02 Mar 2010 13:00:00 GMT

AVG answers the question: How safe is online business banking?

Melbourne, 3 March 2010 - While businesses and consumers alike are attracted by the flexibility of online banking, it should be noted that this great tool carries inherent security risks. Consider that FBI Director, Robert Mueller, recently announced that he had been banned by his wife from using his online banking service after he nearly became the victim of a phishing scam.

Muller's wife was probably right to be concerned. Australian Bureau of Statistics (ABS) research found 6 million people are exposed to scams and frauds during any given year, with over 800,000 falling victim in some way. The financial losses are of major concern - with almost $1 billion in losses.

Lloyd Borrett, AVG (AU/NZ) Marketing Manager said, "The use of the Internet by cyber-criminals to mass-market fraudulent schemes is unprecedented and increasing rapidly. Given that so many of these criminal perpetrators are not within easy reach of Australian law enforcement agencies, all businesses need to be more vigilant than ever, especially while banking online."

For businesses, the threats posed by online banking may be more acute given the dangers associated with so-called "insider threats". IT security experts have long contended that a company's own staff pose a bigger criminal threat than external criminals. While this may no longer be accurate given the entry of organised criminal gangs in the mid-nineties and the resulting increasing sophistication of cyber-criminals, online banking certainly provides a new channel for these internal or external criminals to steal money or confidential information.

Recent research by AVG revealed that the number of financial transactions conducted over the Internet are on the rise, with 85 percent of people now using the Internet for shopping, and over two-thirds doing their banking online. The research also showed that fears about cyber theft are rising too, with 43 percent of those surveyed saying they felt more susceptible to cyber theft than burglary, assault or robbery.

Fears over cyber-crime are to be expected in the digital age, especially as 3 in 10 people have experienced fraudulent behaviour over the Internet, including fraudulent emails, credit card fraud, and unauthorised bank transfers. Despite these concerns, the AVG survey also revealed that approximately 30 percent of respondents did not feel they were taking adequate steps to protect themselves from fraudulent online activity.

Banks could also be doing more. For example, the use of drop-down menus as part of the log-in process can help defeat key-logging software. Criminals use this software to record key-strokes. Drop-down menus can not be recorded in this way as they are activated by the user's mouse. Other approaches include external devices sent to customers which generate unique pin-numbers each time the user accesses their account.

There is general awareness of at least some of the risks associated with online banking, and knowledge of some of the tools that can be employed to combat it. The awareness and knowledge must grow on both sides and, most importantly, once gained should not be ignored.

What you need to know to protect your business against Cyber Theft

Q. What is Cyber Theft?

A. Cyber Theft is the term we use to describe financial loss or identity fraud that could happen to you as a direct result of entering personal information while on the Internet usually for the purposes of banking, shopping or gaming.

Q. How can I prevent Cyber Theft happening to me?

A. There are a number of steps you can take to reduce the risk of becoming a victim of Cyber Theft including:

Check that an Online Internet payment system has a padlock symbol displayed in either the bottom right-hand corner of the web page or in the address bar.
Never access an online payment system via a link contained in an email.
Never send money to people or organisations that you have not heard of.
Check the Electronic Money Association website - www.e-ma.org.
Make sure your Internet security software gives you comprehensive protection. AVG Internet Security Business Edition, was designed for this purpose and provides ideal protection.

Q. I already have antivirus software on my PC - does that mean I'm protected?

A. Not necessarily. Anti-virus software is designed to keep your computer protected against known viruses and spot unusual behaviour patterns that indicate unknown viruses - many of them are simply trying to disrupt or harm your computer in some way, and spread themselves to other computers. Most often they are not created for the purposes of committing Cyber Theft. The most common ways to commit Cyber Theft is with spyware or phishing.

Q. What is spyware?

A. Spyware is similar to a virus in that it is an unwanted program that runs unnoticed on your computer. Spyware ranges from adware (a nuisance, but comparatively low risk) through to surveillance software (scans your hard disk for private data such as credit card numbers, passwords and other personal information). This type of spyware then sends this information back over the Internet to the criminals that made the spyware.

Q. How does spyware get on to my computer?

A. Your computer is most at risk from infection from spyware if you use file sharing applications such as music or video sharing software or web sites.

Often a fraudster will send an email containing malware (or malicious software) to an unsuspecting computer user. Once the email has been opened the malware will be automatically downloaded onto their computer. Malware can also be contained in downloads from the internet. Depending upon the type of malware it may enable the fraudster to capture personal information and passwords.

Q. How can I tell if I have spyware?

A. The whole point of spying on people is to remain undetected so they can collect referral fees on adverts or by exploiting and making use of stolen information like credit card numbers.

The very worst kinds of spyware are designed to operate in stealth mode in order to avoid being discovered. Unprotected PCs can often have several different types of spyware running at the same time. One visible sign that your computer may be infected with spyware is that it starts to become slow or prone to crashing. This is because spyware applications interfere with the computer's operating system making it slow and unreliable.

If you have antispyware software installed on your PC, or a security suite that includes antispyware such as AVG Internet Security Business Edition, you can both scan for and isolate spyware that may be on your PC, stopping it from relaying information back to its fraudulent creator.

Q. What is phishing?

A. A fraudster will send an email to a large number of people claiming to be from a bank or other legitimate online business such as a shop or auction website. The email will usually contain a link to a fake but realistic, and credible looking website where the user will be asked to update personal information such as their passwords or account details which can then be used by the fraudster. Again, security suites that include anti-spam or anti-phishing components such as AVG Internet Security Business Edition can usually ensure that emails like this are moved to Junk or Spam folders in your email inbox.

Q. How common is Cyber Theft?

A. According to the results of an extensive independent survey of Internet users, as many as 3 in 10 people claimed to have experienced fraudulent behaviour over the Internet including fraudulent emails, credit card fraud and unauthorised bank transfers.

Q. Should I be worried?

A. The AVG study shows that Cyber Theft is one of the most feared crimes with people believing themselves more susceptible to online fraudsters than any other criminals. According to research, 87% of people admit they are worried about the threat of cyber theft. However, AVG is doing what we can to help you combat Cyber Theft, and there are other organisations working nationally to help deal with Cyber Theft.

Follow the advice above, keep your PC secure and protected (and that protection updated), and you should have little to worry about.

For more AVG (AU/NZ) security tips, please see http://www.avg.com.au/resources/security-tips/.

In addition to following the advice above, every organisation needs a simple and powerful way to keep their business safe. AVG Internet Security Business Edition delivers complete protection for SMBs, businesses and enterprises seeking to protect their servers, workstations, networks and email systems. For more information, see www.avgatwork.com.au.

Top 10 Tips for Staying Safe on Twitter

Tue, 23 Feb 2010 13:00:00 GMT

Say what you want on Twitter but be careful about it, warns AVG (AU/NZ)

Melbourne, 24 February 2010 - Last weekend, there was another Twitter security breach - a phishing attack. As the Twitter micro blogging service comes into its fourth year of existence, it is more popular than ever, which makes it a perfect target for cyber criminals. The nature of Twitter has always meant to be very open, so what are the best ways to protect yourself?

AVG (AU/NZ) has put together a list of top 10 tips to help you stay safe on Twitter. Don't forget to tweet it to your fellow tweeple!

1. Limit what you say
It's easy to tweet about where you are and what you're doing, but do you think about who is listening? What might seem like a harmless comment initially could be used to piece together a picture of your whereabouts and plans! Unless your tweets are protected, they are going to be out in the public domain. Fraudsters can use this information in many ways.

2. Be careful what you click on
Be suspicious about links that you are sent and posted. Many people use URL shortners on Twitter, so it is often very difficult to check what you are clicking on. AVG LinkScanner® can help check suspicious links, but remember: if you are in doubt, don't click!

3. Be vigilant
Watch out for suspicious activity in your tweet stream and inbox. If you start receiving strange messages or your friends are being unusually spammy, it might be worth double checking that their account hasn't been compromised.

4. Think before you tweet
Remember, the whole world can see what you write and even though tweets can be deleted, they are still searchable. Don't tweet when you're in a state of mind that might have you saying something you'll regret later. While it is funny thinking about it, the consequences are often not as amusing. Additionally, by including 'hash tags,' you increase the search for your chosen term, so think about who will be searching for your tweets.

5. Don't be too trusting
You can never be sure the stranger you 'networked' with via Twitter is who they say they are. Don't be easily befriended by strangers on Twitter who may not have your best interests at heart.

6. Check third party applications
There are hundreds of applications out there for Twitter. Before signing up to one of these, check to see that they are safe. You can do this by looking for mentions of the tools on trusted sites. Remember that the apps generally require your password and log in details so be extra cautious before sharing this information.

The same basic rules that apply to other social networking sites can also be applied to Twitter, so don't forget the following too:

7. Password information
Use different passwords, or even better still, set up separate email accounts for your social networks. That way, if you stop your account, you can easily delete the email account too. Be mindful of where you are sending your updates and the types of security questions you set.

8. Signing in
Check your browser settings on your computer so that your information is not stored for anyone else to see if you are on a shared computer!

9. Watch out for phishing attacks
As Twitter gets more popular, the likelihood of phishing attacks grows. Be aware of attempts to get users to give up their login and passwords by tricking them with fake tweets and direct messages.

10. Being mobile
Be mindful about who might have access to your mobile phone. If you have a Twitter application, make sure you log out once you're finished with it.

Lloyd Borrett, Marketing Manager for AVG (AU/NZ) advises, "As with any online activity be smart, be aware, be careful, and you can stay as safe on Twitter as anywhere else online."

For more AVG security tips, see http://www.avg.com.au/resources/security-tips/.

Protecting Your Business From Social Networks

Sun, 21 Feb 2010 13:00:00 GMT

AVG answers the question: If social networks are a business risk, shouldn't we just block them?

Melbourne, 22 February 2010 - With more and more staff using social network sites like Facebook, Twitter and MySpace from work, plenty of businesses are asking the question, "If social networks are such a risk, shouldn't we just block them?"

When social networking web sites such as Facebook and MySpace first emerged, some businesses viewed them as a distraction from work and banned them. With the appearance of other social formats, such as Twitter however, companies have begun to embrace this potential for collaboration. Social networking has evolved from personal networking to become a media for mass communication. Many companies now view web sites such as Twitter as a valuable marketing channel.

Given these new legitimate business uses, a policy banning these social networking web sites completely seems counterproductive. While serious business roles exist for these tools, for security reasons, companies should still monitor how employees interact with them.

Security experts such as Herbert Thompson, a professor in the Computer Science department at Columbia University, has warned about the dangers of revealing personal information on social networks. People may post personal details, for example their Mother's maiden name, that are often used by secure web sites as password prompts.

"People are posting indiscriminately - they throw weird information out there. What has happened is there has been a growth in the technology for information sharing but not a commensurate education in what information we should share," he said.

So, while a strict ban of social networking web sites may not be the answer, companies should consider creating and enforcing regulations on how they should be used, especially in relation to company business. A recent study conducted by IESE Business School in Spain, E. Philip Saunders, College of Business at the Rochester Institute of Technology in the US, and Henley Business School in the UK, revealed that six out of seven companies don't have a formal policy on how social networks should be used within their businesses. "Ignoring the increased usage and influence of social networking and Web 2.0 tools leaves organisations at the risk of misuse, potentially leading to the disclosure of sensitive information or misrepresentation of the company," said Evgeny Kaganer, Ph.D., lead researcher and assistant professor, IESE Business School.

According to Lloyd Borrett, AVG (AU/NZ) Marketing Manager, in addition to developing high-level policies for the use of social networks, there are some simple guidelines that managers can provide to staff to minimise the risks.

"The fact that they are so user friendly makes them dangerous. You don't mind your friends knowing where you live, or when your birthday is, or what your mother's maiden name is, but if the bad guys manage to hack into your friend's account, then they find out that information as well," said Borrett.

Borrett advises that something as simple as creating separate passwords for each site, that are also different from log-ins for company systems, can be effective. "If you want to keep yourself safe on these sites then you should use a unique user ID and password for each one, or at least a unique password," he says.

Being generally cautious about who staff interact with and what applications they install is a good guideline. "Your mother advised you to never talk to strangers. The same goes for social networking sites. If you don't know who they are, don't talk to them," he added.

"Finally, be careful what applications you agree to install. There are a million people developing applications for these sites and something tells me they are not all good guys."

For more on securing social networks view, "The Do's and Don'ts on Social Networking," by Roger Thompson, AVG's chief research officer at http://www.youtube.com/watch?v=poHqIXvxmfg.

For more AVG security tips, see http://www.avg.com.au/resources/security-tips/.

In addition to following the advice above, every organisation needs a simple and powerful way to keep their business safe. AVG Internet Security Business Edition delivers complete protection for SMBs, businesses and enterprises seeking to protect their servers, workstations, networks and email systems. For more information, see www.avgatwork.com.au.

Ten Tips for Staying Safe on Facebook

Sun, 14 Feb 2010 13:00:00 GMT

Say what you want on Facebook but be careful about it, warns AVG (AU/NZ)

Melbourne, 12 February 2010 - With more and more people using Facebook and sharing personal data, criminals are finding it a rich source of income - they are harvesting and selling information, stealing identities, sending spam and planting viruses.

"People put themselves at risk every day by carelessly clicking on invitations sent by 'friends' to join groups or write on their wall," said Lloyd Borrett, Marketing Manager for AVG (AU/NZ). "They put all their personal information including date of birth and photos on their page. They even respond to fake Facebook requests for security details."

AVG (AU/NZ) has put together a list of top 10 tips to help people stay safe on Facebook or other social media sites. Don't forget to share these tips with your friends and family!

1. Think about who you add
It's not all about the numbers of friends. Remember when you accept a friend request you provide your new friend with access to lots of information about you. This includes, posts, photographs, messages and all the background information that you write about yourself. You can delete friends at any time, so perhaps it's time to refresh your list and think about who you really want accessing your information.

2. Check your settings
Recently, Facebook changed the default privacy setting to share information publicly. It's worth spending some time to go through your settings and adjust where necessary; you may be sharing more than you intended. You even have the option to add 'limited profiles' for those people that you may not want accessing your personal information. It's up to you how you want to use these settings so it's definitely worth having a look to create a profile that's right for you!

3. Why are you on Facebook?
Ask yourself what you want to achieve with your profile. Is it just to share photos, or keep in touch with people, or even to share links and updates of your activities? Sometimes it's better to cut down what you show on your profile; this includes signing up to applications which also take a lot of your data. You can always add or remove options as you go, so if your needs change, so should your profile.

4. Be smart about your password
Try not to use the same passwords on all of your accounts. It's also important to be mindful of where you are sending your updates and the types of security questions you set.

5. Be aware of where you sign in from
Check that the computer that you sign in from doesn't store your email address and password. It seems simple but often it's easy to accidentally choose it to 'remember you'. Make sure you have the appropriate privacy settings on your browser.

6. Be careful what you say
Make sure that what you say in status updates and comments is something that you would be comfortable seeing on the front page of a newspaper. Once you post it, anyone that sees it can copy and post it elsewhere, or take action based on it. Do you really want everyone to know that you will be all alone at home tonight or away next week?

