What happened for us in 2011?

 

Milestones for MYSecurityCenter:

 

– New sister company!
We launched a new sister company, MYPCSupport, which offers professional PC-assistance to private users and small companies. With this service you can sit back and relax while IT-experts fix your computer problems remotely. Learn more on www.mypcsupport.com

 

– New collaboration
With our product MYSecureOnlineBackup we proudly launched a new collaboration with one of the world´s leading online backup providers called Mozy. We chose them because they are known for high quality and reliability.

 

– Best selling product
In 2011 our best selling product was our popular MYPCTuneUP. Thousands of happy customers use this program that makes the computer faster and more effective.

 

– Staff
2011 was a busy year for us and therefore we hired several people for our team, which means that we are now a team of around 20 to make a difference for our clients.

 

– Number one on Trustpilot
We still offer our friendly support in 11 different languages. In 2011 we became the best rated security software company on the independent consumer rating site www.trustpilot.com with a score of 9,2 of 10 points for best service and support.

 

– Users and markets
Now around 1,2 million people use our software. Our biggest markets are Denmark, Germany, Holland and England.

 

Milestones for MYMobileSecurity:

 

– During 2011 we established ourselves as one of the fastest growing companies within the mobile security sector with more than 100.000 new users every week

 

– We made partnerships with over 40 operators and carriers, among them Verizon, the biggest telco in the US with more than 93 million customers, Tele 2 which is a renowned leader in Europe with more them 50 million customers in 16 countries, Comviq, one of the biggest in Sweden and also TIM, the leading Italian telco.

 

– In 2011 we reached more than 4 million users

 

– Our antivirus apps MYMobileSecurity and MYAndroidProtection were amongst the most downloaded antivirus apps on app stores like Android Market, Ovi Store, Softonic and Getjar.

 

– MYAndroidProtection was reviewed live on the Danish TV show Good Morning Denmark receiving very positive feedback, being picked as the winner and the best product in the test.

 

– MYAndroidProtection was called “my favourite app” on the whole Android Market by the chief editor at Android Magasinet.

 

– We won several other awards as the best security product for smartphones

 

The biggest mobile security threats in 2012

Malware on smartphones, especially on Android phones exploded in 2011. But is this a trend that continues this year? Yes, assess security experts Kevin Freij and Janus R. Nielsen, co-founders of the security company www.mymobilesecurity.com. They look back on trends and threats in 2011 and give their take on the challenges the security industry and private smartphone users will face in 2012.

Malware
2011 was the year when malware on Android phones rose with lightning speed. According to a report by the network producer Juniper the increase was on 472 percent alone between July and November. Especially fake apps, mainly pirated versions of well known apps developed by criminals, have been the main sinner. The fake apps are primarily being downloaded from Android Market or from the Asian and especially Chinese app stores. And many of them have been an expensive acquaintance, because they install viruses on the phone and can drain the user’s account by sending SMS messages to expensive toll numbers. “We have seen an explosive increase compared to 2010 in terms of new apps entering the market and with these come more malware. Hackers have figured out how to find very clever ways to smartphone users mobile accounts, both prepaid and postpaid accounts. This trend will continue because it is a very lucrative market for fraudsters” says Kevin Freij, CEO of MYMobileSecurity, that makes security applications for smartphones. As for malware on iPhones, viruses are not the biggest issue for Apple-users. “The problem is rather the unstable iPhone OS. “iPhone has some problems when updating their systems regularly. When the updates are done we have seen serious security holes appear. There have been various examples on that, I remember one from this summer when one of the biggest newspapers in Denmark hacked up the current Danish Deputy Prime Minister Margrethe Vestager´s iPhone getting access to both her voicemail and emails.”

Fake emails (phishing)
According to a study by the security company Trusteer in January last year, smartphone users are three times more likely to fall for the fake phishing emails than computer users. The fraudsters behind phishing emails try to “fish” passwords and financial data out of the users by pretending to be credible and well-known companies or individuals. People can be more easily fooled on their smartphone because they are constantly “on” and because they answer their emails as soon as they come in. Also the small screen size of the phone makes it difficult to spot a bad link or logo. “The increase in phishing emails and also in fake SMS (smishing) will continue in 2012”, co-founder of MYMobileSecurity Janus R. Nielsen believes. He points out the fact that mobile banking is becoming more and more common. “It is getting