7. Watch out for Phishing Attacks
Over the past year, there have been many attempts to get users to give up their login and passwords by tricking them with fake emails from Facebook. Never select any email links asking you to click to reset your password. Always go directly to Facebook - if there is a problem, Facebook will notify you on site. Installing and using an up-to-date complete protection solution on your PC, like AVG Internet Security, will also safeguard you against spam and phishing attacks.

8. Take immediate action
If friends start receiving spam from you or status updates appear that you didn't make, your account may have been compromised. If you think this has happened, immediately change your password. If you can't log in to your account, go to the Help link at the bottom of any Facebook page and click on Security to notify Facebook about your account.

9. Protect your mobile device
Be mindful about who might have access to your mobile phone. Many phones today have apps that connect you into many social networking sites such as Facebook. Therefore, if you use these apps, make sure you log out of them when you are no longer using them.

10. Monitor suspicious activity
Watch out for suspicious activity on your Wall, News Feed and Facebook Inbox. Never, ever click on suspicious links. They can often look enticing, e.g. "Hey come look at my charity cycling pictures on my site." Before you click, look closely! Does the site look authentic? If in doubt, don't click on it.

AVG's Lloyd Borrett advises, "As with any online activity be smart, be aware, be careful, and you can stay as safe on Facebook as anywhere else online."

For more AVG security tips, see http://www.avg.com.au/resources/security-tips/.

Valentine's Day: How to Send and Receive e-Cards Safely

Mon, 01 Feb 2010 13:00:00 GMT

Melbourne, 2 February 2010 - With Valentine's Day just a few heart beats away, millions of e-cards and messages will be flying through the Internet. But these low cost, eco-friendly expressions of affection can expose your home computer to security threats.

Internet security software distributor AVG (AU/NZ) warns that criminals are using this increasingly popular medium to deliver viruses and other malware to the computers of their unsuspecting victims. Because risky e-cards are typically made to look like they have been sent from a trusted friend, they fool the recipient into opening them.

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said. "Most people will automatically open an e-card if it's from a friend or colleague. To protect yourself from unwanted attention from cyberspace be very careful what e-cards you open and what you forward on."

"While receiving an anonymous card from a Valentine can be exciting, opening an anonymous email with 'I Love You' in the subject line could be courting disaster. Don't let some nasty piece of malware worm its way into the heart of your computer."

Only a tiny percentage of e-greetings will contain a security threat but many PCs will be damaged or compromised. This results in not only lost documents, emails, photos and so on, but compromised PCs often become unwitting distributors of spam or their owners may become the target of identity theft.

Following AVG (AU/NZ)'s five practical tips will minimise the risk of becoming a victim of online fraud or cyber criminals this Valentine's Day:

Don't open attachments: legitimate e-cards should be links to a company website that then direct you to your card.
Identify legitimate messages: Don't open any message with a disguised name, such as Your Friend or A Secret Admirer, or one from an unknown web site address. Watch for misspelled words or names.
When in doubt, delete: It's better to do that than open your system to a virus or spam.
Know where you're going online: At the very least, use free basic security software that detects and blocks web sites that push online scams, adware installations, attachments filled with viruses and other malicious downloads which could harm your system. Access AVG Anti-Virus Free Edition 9.0 with LinkScanner technology here: www.avgfree.com.au. For complete protection, use a full suite solution like AVG Internet Security 9.0.
Always read the fine print before accepting any terms: Some e-card scams list in their terms that they can send email to everyone in your address book.

Because spam e-mail and attached malware has increased to such intrusive levels, for the continuing safety of your home computer, AVG AU/NZ recommends anti-virus, anti-spyware and firewall software as essential, minimum protection.

"Using home computers safely has become very much easier as everything that's required is now affordable and easy to install," Borrett said.

As an example, the AVG Internet Security 9.0 full suite solution is an excellent Anti-Virus, Anti-Spyware, Anti-Rootkit, Two-way Firewall and Anti-Spam protection software for all of your computer system needs. Carbonite Online PC Backup is cost effective insurance against the loss of documents, photos and all other valuable files.

"And, importantly, ensure your security and backup software is current by using automatic updates and that it is licensed, installed and running properly at all times," Borrett advised.

For more AVG security tips, see www.avg.com.au/resources/security-tips/.

The Worm Ate My Homework: New Back-To-School Computer Use Checklist For Parents

Wed, 20 Jan 2010 13:00:00 GMT

Melbourne, 21 January 2010 - AVG (AU/NZ) Pty Ltd, which distributes the AVG range of Anti-Virus and Internet Security products, has created a Back-To-School Computer Use Checklist For Parents (www.avg.com.au/resources/security-tips/).

In one easy list are guidelines to help parents understand the current terminology, what to be looking for, and how to ensure children are using computers safely and responsibly. It also includes an associated shopping list of software and accessories for parents to consider.

Lloyd Borrett, AVG (AU/NZ)'s Marketing Manager, said: "There is much to learn and monitor when it comes to your children's use of computers. With the many threats out there today and changes in technology, it can be quite a daunting task for parents to keep up. From our extensive knowledge of what is happening in the area of Internet security, we have compiled a checklist covering all the issues."

"As parents and their children rely more and more on the information stored on home computers, I cannot stress too highly how vital it is to protect it against online threats or loss."

With the government's Education Revolution, and the growing use of laptops by school children, will come enormous losses of school homework, assignments and study notes through laptop damage or theft.

A child's school may have an open wireless network, or kids could decide to work at the local Internet café. These are prime targets and leave laptops vulnerable to viruses, worms and other malware.

"It's no longer a matter of the 'dog eating my homework'. It will become a matter of 'the worm ate my homework' if parents don't have all the protection mechanisms in place," Borrett said.

"Using home computers safely has become very much easier as everything that's required is now affordable and easy to install," Borrett continued.

The overriding caution in AVG's Back-To-School Computer Use Checklist For Parents is to keep all security and backup software current by using automatic updates and ensure it is licensed, installed and running properly at all times.

"Viruses are being introduced so rapidly that most reputable security software vendors release multiple threat definition updates every day. Not only the operating system but all other programs and pieces of software on the computer need to be regularly updated," Borrett advised.

For parents looking for security software, the AVG Internet Security 9.0 full suite solution delivers excellent Anti-Virus, Anti-Spyware, Anti-Rootkit, Enhanced Firewall and Anti-Spam protection (www.avg.com.au/products/avg-internet-security/). Even the basic protection provided by the free version of AVG (www.avgfree.com.au), is much better than nothing at all.

Borrett also suggests a solution for parents worried about homework and assignments being lost, or the kids losing all their data if a laptop is stolen. He recommends they use an Internet based remote backup solution such as Carbonite Online PC Backup (www.carbonite.com.au).

Another recommendation is to educate children to stay away from the popular peer-to-peer (P2P) networks from which the vast majority of the files being shared are copyrighted songs and movies which are illegal to download and often carry infection mechanisms.

The AVG Checklist also includes a shopping list of helpful accessories suggesting everything from a USB key for easy transfer and transportation of data to a laptop security cable.

To view or download the Back-To-School Computer Use Checklist For Parents go to AVG (AU/NZ)'s web site at www.avg.com.au/resources/security-tips/.

AVG Warns Against Growing Threat of Cyber Crime at Home

Wed, 13 Jan 2010 13:00:00 GMT

Melbourne, 13 January 2010 - According to the FBI, cyber attacks are potentially more dangerous than a nuclear attack and weapons of mass destruction. In our society, where everything of importance is controlled by computers, should these fall prey to cyber criminals, it could result in 'cybergeddon'.

While we have yet to experience anything on this scale, we are still under constant threat from cyber crime.

With PCs now containing up to 200 million lines of code of which 2 million could include bugs, and with homes full of mobile phones, games consoles and PDAs, the potential for falling prey to hackers and identity theft is a real and growing threat, according to leading distributor of anti-virus and internet security software, AVG (AU/NZ) Pty Ltd.

Lloyd Borrett, Marketing Manager of AVG (AU/NZ), said: "We expect our workplace computers and data to be protected to the highest level but people are failing to fully protect their personal information. With cyber criminals becoming ever more sophisticated, it is crucial to be protected at home."

"Each line of code in your PC could include bugs that are easily infiltrated by hackers. A virus in your computer may only be an inconvenience but identity theft is a very real concern," he said.

Reports from the UK suggest that theft from online bank accounts is growing at a staggering rate of 50% per year.

"While government security services worldwide are doing as much as they can to protect us from broader 'cybergeddon', it's up to each individual to protect their own equipment and data," Borrett said.

AVG offers comprehensive real-time protection for home and small to medium businesses to guard against all threats from viruses, spam, spyware, adware, worms, Trojans, phishing and exploits to hackers, scammers and identity thieves.

AVG (AU/NZ) Appoints Michael Dowling as Corporate Sales Director

Tue, 12 Jan 2010 13:00:00 GMT

Melbourne, 13 January 2010 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security software, has announced the appointment of Michael Dowling as Corporate Sales Director.

Dowling's primary role is to further expand the usage of AVG in the SMB and enterprise markets. An initial task will be to spearhead a review of AVG (AU/NZ)'s reseller program and focus on active engagement with its channel of some 2,600 partners.

Dowling said: "This is a tremendous opportunity to build a great team and an energised network. With a disciplined sales approach we will be able to really get behind our strong product line, enthusiastic resellers and satisfied customer base."

Dowling has broad experience in the reseller environment from his previous roles at Melbourne IT, Domain Intellect, IT&E, Zebra Direction, and most recently, Achieve Global.

His capabilities are well known to AVG (AU/NZ)'s managing director, Peter Cameron, as the pair have worked together in the past: "With Michael on board we can now confidently step up our plans for growth through building stronger relationships with our existing partners and capturing new business."

AVG Shows Why It's Still the #1 Most Downloaded Software

Sun, 10 Jan 2010 13:00:00 GMT

Security Software Company Tops CNET's Most Downloaded List; Racks up Top Awards and Certifications

Melbourne, 11 January 2010 - AVG (AU/NZ), the Australian, New Zealand and South Pacific distributor of the world's most popular free anti-virus software, has announced that AVG still dominates the security sector as the most downloaded software of all time on CNET's Downloads.com website - delivering more than 1.5 million downloads every week and an astonishing 247 million downloads cumulatively since AVG was first offered at the site.

A quick retrospective of the top awards and certifications earned by AVG throughout the year explains why:

Business Solutions Magazine "A Best Channel Vendor 2010"
AVG Technologies recognised as "A Best Channel Vendor 2010" in the Security category.
SC Magazine 2010 Award Finalist
AVG Internet Security Business Edition named a finalist in the Anti-malware category in the 2010 SC Awards Competition for outstanding achievement in information technology security.
SC Magazine "Best of 2009"
AVG Internet Security Network Edition* received "Best of 2009" recognition in the category of Anti-Malware.
Business Solutions Magazine "Best Channel Product 2009"
AVG Internet Security Small Business Server (SBS) edition* recognised as a "Best Channel Product 2009" in two categories: Email Security and Endpoint Security from Business Solutions Magazine.
SC Magazine UK 2009 Excellence Award Winner
AVG Internet Security Small Business Server (SBS) solution* received the Excellence Award for Best SME Security Solution from SC Magazine UK.
10 Essential Third-Party Security Apps for Windows 7
AVG Anti-Virus was selected by eWeek magazine as one of the best enhancements to Windows 7.
CRN's "14 Essential Products for SMB"
AVG Internet Security named to Computer Reseller News list of 14 essential products for SMB.
Channel Web's "Best Products of 2009"
AVG Internet Security named to Channel Web's best products of the year.
Lifehacker.com's "Most Popular Free Windows Downloads"
AVG Anti-Virus Free Edition was voted #1 most popular download by readers of Lifehacker.com.
5 Stars (out of 5) - PC Utilities
AVG Anti-Virus Free Edition was received 5 out of 5 stars in a review by PC Utilities magazine.
2009 Global Product Excellence
AVG Internet Security won the 2009 Global Product Excellence Award - Security Solution for Consumers. The Info Security Products Guide sponsored the awards.
2009 Global Product Excellence
AVG Internet Security Network Edition* won the 2009 Global Product Excellence Award - Security Solution for Enterprise (Small and SOHO).
SC Magazine "Recommended"
AVG Internet Security Network Edition* solution received the "Recommended" designation in the Anti-malware Group Test performed by security publication SC Magazine.
Business Solutions Magazine "A Best Channel Vendor 2009"
AVG Technologies named "A Best Channel Vendor" in the Security Category.
West Coast Labs Checkmark Platinum Products (www.westcoastlabs.com)
AVG Internet Security received Checkmark platinum certification in the category of Anti-Malware (Real Time Anti-Malware for FTP and Real Time Anti-Malware for HTTP). AVG is currently one of only four companies with this real time platinum certification.
West Coast Labs Checkmark Certified Products (www.westcoastlabs.com)
AVG Internet Security has current Checkmark certification for Anti-Malware, Anti-Malware Dynamic, Anti-Spyware Desktop, Anti-Trojan, Anti-Virus Desktop, and Anti-Virus Server.
Virus Bulletin VB100 Awards (www.virusbtn.com)
AVG Internet Security (for Windows 7)
AVG Internet Security Network Edition (for Windows Server 2003)
AVG Internet Security (for Windows Vista)
AVG (for Windows Server 2003)
AVG (for Windows XP Professional)
ICSA Labs Certified Products (www.iscalabs.com)
Certifications for AVG Anti-Virus for Desktop /Server Anti-Virus Detection (consumer); AVG File Server Edition for Desktop/Server Anti-Virus Detection (small business)

* Re-named AVG Internet Security Business Edition

"AVG continues to make really awesome software that consumers and small businesses like to use; it's that simple," said Lloyd Borrett, Marketing Manager of AVG (AU/NZ). "As AVG's competitors scramble to match our strength, we've now upped the ante by moving toward protecting humans - not just computers. You can expect to see more emphasis on protecting online communities and the Internet at large in AVG's road map for 2010."

AVG wins Checkmark Platinum Product Award by Westcoast Labs for AVG 9.0

Sun, 20 Dec 2009 13:00:00 GMT

Melbourne, 21 December 2009 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security products, is proud to announce that AVG Technologies has been awarded the Checkmark Platinum Product Award by Westcoast Labs, a leading independent test facility for the information security products and services industry.

AVG's Internet Security 9.0 software has achieved the Checkmark Platinum Product Award for Real Time Anti-Malware protection, following an extensive testing process. Tests were run continuously against security threats collected in real time through West Coast Labs' global network amid a testing environment that imitates the real-life working conditions of the average user's computer.

The global nature of IT security threats, coupled with demand for up-to-the-minute performance of security products, fuels the need for sophisticated product testing that extends beyond standard, baseline benchmarking tests.

"Today's internet threats from hackers and cyber criminals are both transient and rapidly evolving. To combat them, security products must also evolve. As such, real time testing of security products is critical, and it takes both reactive and proactive technologies to protect against today's threats. That's what we've achieved with our latest release of products," said AVG Technologies' CTO Karel Obluk.

West Coast Labs Release

http://www.westcoastlabs.com/checkmark/search/platinum/

IRVINE, CA and CARDIFF, UK -- (Marketwire) -- 12/14/09 -- West Coast Labs, part of the Haymarket Media Group and one of the world's leading independent test facilities for information security products and services, today announced AVG Technologies, CA, Inc., Kaspersky Lab and Webroot received the Checkmark Platinum Product Award for participation in the West Coast Labs Real Time Testing Program. This unique, higher level of product performance validation requires 24x7x365 live testing of solutions against a live malware feed that approximates the real-life working conditions of the average user's computer.

Checkmark Real Time Testing program is designed to provide vendors with an accurate independent measurement of real world product performance. The Checkmark Platinum Product Award is issued based upon the results of extensive real-time testing of the quality of anti-malware protection provided by a product or service. The tests run continuously against security threats collected in real time through West Coast Labs' global network.

"We are glad that another independent research lab appreciates the value of dynamic testing and importantly, is committed to testing how effective antivirus products are in the everyday situations that users typically find themselves in," said Alexander Gostev, Director of Kaspersky Lab Global Research and Analysis Team. "What makes the approach adopted by West Coast Labs so valuable is that they will continue their dynamic testing for a long time, with vendors receiving renewed certification based on each test period's results. The Checkmark Platinum Product Award received by Kaspersky Lab clearly demonstrates that the decision we made several years ago to focus on developing such technologies as Hosted Intrusion Prevention was totally justified. It also shows that our approach to protection is indeed truly comprehensive."

Demand for Unparalleled Performance Validation

The global nature of IT security threats coupled with demand from both vendors and end-users for up-to-the-minute performance validation of mission critical security applications and services continues to fuel the need for sophisticated product testing that expands beyond standard, baseline benchmarking tests.

"As an extension of our Real Time Testing, the Platinum Product Awards is a formal recognition of the level to which a product's performance and detection capabilities are validated," said Lysa Myers, director of research, West Coast Labs. "Where many product tests and validations occur in a vacuum without regard to time and geography, our Real Time Testing Program most closely resembles user experiences by testing against up-to-the-minute threats originating from multiple geographies aimed at varying entry points."

Malware authors continuously seek new opportunities to compromise the security of end user data and enterprise computing systems by evolving the distribution and structure of malware to make detection difficult or by exploiting weaknesses in new operating systems or major upgrades. "Today's internet threats from hackers and cyber criminals are both transient and rapidly evolving. To combat them, security products must also evolve. As such, real time testing of security products is critical, and it takes both reactive and proactive technologies to protect against today's threats. That's what we've achieved with our latest release of products," said AVG Technologies CTO Karel Obluk. "Testing against a static set of threats is becoming less important. We expected to perform well, but are pleased that AVG Internet Security 9.0 received West Coast Labs Platinum Product Award for Real Time Anti-Malware protection. This third party recognition validates our continuing efforts to protect our customers."

West Coast Labs maintains up-to-date, accurate views of the threat landscape through its real-time data collection from its global research network, which serves as the foundation of its Real Time Testing Program. This approach gives a highly accurate assessment of product effectiveness versus testing regimes that employ simple collection and testing regimes often compromised due to outdated test samples.

According to Paul Lipman, senior vice president and general manager of Webroot's Consumer business, "Webroot is committed to protecting our customers against the millions of new, increasingly sophisticated security threats we're seeing emerge each year. We are pleased to receive a Checkmark Platinum Product Award from West Coast Labs because it's further validation that Webroot's products deliver highly effective, real-time detection and protection against the latest malware."

Don DeBolt, director of threat research, CA Internet Security Business Unit, said, "Obtaining the Checkmark Platinum Award for CA Internet Security Suite Plus 2010 is an important validation of CA's commitment to producing easy-to-use Internet security solutions that offer the highest levels of protection required to successfully protect PC users from constantly evolving online threats."

Details for participating vendors and their products are available at: http://www.westcoastlabs.com/checkmark/search/platinum.

About West Coast Labs Checkmark Certification

Checkmark is one of the world's leading certification systems for information security products and services. This highly regarded accreditation program provides a level of assurance across a wide range of technologies that products and services perform to industry accepted standards.

About West Coast Labs Real Time Testing Program

The Real Time Testing Program builds upon Checkmark Certification program with the belief that effective independent performance validation of content security technologies should occur as an actual business experience in real-world environments. West Coast Labs now delivers sophisticated, live testing and real-time product performance through its 24x7x365 Real Time Testing program. Products are tested continuously against content security threats collected through West Coast Labs' global network in real time to provide the ultimate in performance validation. Upon completion of the Checkmark Certification program and Real Time Testing program, products are recognized with a Platinum Product Award indicating its ability to meet superior levels of performance standards.

About West Coast Labs

Part of the Haymarket Media Group, West Coast Labs is a global leader in technical research, testing and the Checkmark Certification of information security products and services. With market-leading technology and testing facilities accredited to ISO17025 in the UK, USA and India, West Coast Labs' services and the Checkmark Certification System are being used by the leading global brands to create market advantage and by large business enterprises for obtaining crucial technical insight into product performance.

AVG (AU/NZ) Prices Lowered

Tue, 15 Dec 2009 13:00:00 GMT

Melbourne, 16 December 2009 - AVG (AU/NZ) Pty Ltd has today dropped the prices of AVG Internet Security 9.0, AVG Anti-Virus 9.0 and AVG Anti-Virus plus Firewall 9.0 consumer products. This price reduction is a result of AVG (AU/NZ) passing on reductions in our cost price brought about by the strengthening of the Australian dollar over the US dollar.

"We are delighted to enhance the already high value proposition offered by our consumer products," said Peter Cameron, Managing Director of AVG (AU/NZ) Pty Ltd.

"A one year licence for our premium product, AVG Internet Security 9.0 is now only A$69.00 inc GST. A two year licence is even better value at $104.99," said Cameron.

"If you are simply looking for antivirus protection, a two year licence for the AVG Anti-Virus 9.0 product is now only A66.50 which equates to just over $30 per year."

Previously, AVG Internet Security 9.0 on one PC cost A$74.99 inc GST for a one year licence and A$109.99 for two years, while a two year licence for AVG Anti-Virus 9.0 was A$69.99.

AVG Security Predictions for 2010

Wed, 25 Nov 2009 13:00:00 GMT

by Lloyd Borrett, Marketing Manager, AVG (AU/NZ)

Melbourne, 26 November 2009 - Every year most of the security vendors' forecasts predict dramatic spikes in volumes of spam, phishing, botnet activity, and malware. And unfortunately, every year these predictions come true. While we'd like not to be sowing seeds of fear, uncertainty and doubt, the cyber criminals are succeeding on such a scale and making so much money, that each year they are able to invest in better and more automated ways to run their rapidly expanding and increasingly sophisticated operations. So once again we can safely predict that in 2010 the threat environment will look pretty much like this year - except that it will have more of everything and be even more transient, agile and organised!

More diverse, automatically generated malware

Today malicious code is written with more variants. The bad guys can now automatically create hundreds of thousands of unique pieces of malware a day, much of which has no unique signature and can bypass old fashioned signature based virus detection software. This makes it increasingly important for people to have more than just anti-virus protection on their computer.

More people will buy complete protection

The good news is that reputable security vendors like AVG now provide full Internet Security suites with multiple layers of protection. The majority of people that pay for security software now buy the full suite, complete protection solution instead of entry-level solutions. This trend continued through 2009, in spite of tougher economic times, and we expect it to be maintained in 2010.

The bad guys still want your money, identity and/or resources

For many years now most malicious code and web sites have been directly or indirectly about stealing your money, identity, computer resources, or some combination of these. In simple terms the cyber criminals:

Trick you to hand over money to them via social engineering and phishing scams. Yes, people still believe they can help that relative of a despot in Nigeria who needs their help to access squillions of dollars. They believe they've won a lottery they never entered. Or they believe that there really is a long lost, hugely wealthy, dead relative they've never heard of and that the kind and diligent lawyer will help them to get access to the estate.
Trick you into providing, or steal off of your computer, enough of your personal details so as to build up a dossier of information about you that is sufficient to trick someone else into providing them with money, goods or services. Expect to see even more legitimate-looking and personalised phishing attacks impersonating your bank or other businesses you have accounts with. Once the bad guys have your details they buy online using your credit card details and trick the merchant into providing them with goods or services. They steal online gaming usernames and passwords so as to gain access to your winnings in your favourite game world.
Make your computer into a part of their botnet. Then they can use your computer resources and Internet bandwidth to send out spam, host poisoned web pages, host downloads of illegal software, movies, music, xxx adult images, child pornography etc.

Cyber criminals in the cloud

To keep ahead of the computer security industry's efforts to thwart their activities, the "bad guys" have become quite agile. They are using "in the cloud" technologies in far more sophisticated and effective ways than most legitimate businesses. It was recently discovered that Google's AppEngine had been tapped to act as the master control channel to feed commands to large networks of infected computers in a botnet. (Google shut down the rogue app shortly after being notified of it.) We can expect more of this sort of activity in 2010.

Highly transient web threats

In 2010 we will see the cyber criminals continue to improve the speed with which they are able to move their campaigns from domain to domain, server to server. This is partly in response to improved detection and blocking methods deployed in updated security products like AVG LinkScanner®. In recent times we've been increasingly seeing the bad guys set up hundreds of thousands of new web sites and pages per day, well in advance of using them for nasty purposes. This enables them over a period of a week or so to gain a good rating in the reputation based security networks being used by some security vendors. Then the bad guys change their "innocent web pages" and go live with their malicious payloads on those same web pages. In early 2009, AVG researchers reported that 60% of these poisoned web threats were active for less than a day and 75% for less than 30 days. By the time the reputation based networks and blacklists are flagging these poisonous web sites and pages as bad, the cyber criminals have shut them down and moved them on to another domain or server.

Exploitation of major events, news and gossip

Some of these gangs of thieves have also recently enjoyed success in manipulating the popular online search services. They are clearly now investing more effort in such activities so they can, almost at the drop of a hat, get search results at or near the top of the first page of results. Should a celebrity die, an election be fought, some video clip "go viral", the bad guys quickly exploit the blossoming interest in that topic. The cyber criminals hijack search results into clicks on links to their malicious web pages. This is all a part of the bad guys moving away from "spray and pray" attacks into more premeditated attacks with specific objectives. Expect to see more highly targeted, convincing attacks with custom malware in 2010.

"Web two-point-uh-oh"

But that's all so "Web 1.0". What about "social media" and "Web 2.0" - that's where things are at now. Of course, the bad guys have not failed to notice this either and have been improving their own Web 2.0 skills while checking out the opportunities afforded by "Web two-point-uh-oh". The Koobface worm has been rattling around Facebook and a worrying number of its users for a while now. Along the way support has been added for MySpace, several other social networking sites and more recently Twitter and LinkedIn. Attacks that impersonate social networking sites or spoof contacts from your "friends" list, are more likely to be clicked on. So the bad guys exploit this trust. This approach seems to have a good return on investment for the financially motivated crooks behind it, and it's likely we'll see a great deal more of this kind of thing in 2010.

Emerging nations go online with poor security

The number of computers and number of people connected to the Internet is still growing fast. More and more people in places like China, India, Brazil etc. are going online with improved connection speeds. Sadly many of them are using pirated software that can't be kept up to date with security patches. This makes it easy for the bad guys to target those computers, get control of them and start using them as resources to power their criminal activities. We expect to see a big increase in threats being delivered via emerging countries in 2010.

Global economic crisis impacts security

Although the effects of the current economic downturn are quite unequally distributed, employment in the USA and some parts of Europe and Asia has taken a particularly hard hit. This can have a flow on effects.

Firstly, while there is no good data that I'm aware of to support the following suggestion, it is commonly accepted that violent and property crime rates rise during hard economic times. It's quite likely that more people will be tempted into becoming cyber criminals, especially as more organised underground channels are opened up.

Secondly, it seems likely that otherwise decent people facing increasingly desperate economic conditions, may be more likely to fall for the quick-money appeal of the Nigerian prince offering 40% of his fortune, or to ignore what in better times would be the obvious telltale signs of the too good to be true "work from home" scams and the like, favoured by so many cyber-criminals to effect their money laundering schemes. Or as a form of retribution, those who have lost their jobs will take valuable data with them, or details of how to access company resources, and it ends up in the hands of the cyber criminals.

Business still too complacent

If business IT and security managers have ensured that the workstations and servers the business uses are properly up-to-date and protected, that staff understand the threat landscape and know what to do as they move about with notebooks, then they too can be safe. It just requires constant vigilance and contingency planning. Sadly, events in 2009 showed that many businesses simply weren't properly protected.

The success of the exploits used to penetrate and establish Conficker into business and enterprise networks early in 2009 was largely because of complacency. The attitude common among certain business IT and security people is "we have a firewall to keep out worms and other network vulnerability-based attacks, and content filters to stop employees browsing porn, gaming and other 'dubious' sites".

This attitude means many businesses have poor update policies, which leave their networks well out of date on OS and application patches. These weaknesses are the stock-in-trade of the drive-by download exploits commonly used by the cyber criminals.

It also means business is ignoring the fact that the cyber criminals buy professional advertising served by legitimate ad-serving networks, and yes, even the biggest ad networks. These ads then appear on perfectly legitimate websites that employees are quite likely need to access to do their work. So we can expect to see more business damaged as the bad guys expand the use of this attack vector.

It will get worse before it gets better

Sadly, the security threats in 2010 are likely to be nastier than ever, more targeted and more frequent. With malware and cybercrime now being almost exclusively driven by organised crime running on a business model, changes are largely driven by criminal cost/benefit analysis of opportunities and risks.

The good news is that people don't need to worry if they understand the nature and purpose of the threats, can see through the scams and the "too good to be true" offers, have good Internet security protection on their computers and keep all of their software up-to-date. Do you measure up for a safe 2010?

As Christmas Nears, AVG (AU/NZ) Advises Shoppers How to Stay Safe Online

Tue, 17 Nov 2009 13:00:00 GMT

Melbourne, 18 November 2009 - As Christmas shoppers everywhere head online looking for good deals, Internet security software distributor, AVG (AU/NZ) is promoting safe online shopping this holiday season.

"Online shopping offers many benefits, including the ability to shop at any time of the day or night that is convenient," said Lloyd Borrett, Marketing Manager, AVG (AU/NZ). "To help, we've developed a set of practical tips to help shoppers keep their personal information safe while they are saving time and getting great deals by shopping online."

"Just as we encourage people to be careful as they're shopping in a shopping mall or crowded store, everyone should take appropriate steps to protect themselves while shopping online," Borrett said. "Simple steps, like looking for the 'secure site' padlock on your browser page when purchasing, or making sure you're buying from a reputable company, can prevent potential headaches down the road."

AVG (AU/NZ) offers six tips for online shoppers this holiday season:

1. Look for the "S" for security. Make sure the web sites you are shopping from are secure and have "https" in the URL when you are in their checkout/purchase process. The "s" ensures security. When you are in the secure section of a web site, you will also see an icon for a locked padlock on your browser, either on the address bar or on the bottom right corner. Additionally, use the Internet to research online retailers not familiar to you. There are many sites such as www.getprice.com.au, www.eshop.com.au and others that provide info on retailers.

2. Stay current on security software. This means making sure you have the latest virus protection software updates from your security software provider. It's important because the bad guys move around frequently. Security software companies are working to stay one step ahead of them. If you are updated, you are staying one step ahead, too.

3. Think before you link. Employ a URL scanning tool to ensure you will be warned if you click on links that lead to infected web pages. The time to find out whether a page is bad is BEFORE you load it into your web browser. AVG LinkScanner does this. It's free, and it works with all other security and anti-virus offerings.

4. Keep your private information private. When shopping online, create a separate e-mail account that is just for shopping. Use a unique password, different from any other accounts you have. Your dedicated shopping e-mail account should be in no way affiliated with your personal, everyday e-mail account. Also, keep records of your online shopping - print confirmation pages and e-mail confirmations.

5. Mix up your passwords. Each shopping account, bank account, credit card account, and e-mail account should have a unique password. Write them down and keep the information in a secure location. Unique passwords for each account make it tougher for a thief to steal your personal information.

6. Use common sense. Make sure you use reasonable judgement when buying online and be on the lookout for spoof stores. If an offer seems too good to be true, it probably is. Take a minute or two to make sure it's not a fake/spoof web site. If the online retailer doesn't provide a physical address, or contact phone numbers, be cautious. Make sure you understand the refund and return policies of any online retailer you are planning to buy from, especially if it's based overseas, just in case something were to go wrong.

"More of us than ever before will be doing our Christmas shopping online this year," said Borrett. "But there is no reason to sacrifice security in the hunt for a great bargain. Following the simple tips above will help minimise the chances of you becoming a victim of online fraud or cyber criminals."

For more AVG security tips, see www.avg.com.au/resources/security-tips/.

AVG (AU/NZ) Again Wins Computer Troubleshooters' Vendor of the Year Award

Tue, 03 Nov 2009 13:00:00 GMT

Melbourne, 4 November 2009 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and Pacific Islands distributor of the award-winning AVG Anti-Virus and Internet Security software, has been awarded the title of 'Australian Vendor of the Year' by Australia's largest IT franchise, Computer Troubleshooters, for the second year running.

The more than 90 Computer Troubleshooters' franchisees across Australia vote on criteria including product and service quality, to decide which vendor adds the most value to their businesses throughout the year.

According to Computer Troubleshooters Australia National Director, Nick Roche: "AVG (AU/NZ)'s product quality is well known, but it is their service quality which has given them the credibility to win the award for the second time."

In presenting the award at the annual Computer Troubleshooters Asia Pacific Conference held in Melbourne last week Chip Reaves, Computer Troubleshooters' Global CEO, said: "AVG has been a consistent and valuable global partner over the past five years and it's great to see the local distributor recognised."

In accepting the award, Peter Cameron, Managing Director, AVG (AU/NZ) said: "We have been awarded the 2009 Computer Troubleshooters Vendor of the Year Award because we supply a standard of service to our clients and resellers that is simply better than they receive from any other vendor.

"Resellers deal with so many vendors. To be recognised by them as standing out in the crowd is an outstanding achievement. And to win it two years in a row is just fantastic. This is a well deserved thank you to our staff for continuing to go that extra step for our customers.

"And, after only four years in business, having also just been ranked number eight on the BRW Fast 100 List [October 2009], it's been a big month for AVG (AU/NZ)."

James Caldwell, AVG (AU/NZ)'s Channel Manager said: "The Computer Troubleshooters award is great encouragement for us to keep powering on, to find new ways for resellers to maximise the sales of our products. We will continue to invest to help secure the profitability of our channel."

To build on the growing relationship, AVG (AU/NZ) presented the inaugural 'Australian Computer Troubleshooters Reseller Award' at the Asia Pacific Conference. The selection was based on a combination of 2009 sales, growth and marketing of AVG products by an Australian Computer Troubleshooters outlet.

Nick Roche described the winner, Computer Troubleshooters' Sutherland franchise, as the fastest growing and best run operation in Sydney with its staff of seven handling quite a complex business. "In this situation, service and delivery is paramount. You really need reliable suppliers and strong technical support."

On accepting the award, Director of the Sutherland franchise, Raj Gurmukhani, said: "AVG (AU/NZ) has the best reseller program. It's very easy to manage renewals with their great web site. The award is a nice acknowledgement of our two-way loyalty."

About Computer Troubleshooters
Computer Troubleshooters offers computer repair, maintenance and networking services in all states of Australia. It has been Australia's largest IT franchise since 1997 and is part of the Computer Troubleshooters international franchise network providing onsite computer services to home and business users.

AVG (AU/NZ) Growing Fast in an Economy Looking for Security

Sun, 01 Nov 2009 13:00:00 GMT

Melbourne, 2 November 2009 - Security software distributor AVG (AU/NZ) Pty Ltd has been ranked 8th in the 2009 BRW Fast 100 list which was announced in Melbourne on 28 October.

The list tracks the 100 fastest growing SMEs and judges them by annual revenue growth averaged over the last three years. The BRW Fast 100 list has highlighted the rich diversity of Australia's fastest-growing businesses over the past 20 years.

Peter Cameron, Managing Director, AVG (AU/NZ) Pty Ltd said: "Our average growth over the last three years has been 137%, which is quite an extraordinary rate. You can only sustain such growth with an enthusiastic reseller network, plus strong home and business product offerings, supported by dedicated, expert staff. And we have all of that."

AVG (AU/NZ) is a wholly owned Australian company and the distributor of the AVG range of Anti-Virus and Internet Security software products in Australia, New Zealand and the South Pacific.

"AVG (AU/NZ) counts one in every eight Australians as a customer so our place at number eight on the BRW Fast 100 list is a neat coincidence. I trust we'll be able to keep moving towards number one ranking over the next couple of years," Cameron said.

The AVG Free product has led the world in basic anti-virus protection for many years. About 20% of AVG users in Australia pay for the extra protection of the commercial products.

In June this year the remarkable success of the award-winning AVG family of Internet security products saw AVG (AU/NZ) listed as the 15th fastest growing company in Australia in BRW's 2009 Fast Starters listing.

Cameron said: "Keeping on top of Internet security and the needs of our 2500 strong reseller network requires a dynamic approach to business. We'd like to thank our resellers for helping us to achieve our continuing growth.

"The functionality and performance of the AVG security solutions is supported by our exceptional customer service. This combination won us the Computer Troubleshooters' Vendor of the Year Award in both 2009 and 2008. This award recognises the supplier which adds the most value to their businesses."

About BRW Fast 100

The BRW Fast 100 list has established a reputation as being the premier guide to the fastest growing small and medium businesses in Australia. The annual list ranks Australia's 100 fastest growing small and medium enterprises, with up to 200 staff, as measured by their annual revenue growth over a three year period. Companies from all of Australia's major vertical industries are represented in the Fast 100 list which is prepared in collaboration with Melbourne-based RMIT University School of Management.

AVG 9.0 Business Security Offerings Deliver Industrial-Strength Protection

Mon, 26 Oct 2009 13:00:00 GMT

Smarter technology, faster scanning and improved ease-of-use mark latest release AVG 9.0 business solutions

Melbourne, 27 October 2009 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security products, today announced the general availability of AVG's latest small business security products, AVG Internet Security Business Edition 9.0 and AVG Anti-Virus Business Edition 9.0. The new offerings leverage the significant enhancements in speed and levels of protection that AVG has delivered in its latest generation of consumer products, making it safer and easier to manage. With this announcement, AVG continues to improve its support for small businesses, many of which have limited or non-existent in-house IT capabilities.

"The AVG 9.0 small business security solutions provide businesses with more powerful and streamlined protection that deliver improved administration, more robust protection, and faster performance - all without getting in the way of business," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "This generation of products highlights AVG's core strength of low impact, high performance security. AVG 9.0 SMB products add substantially to the portfolio of measures available to small businesses and their employees in working safe from cyber threats."

This release also comes with substantial price reductions. AVG has simplified its business software line-up, plus reduced prices. "The strengthening Australian dollar has also enabled us to reduce local pricing," said Borrett. "The combination means massive savings for our business customers."

Smarter Security That Won't Slow Your Business Down

To minimise the impact of protection on productivity, AVG's small business solutions now offer scan times that are up to 50 percent faster than earlier versions, depending on system configuration. The combined anti-virus/anti-spyware scanner employs new intelligent technology which marks files as safe or potentially unsafe during its initial scan, and ignores them in future scans unless the file structure changes. In addition, to counteract the increasing threats in today's online world, AVG's small business solutions combine both reactive and proactive technologies to deliver optimised protection in real-time. Building on a solid foundation of signature-based protection to deal with known threats, AVG 9.0 adds cutting-edge behavioural, in-the-cloud and white listing technologies to manage the threats posed by the tens of thousands of new threats that appear daily.

Make the Internet Safer for Your Business, Your Staff and Your Customers

Revolutionary in the AVG Internet Security offerings is the integration between the Resident Shield, Firewall, and Data Protection modules. This enables modules to share malware information, increasing AVG's ability to detect and remove most malicious types of malware, rootkits and other threats for which signatures have not yet been issued. The redesigned firewall application assists in keeping business information safe from known and unknown threats and is significantly quieter and less intrusive. The enhanced Firewall's trusted database of applications and application certificates enables AVG to determine, without user intervention, the relative safety of any active process and block any deemed unsafe. Additionally, because the new firewall cooperates behind the scenes with AVG's unique behavioural detection technology, it delivers significantly enhanced accuracy of threat detection.

Takes Care of Security While You Take Care of Business

AVG 9.0 for small business also includes key enhancements to minimise the management resources required. The new offerings incorporate cloning technology into the deployment process, simplifying and shortening installation time, and new system tools to enable administrators to customise the way AVG works to protect the network.

The new Update Manager automatically makes sure the business is always protected against the latest threats and the new Linux-based Rescue CD restores the network in the event an existing infection renders systems unbootable. Finally, AVG has made it significantly easier to detect and remove any third-party security product that could cause conflicts and interfere with the user's level of protection.

Keep Uninvited Guests Out of Your Office

Specific to AVG Internet Security Business Edition 9.0 is the addition of data protection functionality gained through AVG's acquisition of Sana Security earlier this year. The behavioural technology learns the DNA of a business' network so that it can recognise anomalies and block malicious processes, which dramatically improves protection against keyloggers and other crimeware. The new functionality in IDP will catch malicious software trying to hijack a system before it is able to cause any damage. To improve ease of use and administrator experience, Identity Protection (IDP) is manageable from the administrator's console or can be completely silent.

In addition, the client email scanner in AVG Internet Security Business Edition 9.0 cleans the email system of harmful message attachments and dangerous links. The enhanced client and server based anti-spam filters combine to prevent phishers, scammers and spammers from clogging workstations and email servers. Web shielding technology also minimises the risk of virus and other rogue software infections when downloading and exchanging files.

Availability and Pricing

AVG Internet Security Business Edition 9.0 and AVG Anti-Virus Business Edition 9.0 are available now at www.avg.com.au and through a network of over 2,500 independent software resellers throughout Australia, New Zealand and the South Pacific.

Multi-packs are offered in five-seat increments with one and two year licence periods. Pricing for a one-year, five-seat license for AVG Internet Security Business Edition 9.0 starts at A$317.20 and a one-year, five-seat license for AVG Anti-Virus Business Edition 9.0 starts at A$204.99.

For more information on the complete range of AVG security products for small businesses, including AVG's File Server and Email Server editions, please visit www.avg.com.au/business-security/.

AVG's promise is to keep its customers fully up-to-date with the best protection available. Thus all AVG customers receive protection updates and software upgrades for free during the licence period. This delivers significant cost of ownership savings, especially with a two year licence.

Local Support

The above prices include free telephone support during Melbourne business hours, backed up by free 24/7 technical support by e-mail and online.

Be Safer Online with New, Faster AVG 9.0

Sun, 04 Oct 2009 13:00:00 GMT

AVG 9.0 delivers 50 percent faster speed, improved performance and ease of use

Melbourne, 6 October 2009 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and South Pacific distributor of the world's most popular free anti-virus software, today announced the availability of a new family of paid internet security products, AVG 9.0. Boosted by significant enhancements in speed and levels of protection, AVG 9.0 is also easier to use and improves end user experience. AVG's new technology products ensure that users are safe in whatever activities they undertake in today's cyber criminal infested online world.

"AVG 9.0 will provide home computer users with a more powerful and more streamlined solution that adds protection without impacting user experience," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "This continues AVG's core strength of low impact, high performance security."

"We've always believed that everyone has the right to a safe online experience. With AVG 9.0, we are ensuring that our users are safe from all of the threats posed by cyber criminals and identity thieves, whether they're working, playing, banking or shopping on the web."

AVG 9.0 - Faster. Safer. Easier to Use.

Because AVG knows scanning time is critical to its customers, scan optimisation is a top priority for AVG 9.0's combined anti-virus/anti-spyware scanner. It employs new technology which marks files as safe or potentially unsafe during the initial scan and skips the safe files in future scans, unless the file structure changes. As a result, users experience dramatically reduced scan times - by up to 50 percent depending on system configuration - as well as improvements of 10 to 15 percent for boot times and memory usage.

In order to face the increasing threats of today's online world, AVG 9.0 combines all modern technologies to optimise real time protection. Starting with the foundation of signature-based protection to deal with known threats, AVG 9.0 builds on top of that behavioural, in-the-cloud and white listing technologies to address the tens of thousands of new threats daily.

Revolutionary in AVG 9.0 is the integration between the Resident Shield, Firewall and Identity Protection modules. This enables the modules to share malware information with each other, increasing AVG's ability to detect and remove most malicious types of malware, rootkits and ID Theft threats, for which signatures have not yet been issued.

The firewall enhancements include a complete redesign to reduce intrusive questions from the firewall module by 50 percent. This makes the firewall module significantly quieter and less intrusive for users. Its new trusted database of known applications and application certificates allows the firewall, without user intervention, to decide whether it's safe to allow the application to communicate via the Internet, or if such communication should be blocked. Additionally, because the new firewall works behind the scenes with the behavioural detection technology in the AVG Identity Protection module, it can deliver one of the most accurate detection levels for new and unknown threats.

AVG 9.0 also delivers improved anti-phishing detection through enhancements to its LinkScanner® module. LinkScanner can now more quickly and accurately determine whether or not a web page is hosting a phishing attack. This is accomplished by allowing the software to apply more than 100 different potential threat indicators to a page. If the result is inconclusive, LinkScanner then makes a call to the cloud to check a multitude of phishing feeds plugged into the AVG research network, to make a final determination regarding threat potential.

AVG 9.0 delivers a solution that is laser focused on user concerns and protection. It's marked by a new look and feel designed to significantly improve user experience and ease of use. Responding to customer feedback, the AVG installation process has been shortened by 50 percent and the user protection process is dramatically simplified. Finally, it is also significantly easier for users to detect and remove any third-party security product that could cause conflicts with AVG 9.0 and interfere with the user's level of protection.

Expanded Reputation-Based Technology

"Some other security vendors have recently been announcing how they've introduced 'new' reputation-based security technology," said Borrett. "AVG already had this technology in its AVG 8.x product range. Indeed, West Coast Labs honoured AVG as the first vendor with a product to receive its Checkmark Anti-Malware Dynamic Certification.

"By expanding the use of reputation-based security technology in AVG9.0, we're able to provide an even better, worry-free experience for users," Borrett continued. "The combination of improved traditional detection methods with enhanced dynamic detection, white-listing, behavioural analysis and reputation-based technologies in AVG 9.0 enables users to get on with their online lives, safe in the knowledge that they're protected against new and unknown threats."

Availability, Compatibility and Pricing

The complete AVG 9.0 paid family of consumer products is available now. Pricing for a one-year, one PC licence for AVG Anti-Virus 9.0 is A$46.99, while a two-year, one PC licence for AVG Anti-Virus 9.0 is A$69.99.

A one-year, three PC licence for AVG Internet Security 9.0 is A$99.99, while a two-year, three PC licence for AVG Internet Security 9.0 is A$149.99.

The above prices include free telephone support during Melbourne business hours, backed up by free 24/7 technical support by e-mail and online. Also included is access to all protection updates and software upgrades for the term of the licence.

AVG 9.0 supports Microsoft Windows XP, Windows Vista and Windows 7 computers running a 32-bit or 64-bit version of the operating system.

The AVG 9.0 security product range for consumers and small business is available for purchase and download from www.avg.com.au plus through a network of more than 2400 independent software resellers throughout Australia, New Zealand and the South Pacific. AVG 9.0 consumer products are available singly and in multi-license packs for 3, 5 and 10 PCs, with a licence period of 1 or 2 years.

AVG Anti-Virus Free 9.0 will be available mid-October from www.avgfree.com.au.

All existing users of AVG consumer products will be automatically upgraded to AVG 9.0 for free in due course. This is AVG delivering on its commitment to keeping users up-to-date with the latest protection for the term of their licence.

Keep in touch with AVG

For up-to-the-minute news on the latest cyber threats:

Subscribe to AVG Chief Research Officer Roger Thompson's blog at http://thompson.blog.avg.com/

For general AVG updates:

Join our Facebook community at www.facebook.com/avgfree
Follow AVG on Twitter www.twitter.com/officialAVGnews

OPSWAT and AVG Technologies Partner to Enhance Application Removal

Wed, 23 Sep 2009 14:00:00 GMT

Easy-to-Use, Valuable AppRemover Tool now included as part of AVG product offerings

Melbourne, San Francisco and Amsterdam, 23 September 2009 - OPSWAT, Inc., the leading provider of software development tools and data services to power manageability and security solutions, today announced that it has partnered with AVG Technologies, developers of the world's most popular free anti-virus software. The partnership will add OPSWAT's AppRemover™ technology to AVG's security solutions, and, as part of the agreement, AVG will distribute AppRemover as a standalone application within its security offerings, further demonstrating the company's commitment to providing their customers with excellent support.

Designed with simple, easy-to-use controls, AppRemover is a valuable tool for end users, system administrators and antivirus, antispyware and support solution vendors that want to ensure seamless removal of endpoint security applications. It is available as a standalone GUI rich application, an API or a command line interface targeted at software developers interested in creating their own silent uninstallation agents.

AppRemover™ should be used when:

One security application is being replaced with another
An uninstallation procedure fails, is interrupted or is incomplete leaving a user's computer functioning improperly
Either the application password or a connection to the security application server is unavailable

"OPSWAT is already one of AVG's key technology partners, and we're very pleased to take our relationship to this next level," said Ben Kaplan, director of product management, AVG Technologies. "Adding the AppRemover utility to our product offerings will greatly reduce our support requests and empower our endpoint users. This integration is a great step that helps cement AVG's position as a leader in anti-malware application usability."

"This utility is ideal for security software and technology vendors seeking to add a complete uninstall feature to their product," said Tom Mullen, Vice President of Business Development at OPSWAT, Inc. "Unstalling antivirus applications can be fraught with difficultly. AppRemover answers market demand for an easy-to-use program that eliminates superfluous files and registry keys left by various IT security solutions. AppRemover significantly reduces support cases associated with implementing user upgrades and competitive replacements and will help any users looking to upgrade to the latest version of AVG's products."

AppRemover™ version 2.1 supports hundreds of applications on Windows XP, Windows Vista and Windows 7 operating systems. Additionally, the application supports full security suites and adds functionality to complete partial or interrupted uninstallations. AppRemover™ is free for personal and non-commercial use - please visit www.appremover.com to download. If you are interested in a commercial or OEM license for AppRemover™, please visit OPSWAT's website or contact sales@opswat.com.

AVG Scoops Up Security Industry Awards

Tue, 01 Sep 2009 14:00:00 GMT

AVG's Internet Security Software Awarded Multiple Certifications

Melbourne, 2 September 2009 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the world's most popular free anti-virus software, today announced a string of important industry awards for its AVG Internet Security product.

AVG Internet Security received the coveted VB100 Award from UK-based Virus Bulletin. Business Solutions Magazine (BSM) subscribers selected AVG Internet Security SBS Edition a "Best Channel Product" in two categories - Email Security and Endpoint Security. And AVG Internet Security became the first product to receive the Checkmark Anti-Malware Dynamic Certification from West Coast Labs.

AVG Internet Security is a comprehensive security solution which protects computer users while they are online. It provides protection against viruses, spyware, rootkits, spam, and all types of malware that can threaten valuable personal information. AVG Internet Security also boasts real-time safe surf protection from AVG LinkScanner. Advanced behavioural technology delivered by AVG Identity Protection (also part of the product), provides an extra layer of protection. It protects against new and unknown threats and safeguards the user's identity.

Key Industry Certifications

The Virus Bulletin lab awarded AVG Internet Security a VB100 certification for passing its test criteria in the VB lab as part of the formal VB comparative review process. AVG received the third highest Reactive Percentage (RAP) of all products tested. The reactive percentage measures detection of new items first seen in the three weeks prior to the test. Basic requirements for the VB100 award include:

The product delivers in its default settings 100% detection of malware listed as 'In the Wild' by the WildList Organisation at the time of the review,
No false positives occur when scanning Virus Bulletin's collection of known-clean files.

Business Solutions Magazine (BSM) named AVG Internet Security Small Business Server (SBS) Edition a "Best Channel Product" in the categories of Email Security and Endpoint Security. AVG Internet Security SBS provides antivirus, antispyware, rootkit, and desktop anti-spam protection for Microsoft Windows Small Business Server networks. It protects every component of the small business network, provides central management and monitoring, and automatic updates. These features dramatically simplify administration for IT staff. AVG LinkScanner, which delivers unique technology to let users safely surf the web with real-time protection, is included as part of AVG Internet Security SBS.

BSM collaborated with Penn State University to survey 2,186 channel professionals to determine the Best Channel Product recipients. Products were reviewed on richness of features/functionality, product reliability/durability, ease of integration and upgrade, and a VAR's ability to service the product.

Anti-Malware Dynamic Certification

West Coast Labs honoured AVG Internet Security as the first product ever to receive its Checkmark Anti-Malware Dynamic Certification. The testing program for security products comprises ongoing testing against malware samples. The test suite for the Dynamic Testing is refined to reflect prevalence within attack vectors and by geography. Samples for the testing are collected in real-time around the world.

"Today's web-based, transient threats and skilled cyber criminals are more cunning than ever, which means that users need products they can trust. AVG is honoured to receive these awards based on product performance and user preference," said Lloyd Borrett, Marketing Manager at AVG (AU/NZ). "We have always been confident in our internet security technology, but receiving these awards and key certifications are great achievements. We will continue to strive to develop the best internet security products on the market and are committed to continuing to deliver quality solutions to our users."

Links

For security news analysis, subscribe to Roger Thompson's blog at http://thompson.blog.avg.com/
For breaking news, follow AVG on Twitter at http://twitter.com/officialAVGnews
Become a fan of AVG's Facebook page at www.facebook.com/avgfree
For more information about Business Solutions Magazine, go to www.businesssolutionsmag.com/
For more information about Virus Bulletin, go to www.virusbtn.com
For more information about West Coast Labs, go to www.westcoastlabs.com

AVG Protects Campuses from Online Threats

Sun, 30 Aug 2009 14:00:00 GMT

AVG Partners with Star-Tech to Offer Students a 90-day Free Trial of AVG Internet Security

Melbourne, 31 August 2009 - Effective today, students in university accommodation across Australia are being offered a 90-day free trial of the award-winning AVG Internet Security software under a new partnership between AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of AVG Anti-Virus and Internet Security products, and Australian Internet Service Provider (ISP) Star-Tech Communications.

Star-Tech is Australia's largest private provider of managed broadband Internet services in the university residential accommodation sector. It currently has 17 live university residential sites across all mainland states with many more in the pipeline.

Jean Morel, Division General Manager of Star-Tech, said, "We use AVG Internet Security ourselves and we know from our research that AVG's well-trusted anti-virus and Internet security products are already very popular within the university sector. Students are very careful with their money and look for good, reliable products. We're very confident in offering AVG with its multiple layers of protection to them."

The AVG LinkScanner protection layer allows students to search and surf the web - safe from online threats. LinkScanner checks each web page students try to view in real-time, it blocks the exploits hosted on the hundreds of thousands of poisoned web sites created each day.

Finally, the AVG Identity Protection layer blocks new and unknown threats, including botnets. When the bulk of online threats are trying to steal personal information, it's vital to have protection against identity theft.

AVG (AU/NZ) Marketing Manager, Lloyd Borrett, said: "Students can then safely surf the Internet, send and receive emails, download music, movies and do their shopping and banking online without fear of being infected or having their identity compromised. This is of prime importance to the many international students who use the internet to manage finances and as a lifeline between home and Australia. The trial includes automatic updates and real-time scans to deliver maximum protection."

Students can take advantage of the AVG offer simply by clicking through from the Star-Tech on-line log-in page to the software download. At the completion of the 90-day free trial students can then purchase a 12 or 24 month licence for AVG Internet Security.

Peter Cameron, Managing Director of AVG (AU/NZ) said: "Our relationship with Star-Tech is the first of our partnerships with education-based organisations. We are really delighted to be able to work with a partner who is so focussed on this market. The AVG offering for education is attractive to students as well as schools and educational focussed organisations."

About Star-Tech Communications - www.startech.com.au
Registered as an Internet Service Provider (ISP) with the TIO and ACMA, and established in 1989, Star-Tech Communications is a leading provider of instant, paperless broadband distribution solutions and triple-play services for universities and colleges, as well as the government, hospitality, and corporate sectors, specialising in Ethernet, VDSL, and wireless technologies.

Social Networking Poll Shows Users More Vulnerable Than Ever

Tue, 25 Aug 2009 14:00:00 GMT

AVG and CMO Council survey shows that the widespread and growing use of social networks at home and work is creating serious danger of web-borne identity theft and infection

Melbourne, 26 August 2009 — The results of Bringing Social Security to the Online Community poll were released today, highlighting the vulnerabilities and concerns of social community members around cyber security and the precautions that they are taking, or need to take, to protect themselves. The online survey conducted by AVG Technologies and the CMO Council reveals that while the social networking community has serious concerns about the overall security of public spaces, few are taking the most basic of steps to protect themselves against online crimes.

The survey shows that while the majority of social networking users are afflicted by web-borne security problems, less than one third are taking actions to protect themselves online.

Participants indicated concern over growing phishing, spam and malware attacks, and nearly half of those surveyed are very concerned about their personal identity being stolen in an online community.

The survey was conducted online during the second quarter of 2009 and gathered responses from a random sampling of more than 250 consumers. According to the poll results, despite widespread use (86 percent) of social networks at home and/or at work, most fail to perform the following basic security measures on a regular basis:

Changing passwords (64 percent infrequently or never)
Adjusting privacy settings (57 percent infrequently or never)
Informing their social network administrator (90 percent infrequently or never)

"As social networking populations grow globally and the proliferation of niche social networks and mobile offerings extends the reach of social communities, the threats and vulnerabilities are escalating accordingly," said Donovan Neale-May, executive director of the CMO Council. "More frequent breaches and outbreaks on popular social sites are a testament to the need for a more preventative mindset and threat-alert culture among community users."

Despite the apparent security risks and dangers of engaging in social networking sites, respondents identified several common practices that could cause harm to unprotected users:

21 percent accept contact offerings from members they don't recognise
More than half let acquaintances or roommates access social networks on their machines
64 percent click on links offered by community members or contacts
26 percent share files within social networks

As a result of this widespread proliferation of links, files, and unsolicited contacts, users have experienced high levels of breaches and threats:

Nearly 20 percent have experienced identity theft
47 percent have been victims of malware infections
55 percent have seen phishing attacks

"The fact that users understand the risks, and yet are failing to take the basic steps to protect themselves presents an interesting challenge to companies, like AVG, that are working to create a safer cyber community," said Lloyd Borrett, Marketing Manager, AVG (AU/NZ).

According to Borrett, AVG hopes to reverse this trend on familiar turfs such as Facebook and Twitter. "We are trying to get consumers thinking about their personal security, plus provide them with simple tools to do something about it when they are in the spaces that make them feel the most vulnerable."

Borrett said that AVG is about combining sound technology with safe practices so as to provide everyone with peace of mind so that they can enjoy the social computing experience. In addition to encouraging users to take advantage of AVG's free security offerings at http://www.avgfree.com.au, Borrett encourages users to use the following simple steps:

Six Simple Steps to Stay Secure:

Do not accept pop-ups or prompts for software, unless you're armed with web scanner software such as AVG's free LinkScanner, which checks each site for infections prior to access.
Do not ever provide, post, or submit any confidential personal data (e.g., SSN, banking details, medical records). Social networking sites do not require this sort of information to join, unless you're online dating or paying monthly.
Change your password at least once a month. Do not change it if you're prompted to. This can be a third party malicious link.
Do not let friends, peers, co-workers, etc. access their social networks on your computer, nor yours on their machine. Others could introduce infections to your computer through unsafe practices, or your login security could be compromised via cookies saved on your computer.
Never auto save your password information, and clear your history at least once a week.
Do not accept friend requests or request friends that you personally do not know.

A full summary presentation of the survey results and implications is available at http://www.avg.com.au/files/media/avg_socialsecurity_2009-08-26_au.pdf

Keep in touch with AVG

For up-to-the-minute news on the latest cyber threats:

Subscribe to AVG Chief Research Officer Roger Thompson's blog at http://thompson.blog.avg.com/

For general AVG updates:

Join our Facebook community at www.facebook.com/avgfree
Follow AVG on Twitter @officialavgnews

To download AVG's free LinkScanner product:

Visit http://www.avgfree.com.au/

AVG LinkScanner Is Making the Internet Clean and Safe, A Half Million Computers At A Time

Tue, 11 Aug 2009 14:00:00 GMT

AVG Marks 500,000 LinkScanner Downloads Since Launch;
Prevents Bad Guys from Forming New Botnets

Melbourne, Tuesday 11 August 2009 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the world's most frequently downloaded free anti-virus software, today announced the half-millionth download of the AVG LinkScanner® software, a free product that protects consumers against web-based security threats and prevents their computers from being recruited for botnets like the ones that brought down Twitter and Facebook last week.

AVG LinkScanner Free Edition 8.5 for Windows is designed specifically to protect against Trojans, spyware, rootkits and other malware that tries to steal your private information via compromised web pages, where the bulk of computer infections are happening today. This includes backdoors that are created by infections that allow botnets the ability to access a computer.

LinkScanner provides an additional, invisible layer of protection that lets you search and surf the Web safely. Moreover, this protection is provided in real-time, which is the only way consumers can stay protected against transient threats - 60 percent of which last less than a day before moving on to another site - that occur even on well known and trusted websites.

"A few years ago we had the bad guys almost beaten by blocking their attacks with firewalls, email scanning engines, and some simple heuristics. But then they created ways to exploit the websites that we all visit with a trusted browser," said Lloyd Borrett, AVG (AU/NZ) Marketing Manager.

"The cyber criminals have become so good at it that even a trained eye can't tell when a web page might be harvesting your private information or dropping some attack code onto your computer. That changed the game. AVG LinkScanner was created specifically to spot web-borne malware and alert computer users to hostile web pages. In real-time."

In keeping with AVG's promise to keep the Internet safe for all, AVG offers LinkScanner free for home use. AVG also lets LinkScanner work alongside most existing security software already present on consumers' computers. This includes competitors' software.

"We're doing our part to stop the spread of cyberthreats; 500,000 customers protected by LinkScanner means that roughly eleven new botnets won't be formed," continued Borrett. "So, LinkScanner customers, go ahead and click where you want - we'll keep you and the Internet safe."

Where to Download

AVG LinkScanner Free Edition 8.5 for Windows can be can be downloaded for free as a stand-alone product from http://www.avgfree.com.au. LinkScanner is also included as a protection layer in many of AVG's home security products http://www.avg.com.au/home-office-security/ and business security products http://www.avg.com.au/business-security/. It is also included with AVG Anti-Virus Free Edition 8.5, which is AVG's free basic antivirus and antispyware solution for home users.

Support is available through a free online forum hosted by AVG Technologies at http://forums.avg.com.

For security news analysis, subscribe to Roger Thompson's blog at http://thompson.blog.avg.com/
For breaking news, follow AVG on Twitter @officialAVGnews.com

Online Criminals Learn From Twitter, Warns AVG (AU/NZ)

Mon, 13 Jul 2009 14:00:00 GMT

E-mail spammers now using tiny URLs to better entrap victims

Melbourne, 14 July 2009 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and AVG Internet Security products, today warned that online criminals have learnt via Twitter how using small/tiny URL links can increase click-through rates and entrap more people. Twitter users should protect themselves from online spammers who have begun using the platform for criminal activities.

AVG (AU/NZ) Marketing Manager, Lloyd Borrett, said Twitter's recent global surge in popularity has encouraged spammers and other online criminals to take advantage of the tiny URL links used within Twitter to target unsuspecting users.

"To some people small or tiny URL links look more legitimate than longer links. However, they can actually hide suspect links from people who know what to look for. Small URLs make scam URLs harder to spot for Twitter users, thus the criminals get more people clicking through to their malicious web pages.

"The cyber-criminals have learnt from this. Over the past month, we've seen a significant increase in the number of spam e-mails using tiny URL links to camouflage links to poisoned and scam web pages. The bad guys now know they'll get more click-throughs if they use small URL links."

Borrett said AVG LinkScanner offers users the best defence against the use of small URL links to obfuscate poisoned links on Twitter and in e-mails.

"AVG LinkScanner provides guaranteed protection by scanning the web page of every link users click on. LinkScanner resolves the small URL and scans the final web page in real-time, instantly checking it for any potential threats before allowing the browser to display the web page. If a threat is detected, the user is warned.

"So AVG users can continue to click on links from Twitter and in their e-mails with confidence. Because AVG LinkScanner is already integrated into AVG's suite of award-winning Anti-Virus and Internet Security products, existing users are fully protected," he said.

AVG Technologies has a 'neighbourhood watch' approach to LinkScanner research, encouraging its 80 million-plus users to opt-in and feed back information to AVG. This assists AVG in warning users about suspect scammy pages.

AVG LinkScanner is also available as a free standalone protection layer for any personal home computer, regardless of what other security software people are using. Users can download AVG LinkScanner at www.avgfree.com.au.

AVG (AU/NZ) Achieves Record Sales, Adds Headcount Despite Recession

Mon, 06 Jul 2009 14:00:00 GMT

Melbourne, 7 July 2009 - AVG (AU/NZ) Pty Ltd, the Australia, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security products, has thumbed its nose at the "global financial crisis", achieving strong continued growth with record sales in April 2009 followed closely by the second highest month ever in May 2009. This growth has led the company to increase its headcount by seven in the last three months, bringing it to a total of more than 30 staff in the region. AVG (AU/NZ) has also achieved a ranking of 15 in the just-announced 2009 BRW Fast Starters List, up from No. 48 last year.

AVG (AU/NZ) Managing Director, Peter Cameron, said sales revenue for April 2009 was 115 per cent higher than in April 2008. Overall sales results for the first quarter 2009 showed a 101 per cent growth over the same period in 2008.

"We've achieved excellent results in the last financial year, with many months of record sales. And of course we're delighted to have made it into BRW's Fast Starters list for the second year in a row, highlighting our strong performance in this market."

Preliminary figures show that AVG (AU/NZ) has achieved just over 63 per cent sales revenue growth for the full 2008-2009 financial year. Cameron said this was the result of superior technology, supported by an innovative and highly effective business model.

"Our market is primarily consumers and small to medium enterprises (SMEs). We are very focused on those sectors with carefully tailored offerings that meet their security needs at a very affordable price. The expansion of our Client Care teams has enabled us to continue to provide service and support of the highest calibre to our clients and resellers. Unlike many of our competitors, there is no charge for this support for our commercial clients," Cameron continued.

Innovative Model Delivers Results

"The AVG Technologies' model of seeding the market with free product and then encouraging users to upgrade at their convenience has allowed us to build high brand awareness and substantial market share. We now have a market share much higher than certain respected industry analysts give us credit for," Cameron said.

"Across the full product range, we are protecting more than 2.7 million users in Australia, and more than 500,000 users in New Zealand. That's a very solid base on which to continue to build and grow our business."

Multi-Tier Distribution Model Works for Everyone

AVG (AU/NZ) operates a multi-tiered distribution strategy, working with its more than 2350 resellers, plus major corporate partners, to roll out its security solutions. The company has found that the combination of its proven technology, comprehensive local support services and the powerful backing of AVG Technologies, make an attractive package for companies interested in offering trial versions of AVG to their customers. In recent weeks AVG (AU/NZ) has announced such partnerships with both Suncorp Bank and 3 Mobile Broadband.

"We recognise that small business and home consumers are cautious about how they spend their money and appreciate the opportunity to trial software before making an investment. By allowing them to experience the quality of our software, services and support, we have been successful in converting hundreds of thousands of users to the AVG brand," said Cameron.

"We're also seeing this translate into small business customer growth as consumers, having seen how well our products work at home, then choose to implement them at work.

"Another interesting development is a strong trend towards customers purchasing our premium AVG Internet Security integrated security suite solution. Rather than settling for the base product as they did a few years ago, most customers now purchase the best level of online protection available.

"As people increasingly use online services they are more aware of the need for a comprehensive security solution. People want peace-of-mind and AVG Internet Security truly delivers, especially now that the new AVG Identity Protection is included in the 8.5 version."

Business Operations Expanded to Support Sales Growth

Cameron said AVG (AU/NZ) is extremely committed to the Oceania marketplace, improving services and expanding its local team.

"We're just coming to the end of the first stage of a managed business expansion programme. We've added seven new personnel in the past three months. The extra people, combined with other systems and operational changes, have allowed us to extend our service and support offerings and further enhance the way in which we touch our customers and channel partners.

"The AVG (AU/NZ) team is excited about stage two and are looking forward to being better able to serve our customers. Still we have more to do. Just yesterday an AVG reseller gave us a brilliant insight as to how we could do something to make the sales process much easier for many of our resellers. Our team is already working to make it happen.

"We're here for the long haul and plan to cement AVG's position as a leading provider of security software solutions in this market," he said.

3 offers free AVG Internet Security

Sun, 28 Jun 2009 14:00:00 GMT

Melbourne, 29 June 2009 - AVG (AU/NZ) Pty Ltd today announced that it has partnered with 3 to deliver a free 12 month subscription to the premium AVG Internet Security software suite for all 3 Mobile Broadband customers.

From today, all 3 Mobile Broadband customers (prepaid and postpaid) can log on and register for the download on the My 3 portal.

AVG Internet Security is AVG's premium solution providing real-time protection against traditional and new online threats including viruses, spyware, rootkits, malware, identity theft, plus spam and fraudulent emails.

"Access to Mobile Broadband has now become a day-to-day necessity for many consumers and small and medium businesses," said Klaas Raaijmakers, 3's Head of Broadband.

"Secure access and data protection is even more critical and we're committed to ensuring our customers can email, download and surf the Internet with the comfort that they are protected from online threats."

Peter Cameron, AVG (AU/NZ) Managing Director, added, "We are delighted that 3's Mobile Broadband customers will now be able to always feel safe when they go online, just like more than 80 million AVG users worldwide."

When the 12 month period ends, customers can choose to subscribe online and continue to be fully protected by AVG Internet Security .

For further information about this offer visit www.three.com.au/internetsecurity

About 3
3 is Australia's first 3G network and provides services to more than 2 million customers in Australia. Since launch in 2003, 3 has been servicing businesses with great value voice and data services as well as innovative tools like Mobile Broadband, Business Shared Caps, Mobile Email and other business services and content in 3's Broadband Zones.

3 launched Australia's first 3G mobile network in April 2003, now fully HSDPA enabled, and has over 2 million customers in Australia and over 20 million customers worldwide. 3 was also the first operator to launch cap plans in Australia in 2003.
During 2008, customers generated 199 million internet access and Planet 3 events and 68% of 3's customers paid for these services each month.
3's Broadband Zones are available in most parts of Sydney, Melbourne, Brisbane, Adelaide, Perth, Canberra and the Gold Coast. We reach 96% of Australians with Talk, SMS, MMS, IM and Email.

AVG Protects Suncorp Bank Customers from Online Threats

Wed, 24 Jun 2009 14:00:00 GMT

AVG Internet Security 90-day free trial and discounted licence combines protection and value

Melbourne, 25 June 2009 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of AVG Anti-Virus and Internet Security products, today announced it has joined forces with Suncorp Bank to offer a free 90-day trial and discounted licence of the award-winning AVG Internet Security software to the bank's customers.

Suncorp Bank launched the 90-day free trial of AVG Internet Security on its website to coincide with National E-security Awareness Week.

Simon Clarke, Internet Banking Specialist from Suncorp Bank's eChannels team, said the company had been considering its options for a security software offer when it was approached by AVG (AU/NZ). "I was already familiar with AVG and knew them to be a reliable vendor with a high quality product, so we were happy to explore a joint opportunity," he said.

"Our customers can take advantage of the AVG offer by clicking the "Online Security" link (http://www.suncorp.com.au/suncorp/security/default.aspx) on the Suncorp website, which allows them to quickly and easily download the trial software. Then for 90 days they can safely surf the Internet, send and receive emails, download music, movies and do their shopping and banking online without any fear of being infected or having their identity compromised. The trial includes automatic updates and real-time scans to deliver maximum protection.

"Not only does this special offer give our customers free access to best-of-breed security software for 90 days, but AVG has put together a highly attractive price for those wanting to upgrade to a 12 or 24 month licence at the end of the trial," Clarke concluded.

AVG (AU/NZ) Marketing Manager, Lloyd Borrett, said the offer is designed to ensure that Suncorp Bank customers are fully protected from the many online threats that can negatively impact their lives.

"Today, much of what you value is on your computer, such as the usernames and passwords you use to access your bank accounts and financial records, your photographs, music, email and important documents," he said. "Suncorp Bank's customers who take up this special offer can feel comfortable as they freely engage in their online activities. The multiple layers of protection provided in the premium AVG Internet Security suite keeps them safe."

AVG Internet Security delivers real-time protection against traditional malware threats, including the nearly fifty thousand virus, spyware, adware, worm, rootkit and Trojan threats created each day. This protection is then expanded with a two-way firewall and anti-spam to keep the bad guys out and junk mail spam out of the inbox. The AVG LinkScanner protection layer allows people to search and surf the web in total safety from hundreds of thousands of online threats and poisoned web sites created each day. Finally, the AVG Identity Protection layer prevents new and unknown threats, including botnets, from being able to steal personal information.

At the completion of the 90-day free trial, Suncorp Bank customers will have the opportunity to subscribe for a 12 or 24 month licence at a 15 per cent discount off RRP.

"The combination of the free trial and discounted licence subscription ends up saving Suncorp customers around 40 per cent of the normal cost of protecting their computer from attack over a 12 month period. It's a risk-free way to fully protect themselves online," Borrett said.

He said AVG (AU/NZ) welcomed the opportunity to partner with a high profile financial institution like Suncorp Bank.

"Most people rank online banking as one of the top online activities that makes their lives easier. While all banks are actively encouraging their customers to conduct their transactions online, we appreciate the responsible position Suncorp has taken to ensure its customers have greater peace of mind with all their online transactions. We are delighted to be Suncorp's partner of choice in the security software space," Borrett concluded.

AVG Technologies Receives Yet Another Virus Bulletin 100 Certification

Wed, 17 Jun 2009 14:00:00 GMT

AVG Internet Security Network Edition Obtains VB100 Certification

Melbourne, 18 June 2009 - AVG (AU/NZ), the Australian, New Zealand and South Pacific distributor of the award-winning AVG Anti-Virus and Internet Security products, announced today that AVG Internet Security Network Edition received VB100 certification from UK based Virus Bulletin.

AVG Internet Security Network Edition (version 8.5) was tested. "AVG proved very stable and reliable, and achieved excellent detection rates across the board. A superb performance which comfortably earned a VB100 award," stated Virus Bulletin Test Team Director John Hawes. Certification testing for products running on the 64-bit version of Windows Server 2003 took place during April and May. AVG Internet Security was one of only four products to achieve a Reactive and Proactive Protection percentage exceeding 80%.

VB100 Test Procedures

The VB100 (virus) award is granted to any product that passes the test criteria under test conditions in the VB lab as part of the formal VB comparative review process. Basic requirements are that the product delivers in its default settings:

100% detection of malware listed as 'In the Wild' by the WildList Organization at the time of the review
No false positives when scanning Virus Bulletin’s collection of known-clean files

"We are pleased to receive the latest VB100 certification from Virus Bulletin," stated Karel Obluk, Chief Technology Officer for AVG Technologies. "Valid testing and certification by qualified organisations benefits both vendors and customers. It holds us to a higher performance standard in developing solutions. It gives customers knowledgeable 3rd party validation of the products they are evaluating for use on specific platforms."

Other recent comparative tests in the last year where AVG Technologies obtained VB100 certification were for Windows Server 2008, Windows Vista x64, and Windows XP Professional platforms. AVG has received VB100 certifications in every test it has entered over the past year.

AVG Internet Security Network Edition provides antivirus, antispyware, and anti-rootkit protection for workstations and file servers. The combination of LinkScanner®, its real-time scanner, comprehensive web shield, and high-speed automatic updates ensures that customers are protected around the clock. Centralised installation and configuration delivers easy implementation.

www.virusbtn.com

Virus Bulletin started out in 1989 as a magazine dedicated to the anti-virus industry. Virus Bulletin quickly became the leading specialist testing body in the field of viruses and related malware. Today, Virus Bulletin is an online security information portal and certification body. Virus Bulletin provides users with independent intelligence about the latest developments in the anti-malware and anti-spam fields, as well as conducting bimonthly certifications of anti-malware and anti-spam products. Virus Bulletin is supported by an Advisory Board comprising some of the world's leading anti-malware and anti-spam experts.

Protect Your Privacy with AVG Security Toolbar

Thu, 11 Jun 2009 14:00:00 GMT

Cover your Internet tracks and prevent snoopers tracking your online activities.

Melbourne, 12 June 2009 - Browsing on the Internet is a largely anonymous activity. However, you also leave tracks on the computer, with details of every web site you visit, downloads and searches you've made, plus other online activities.

The AVG Security Toolbar comes included with most of the antivirus and Internet security products from AVG Technologies. A recent free update to the AVG Security Toolbar has added a new feature whereby you can now easily remove the complete history kept by your browser. Or you can selectively remove your search, web sites visited and download history, plus your cookies.

If you're using a shared computer and you don't want other people to be able to snoop and view your online activities for any reason, this is the answer.

AVG Technologies Opens International Research Centre

Sun, 26 Apr 2009 14:00:00 GMT

AVG Malware TRAP Centre will enhance the discovery of new strains of computer threats and prevent their spread across the Internet.

Amsterdam and Melbourne, 27 April 2009 - AVG Technologies, the global Internet security company with over 80 million customers, today announces the opening of its international research centre in Brno, Czech Republic. The AVG Malware TRAP Centre (M-TRAP - Malware Trending, Reporting, Analysis, and Prevalence) gathers and analyses information on malware and how it spreads across the Internet.

Social networking tools are increasingly opening us up to risk of attack by malware. It is much easier to inadvertently spread worms to our friends' PCs than ever before. However, it's not just social networking sites that are at risk - our computer peripherals are being targeted too. Researchers have identified a cyber espionage network, dubbed Ghostnet, which is capable of taking full control of infected computers - including searching and downloading specific files and operating attached devices like microphones and web-cameras. It is now more important than ever to be searching for these threats before they become a big problem.

The M-TRAP researchers run the malware under quarantine conditions and obtains the data via AVG's 80 million users around the world. The researchers observe behaviour and speeds, allowing them to create a cure against the malware. Karel Obluk, CTO of AVG Technologies and the initiator of the project, says: "M-TRAP will search for interconnections to detect and prevent the spread of malware. We are seeing a rise in malware targeting social networking sites and we will be using the research results to develop new technologies for the ongoing and effective fight against these computer threats".

The AVG Malware TRAP Centre team consists of five IT professionals. The M-TRAP research centre is run in conjunction with the Faculty of Information Technologies (FIT) of Brno University of Technology and the partnership will enable students to work in the labs to gain work experience. "In the past we supported a number of research projects at the FIT. Following the opening of our research centre we will provide the undergraduate and graduate students with opportunity to take part in its research activities," added Obluk.

The Brno Centre is one of three research facilities for AVG Technologies dedicated to discovering malicious codes, and helps to cement AVG Technologies as the leader in global Internet security.

AVG Technologies is Double Winner of 2009 Global Excellence Awards

Mon, 20 Apr 2009 14:00:00 GMT

AVG Internet Security for consumers and AVG Internet Security Network Edition for businesses among top products named by Info Security Products Guide

Amsterdam, 21 April 2009 - AVG Technologies, a leading developer of Internet security software, announced today that a pair of its security solutions won prestigious 2009 Global Product Excellence Customer Trust Awards. The awards are sponsored by the Info Security Products Guide. These awards recognise products that offer the highest levels of security to consumers and businesses. Winners were announced during the RSA Security Conference in San Francisco. AVG was one of the rare companies receiving recognition in multiple categories.

AVG Internet Security won the top Security Solution for Consumers. AVG Internet Security for home users delivers comprehensive protection against viruses, spyware, identity theft, and poisoned web pages. It protects against all types of malware that can threaten an individual's personal information.

AVG Internet Security Network Edition won the top Security Solution for Enterprise (Small and SOHO). It provides comprehensive Internet security for a company's workstations, notebooks, and file servers. Small and SOHO companies have limited IT resources. With AVG providing security, they can focus on other business critical activities.

"In an interconnected world, threats have no boundaries, and security has to remain a prime requirement," says Rake Narang, editor-in-chief of Info Security Products Guide. "We are pleased to honour AVG Technologies as a winner in two categories for 2009."

Both products contain AVG LinkScanner technology, delivering users additional protection while they search and surf the internet. AVG LinkScanner was introduced in April as a free product to home users. It works alongside many other consumer internet security solutions and operates in real-time.

"Cyber criminals and cyberthreats are becoming increasingly more sophisticated. Sixty percent of transient threats, for example, come and go in less than a day. Layered solutions that can keep ahead of these threats are essential," stated JR Smith, CEO of AVG Technologies. "We strive to deliver these solutions for both homes and businesses. We are honored to receive this recognition by Info Security Products Guide and our customers for our efforts."

Info Security Products Guide
www.infosecurityproductsguide.com

Info Security Products Guide is a media sponsor of RSA Conference 2009 and Technosium Executive Alliance Forums engaging Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs). Info Security Products Guide is a technology research and advisory publication. It plays a vital role in keeping decision makers and end-users informed of the choices they can make when it comes to protecting their digital resources. The Info Security Products Guide awards recognize and honor excellence in all areas of information security.

AVG Launches Free Protection Against Online Threats

Mon, 20 Apr 2009 14:00:00 GMT

Standalone AVG LinkScanner® delivers real-time protection for Windows users, no matter what other security products they may use

Melbourne, 21 April 2009 - AVG (AU/NZ) Pty Ltd, the Australian, New Zealand and South Pacific distributor of the world's leading free anti-virus software, is today announcing AVG LinkScanner as a free standalone product to protect users against random, invisible online threats.

On any given day, some two million web pages are poisoned by hidden threats. And every day, 60 percent of those threats shut down or move to a different destination on the web - which makes real-time link scanning crucial. Any type of site can be affected, from a small business to a government department to a major brand-name company. If a user simply visits one of these poisoned web pages they don't even need to click on anything to get into real trouble, to lose their credit card details, their ID or other valuable information or files. Regular anti-virus software alone cannot protect against this type of threat.

AVG LinkScanner gives users an additional real-time layer of protection on top of their existing security software. It works by looking at the web page behind a link or a web address typed into a browser and analysing whether it harbours a threat. If it does, then AVG LinkScanner stops the user from downloading that page. This means that, for the first time, Windows XP and Vista users can truly know whether it is safe to click on a link at the only time that matters - when they click on it.

"It's our belief that every computer user has the right to basic security protection, regardless of the ability to pay," said J R Smith, AVG Technologies' CEO. "These dangerous web pages threaten to disrupt the very fabric of the internet as well as how we view and use it, posing an even bigger threat to users than viruses. Our 80 million users are already protected by AVG LinkScanner, which has been an essential part of our suite of security products for some time. So now we're making it available to users of other major security software brands, who just don't have the same degree of protection. Now any PC user can surf and search the web with confidence and without fear of losing their ID, bank account information, credit card details, valuable files and information to cybercrooks."

AVG LinkScanner also applies this targeted analysis of web pages to search results from Google, Yahoo! and MSN. Whenever users search using these search engines, they will see safety rankings for all 'organic' search results. In addition, the AVG LinkScanner will scan users' bookmarks as well as links contained in instant messages and emails before they open them to ensure the links are safe.

The AVG LinkScanner Advantage
AVG LinkScanner's unique ability to analyse web links in real-time enables AVG to deliver far more accurate and relevant protection than other safe-surfing solutions. Checking the safety of a page at the precise time the user is about to click to it is crucial in today's world of transient threats. Relying on information about a web site's relative safety days or weeks in the past cannot protect users against threats that remain in one place for less than 24 hours, and so AVG has rejected the traditional approach of relying on information about sites previously found to have been poisoned.

Unlike other solutions, AVG LinkScanner analyses individual pages on a web site to generate a rating for those pages. Imagine that one or two pages on a vast site like Facebook or MySpace are being used to spread malware. If a safe-surfing solution only rates entire sites based on what it finds on a couple of pages, a bad rating on those one or two poisoned pages would result in blocking users' access to any of their friends' pages on that site.

"The Web has become the primary distribution mechanism for viruses (and other malware), drive-by downloads and other stealthy web threats which represent vast majority of attacks," said AVG Technologies CTO Karel Obluk. "So we've evolved our product range to put greater emphasis on combating this more insidious and dangerous form of attack. AVG LinkScanner is at the front line of this additional protective layer. By making this layer freely available, it's our goal to give users the confidence to always feel safe when they go online."

Neighborhood Watch Research
AVG's 'neighborhood watch' approach to AVG LinkScanner research also increases the product's ability to provide relevant protection to users - putting the protection where users actually go and when they go there, rather than trying to map and secure the entire Internet. The LIVE Intelligence Network has for the past five years focused solely on this area of evolving threats through the combined resources of:

a global team of expert human researchers and a network of 'hunting pots'
an intelligent filter for known and suspected threat distribution sites and mechanisms
automated threat encounter feedback, ensuring focus on real-world threats that affect real users

AVG LinkScanner aggregates intelligence gained through these three channels, correlates it in real time, and integrates it back into the threat analysis process to continually improve user protection.

Other tricks are being developed all the time, and users should not assume they are safe if some other pop-up appears while they're surfing the web or downloading files. Running AVG LinkScanner will protect users against new as well as existing forms of social engineering trickery.

Availability and System Requirements
AVG LinkScanner continues AVG Technologies' mission to deliver lightweight, easy-to-use solutions that don't slow users' computers down and provide robust protection as soon as they're installed. The software is free for use on any personal home computer for non-commercial purposes. It can be downloaded from http://www.avgfree.com.au. Support is available through a free online forum hosted by AVG at http://forums.avg.com.

AVG LinkScanner runs under all current versions of Windows XP and Vista, both 32- and 64-bit. The software is compatible with all major security software and with Internet Explorer 6 or later and Firefox 2 or later browsers. AVG LinkScanner is available today in English and will be available in Bahasa, Brazilian Portuguese, Chinese (Traditional & Simplified),Czech, Dutch, French, German, Japanese, Korean, Malay, Polish, Portuguese, Russian, Spanish and Turkish from mid May.

Keep in touch with AVG
For up-to-the-minute news on the latest cyberthreats:

Subscribe to AVG Chief Research Officer Roger Thompson's blog at http://thompson.blog.avg.com/
For general AVG updates follow AVG on Twitter @officialavgnews

AVG (AU/NZ) on the Conficker/Downadup/Kido Worm

Tue, 31 Mar 2009 13:00:00 GMT

1 April 2009 - AVG security solutions protect you from, detect and remove the Conficker/Downadup/Kido worm.

Here at AVG (AU/NZ) we provide free telephone technical support for our customers. So we get to know real soon if something is a big issue. We just haven't had any calls from AVG users infected with the Conficker worm.

The news reports in the media have continued to proliferate. Now they're speculating as to what this new botnet might be used for. 60 Minutes in the USA even did a story on it recently.

The important thing to know is that if your PC's operating system is properly up-to-date, if your utilities (e.g. Acrobat Reader, Flash etc.) are up-to-date, and your AVG Anti-Virus or Internet Security software is properly up-to-date, there is no need to be concerned.

If you haven't run Microsoft or Windows Update recently, please do so now. Update all of your utilities as well. If you're running AVG 7.5 or 8.0, update to AVG 8.5 for free. Also make sure your malware database definitions are up-to-date. Run all of your various update options until they say there are no more updates to install.

The vulnerability in Windows that the Conficker worm takes advantage of was fixed by Microsoft in October 2008. Users of Windows XP, Vista and 7 on the latest service packs should have received and installed this update automatically.

What's fuelled the media hype about Conficker is the high profile and prominence of the organisations that have been successfully infected by Conficker. Various news organisations, hospitals, government departments, navies etc. The reason that these types of organisations have been hit, is that most of them run a locked down standard operating environment (SOE). They simply don't install and circulate updates as frequently as typical home or small business users. Thus these large organisations leave themselves exposed to known exploits for much longer. This time they have paid the price for doing so.

Conficker/Downadup/Kido Worm Infects Over 9 Million PCs

Sun, 29 Mar 2009 13:00:00 GMT

30 March 2009 - AVG Anti-Virus and Internet Security products protect your Windows PC from all known variants of the recent Conficker/Downadup/Kido worm that has been infecting numerous PCs worldwide. On Windows PCs already infected with the Conficker/Downadup/Kido worm, AVG products also detect and remove all known variants.

The AVG Technologies Labs has been actively tracking the spread of the Conficker/Downadup/Kido worm since the end of November 2008. Unpatched PCs are most at risk, as well as networks with weak or no passwords. This worm, alternativelly known as I-Worm.Generic, is able to spread very quickly because it uses three effective ways to propagate:

Exploits a Windows vulnerability, see MS Security Bulletin MS08-067. The Microsoft patch was released released on 23 October 2008, but it seems there are still a lot of unpatched computers.
Exploiting network shares with weak or no passwords. The worm contains a list of common passwords - a good reason to use strong passwords.
Copies itself to removable media, usually USB sticks. Using the AutoRun function (creates autorun.inf file)

The first versions of Conficker/Downadup/Kido were seen at the end of November / begining of December, 2008. By late January 2009 the AVG Technologies Labs had observed more than 300 different variants. All known variants are detected and healed by AVG products. Besides spreading, the worm can also download other malware and can redirect legitimate URLs access to various other malicious web pages.

How to protect against the Conficker worm:
It is necessary to install the mentioned Windows update and make sure your AVG product is fully up-to-date. Microsoft have also released a special KB article: Microsoft Virus alert about the Win32/Conficker.B worm.

Download the latest AVG update for maximum protection.

In case your computer is infected by Conficker:
If your PC is already infected by the Conficker/Downadup/Kido worm, it may not be possible to update your AVG product correctly. In order to allow correct AVG updates, please proceed as follows:

Open Start -> Run.
Type 'cmd'.
In the opened command line windows type the following command and press Enter:
net stop dnscache
It will be possible to update your AVG product now. Once updated, run an AVG scan to remove the infection:
AVG -> Computer Scanner -> Scan whole computer
When the scan is finished, please restart your computer.

Support the Vinnies Victorian Disaster Appeal - Add a donation button

Thu, 12 Feb 2009 13:00:00 GMT

Melbourne, 13th February 2009 - In our previous news item we posted a donation button that can be used on your web site to help promote the Australian Red Cross Victorian Bushfire Appeal 2009.

You may also like to promote the St Vincent de Paul Society Victorian Disaster Appeal by putting the donation button below onto different pages of your web site. St Vinnies are contributing significant help and resources to assist the people affected by the fires to rebuild their lives.

To help you to increase secure online donations to the St Vincent de Paul Society Victorian Disaster Appeal via the St Vincent de Paul web site, we've designed the donation button below.

You can add this button to the upper right corner of your own web site pages. Please add the code below, near the bottom of all of your web page code, immediately before the tag:

<script type="text/javascript">

  <!--
  document.write('<div style="position: absolute; left: 100%; top: 0px; overflow: visible; height: 120px; width: 120px; margin: 0 0 0 -120px; padding: 0; z-index: 9999; border: none; float: none;"><img src="http://www.avgfree.com.au/images/vinnies-appeal.gif" width="120" height="120" border="0" usemap="#rc" /></div><map name="rc"><area shape="poly" coords="0,0,120,0,120,120" href="https://www.vinnies.org.au/onlinedonations/index.cfm?state=vic&appeal=63" /></map>');
  // -->
</script>

Please support the Victorian Bushfire Appeal - Add a donation button

Tue, 10 Feb 2009 13:00:00 GMT

Melbourne, 11th February 2009 - The recent bushfires in Victoria, Australia are already the worst natural disaster ever experienced by Australians.

The past week has seen the destruction of communities, homes and lives with the death toll still growing. Fires are still burning and threatening even more people and properties.

The Victorian State Government and Australian Federal Government, in partnership with the Australian Red Cross, have set up the 2009 Victorian Bushfire Fund to assist individuals and communities affected by the devastating bushfires in Victoria.

To help you to promote secure online donations to the Victorian Bushfire Appeal 2009 via the Australian Red Cross web site, we've designed the donation button below.

You can add this button to the upper right corner of your own web site pages. Please add the code below, near the bottom of all of your web page code, immediately before the tag:

<script type="text/javascript">

  <!--


  document.write('<div style="position: absolute; left: 100%; top: 0px; overflow: visible; height: 120px; width: 120px; margin: 0 0 0 -120px; padding: 0; z-index: 9999; border: none; float: none;"><img src="http://www.avgfree.com.au/images/red-cross.gif" width="120" height="120" border="0" usemap="#rc" /></div><map name="rc"><area shape="poly" coords="0,0,120,0,120,120" href="https://www.redcross.org.au/Donations/onlineDonations.asp" /></map>');


  // -->

</script>

Thanks to Brian Alvey for this idea.

Short-lived stealthy attacks are the new web threats

Wed, 28 Jan 2009 13:00:00 GMT

New AVG research shows extent of problem, risks of relying on 'traditional' protection

Melbourne, 29th January 2009 - AVG Technologies, a leading developer of Internet security software, has released statistics that paint a scary picture of the way web-borne threats are developing. Unlike viruses, which make a point of being obvious and staying around for as long as they can, the primary characteristics of web infections today are stealth and transience - meaning they are secretive, short-lived, and fast-moving.

Today's online threats frequently appear briefly on an otherwise legitimate site, moving on to other sites before they can be identified and blocked. In other instances, the criminal element behind these threats simply sets up hundreds of seemingly-legitimate web sites with embedded infections, promotes them for a day or two, and then shuts them down, never to be seen again. The rate of appearance of these 'here today, gone tomorrow sites' is increasing - in just the past three months, AVG researchers have seen the average number of unique new infective sites that appear growing from 100,000-200,000 a day to 200,000-300,000 a day, a pattern that looks set to continue.

One example of a transient threat is malicious advertising - known as 'malverts'. Online criminals simply create and submit a 'malvert' to an advertising network, which then unwittingly distributes the malicious advert to hundreds of sites. Computer users clicking on these ads, or even simply exposed to them accidentally, can become infected with data-stealing spyware.

There are plenty of other examples of threats where the user can be infected by simply visiting a web page, without even clicking on a link - so-called 'drive-by downloads' can steal passwords, bank account information, and other valuable personal data without the user being any the wiser. AVG's research indicates that close to 60 percent of sites launching 'drive-by downloads' are infective for one day or less. Figure A below shows the typical length of time these transient infections are 'live'.

Figure A: Number of Days Transient Infections Are Live

This transience means that anyone relying on security software that provides protection using traditional virus 'signatures' or by periodically scanning the millions of sites active on the web at any given time is completely unprotected just when they need that protection most: that crucial time when they click a link to a page poisoned with one of these transient infections.

According to AVG Technologies' CEO J. R. Smith, "The hallmark of today's web-borne infections is 'here today, gone tomorrow'. Any web security product that relies on visiting and scanning websites to deliver a safety rating to its users would have to visit every one of the hundreds of millions of sites on the Internet every day to provide protection against these threats - a technological impossibility even with today's supercomputers. Our recent acquisition of Sana Security's behavioral analysis technology adds yet another layer of protection that will help us to keep users safe from new and unknown threats."

Transient, rapidly-changing information is also a hallmark of social networks like Facebook and MySpace, so it's not surprising that cybercriminals have found fertile territory there. Messages from 'friends' that direct users to malicious pages, which then download infective malware in the background, are all-too-easy for people to mistakenly trust. Then there are links to music or video clips that ask users to download a seemingly-innocent multimedia program - but which carry a hidden threat.

AVG Technologies' Chief Research Officer Roger Thompson notes three key factors that make it particularly difficult for security companies to track and detect these types of threats:

"Firstly, it takes a long time to detect and close down threats distributed randomly across thousands of different pages on a large social networking site. Secondly, the threat is usually short-lived: a malicious program delivered through a popular site doesn't need to run for long to attract a large number of victims. And thirdly, the Internet is so large that scanning every web page for a threat that may only be present for a few hours or days is simply not feasible."

AVG takes a different approach to protecting users against these hidden threats. The company's LinkScanner web security software brings together data from experts and users alike to provide a crucial layer of real-time protection for all AVG's security products.

Thompson believes this layered approach is vital given the nature of today's threats. "If a site contains one bad thing, it might easily contain multiple bad things - and usually does. By bringing together data from multiple sources, we're able to build a very complete picture of individual threats and provide the appropriate protection."

"It's important that users understand traditional anti-virus software, while still an important part of online security, is no longer able to provide protection against every individual virus out there - our labs are seeing tens of thousands of new viruses every day. So what we do is look at the behavior of these threats - which is a much more manageable task because there are far fewer different ways in which the threats are delivered. It's rather like detecting letter bombs - we get enough data from our research to be able to identify a threat (the bomb) by the delivery mechanism (the envelope enclosing the bomb)."

AVG software provides the most timely, precise and reliable protection for Internet users by analyzing web pages at the only time it matters - when the user is about to visit them. AVG offers the industry's only real-time protection against the new generation of web-borne threats to protect users' personal information against unwanted intrusions from cyber criminals.

AVG Named Finalist for Best SME Security Solution

Tue, 20 Jan 2009 13:00:00 GMT

AVG's Internet Security Network Edition Recognised by SC Magazine UK

Melbourne, Australia and AMSTERDAM, The Netherlands, 21st January 2009 - AVG Technologies, a global anti-virus and Internet security software provider with over 80 million users in 167 countries, today announced that its Internet Security Network Edition (NE) solution has received the "Recommended" designation in the most recent Anti-malware Group Test performed by security publication SC Magazine. Eight companies participated in the test. AVG Internet Security NE received the highest possible overall rating of five stars.

The reviewer commended AVG for providing feature rich, full protection. He found the product very easy to install, and particularly complimented its centralised management capabilities. In addition to the overall five star rating, AVG Internet Security NE received five stars for features, ease of use, performance, and documentation.

AVG Internet Security NE provides businesses with powerful, easy-to-use protection against the full range of threats. It does this without hogging valuable system resources. The software works efficiently and unobtrusively in the background, around the clock. This enables employees to focus on their work and IT staff to focus on other business critical activities.

AVG Internet Security Network Edition delivers:

Protection against viruses, spyware, adware, rootkits, hackers, phishing and spam
Real time analysis of web pages to prevent drive-by downloads
Company-wide security for workstations, laptops, file servers and SharePoint Portals
Protection against infected file downloads, including over instant messaging channels
Centralised installation, deployment, management and configuration
Small client footprint for low-impact performance
High-speed, automatic updates
Free telephone service and support for Australia, New Zealand and the South Pacific delivered from Melbourne, Australia
Free e-mail and online support and service around the clock and across the globe

AVG Internet Security NE currently supports clients in 15 languages, with additional language support in development.

"Receiving SC Magazine's anti-malware "Recommended" award for AVG Internet Security Network Edition is a real honour," said Karel Obluk, CTO of AVG Technologies. "Internet Security Network Edition provides comprehensive protection for business networks that's easy to implement and easy to use. We're proud to provide a full range of defences against 21st-century cyber threats."

The patented LinkScanner® safe search and safe surf technology protects individuals as they surf the web. LinkScanner's unique technology ensures that users are protected against drive-by downloads and other hidden threats at the only time that matters - when they click on the link. While other safe-surf products rely on historical databases, LinkScanner assesses each link in real time. This is a vital attribute in protecting against threats that may be present for only a matter of hours. LinkScanner is integrated into AVG's business and consumer solutions.

To learn more about AVG's solutions for business, go to http://www.avg.com.au/business-security/

SC Magazine's (US) Anti-malware Group Test appears in the January 2009 print edition and can be found online at http://www.scmagazineus.com/Group-Test-Anti-malware/GroupTest/156/

AVG Technologies Announces Acquisition of Sana Security

Mon, 12 Jan 2009 13:00:00 GMT

Online Identity Protection Products and Intellectual Property Extensions Strengthen AVG's Suite of Security Software Solutions, Marks AVG's Entrance into Silicon Valley

MELBOURNE and AMSTERDAM, 13 January 2009 - AVG Technologies, a global Anti-Virus and Internet Security software provider with over 80 million users in 167 countries, today announced the acquisition of Sana Security, a leading developer in identity theft prevention software. Sana's forward-looking technology in the industry comes from its behaviour-based security software that proactively protects against threats in a similar way to the human immune system.

The transaction marks another successful milestone as AVG continues its corporate growth strategy to continually improve Internet security coverage for individuals and small businesses and expand its global footprint. Headquartered in Redwood City, California, Sana also provides AVG with its first offices in Silicon Valley.

As the threat landscape evolves with more sophisticated online attacks to steal personal information, Sana's technology complements AVG's existing portfolio by delivering continuous threat detection and automatic removal of malicious software proactively. Tens of thousands of new computer threats - including increasingly complex bots, rootkits, spyware, and Trojan horses - are released every day; Sana's technology helps computer users to simplify and streamline protection against identity theft.

"AVG's acquisition of Sana is one of the most exciting accomplishments in identity theft prevention. Sana's unique behavioural software, combined with AVG's existing security technology, will provide the most comprehensive online identity protection in the industry, delivering continuous real-time protection. At the same time, AVG will continue to maintain low PC resource utilisation for optimal system performance, a critical requirement both for the individual at home and for the business user," said J.R. Smith, CEO of AVG Technologies.

Sana Security's personnel, together with its research organisation Sana Labs, will be integrated into the AVG organisation and maintain offices in Silicon Valley.

Sana's products use advanced behavioural technology to protect users' personal information - including logins, passwords and account information - and other critical data stored on the computer. By mimicking the approach used by the human immune system to repel attackers, the software prevents hackers from capturing and transmitting sensitive information away from the user's machine, compromising their online security.

Sana's technology "learns" normal application behaviour by observing the way those applications interact with each other (their "code paths"). Vulnerabilities in the form of software bugs, user configuration errors, malware infections, and other forms of attack force applications down unexpected code paths. The behavioural technology recognises this misdirection and eliminates the threats before they can affect the user's data.

News and Media Releases from AVG (AU/NZ)

AVG Threat Labs to Provide Innovative, Free Detection Tools to Internet Community

AVG Technologies and MokaFive Partner to Secure Virtual Desktops

World’s first integrated solution automatically protects security of virtual environments

Availability:

Turkey and Russia Feature the World’s Riskiest Web Surfers

AVG study looks at the safest and most dangerous places to surf the Internet - Australia No. 37th and New Zealand No. 63rd riskiest

South America and Africa 'Safe'

AVG Urges Travellers to Keep Safe

Security Fears and Cloud Computing: Building Trust In New Data Delivery Models

Did You Know:

Cloud Computing Without Trust is Just Low-Hanging Fog

How Do We Get Inside the Cloud?

What To Do

AVG Independently Ranked On Top For Protection

Creating an Illogical Password to Beat the Bad Guys

So What Makes a Good Password?

Seven Steps To Password Perfection:

Protect Your PCs Against Adobe Reader Security Flaws

How to secure Adobe Reader

Only You Can Protect Yourself and Your Family From the Dark Side of the Web

The Bad Guys of the Internet - Know Your Enemy

Know Your Enemy:

Hackers

Crackers

Script Kiddies

Cyber Criminals

Cyber Spies

Cyber Extortionists

Cyber Activists

Cyber Terrorists

Cyber Warriors

How to protect your business and yourself

Elections - who can you trust?

AVG Research Shows 55,000 Computers Compromised by Cybercriminals Using Mumba Botnet

AVG Research Discovers 1.2 Million Computers Infected Using Eleonore Exploits Toolkit

Social Networking for Business: Risk or ROI?

Did You Know?

A new term to learn - gateway data

The ROI Benefits

Top Ten Tips to Protect You Against Identity Theft

Stay Secure Online While You're Travelling

AVG (AU/NZ) Launches New Zealand Web Site

We're only a small business, we don't need a formal IT security policy

AVG Nets Key Industry Accolades

Don't Play Online Without Protection!

Who suffers most as a result of a data breach - customers, employees or the business?

AVG LinkScanner® for Mac Stays One Step Ahead in Keeping You Secure

AVG Researchers Identify New Social Network Application Threats

AVG (AU/NZ) Supports National Cyber Security Awareness Week

The Seven Pillars (Components) of Online Security Suite Wisdom and You

The seven pillars (components) of security wisdom

AVG Internet Security Free for Staff at Home with Purchase of AVG Internet Security Business Edition

Making the Match: Internet 'active' or Internet 'passive' - determining levels of protection

Great Security Myths #2: I Don't Need Anti-Virus Protection, I Bought an Apple Mac!

Technical Facts

Essential Protection Against Computer-Based Attacks

Facebook Privacy is Complicated

AVG Researchers Identify Massive Propagation of Rogue Applications through Facebook

Why Security Software? Understanding the Threats

AVG Technologies Teams Up with Affinegy for a Secure Digital Home

Who's the Bigger Threat? Staff or Cyber Criminals?

Facebook Shares Personal Information Across the Web By Default

Beware of Disposable Facebook Applications Installing Adware

How Secure is Your Mobile Phone and What Can You Do About It?

Test Yourself: Are You at Risk of Identity Theft?

AVG (AU/NZ) Reveals the Evolution of a Successful Piece of Malware - Zeus 2.0

How Malware Can Sneak Into Your Company Networks And How To Deal With It

Did You Know:

1. Web Surfing and Social Networking - It's the Wild Web Out There

2. E-mail and Spam - Oldies But Still Baddies

3. Instant Messaging - Chatting Your Way To Trouble

AVG Helps the Environment One Download at a Time

How to Stay Safe Online in 2010

AVG Technologies Fortifies its Cyber Crime Research Labs

How to let staff use their Personal Technology Securely

Did You Know?

Why Traditional Anti-Malware Solutions Are No Longer Enough

AVG Internet Security Products for Home and Business Win Awards

AVG Comes to the Rescue: Ships FREE Emergency Boot-up CD

1. Web Surfing and Social Networking
- It's the Wild Web Out There

2. E-mail and Spam
- Oldies But Still Baddies

3. Instant Messaging
- Chatting Your Way To Trouble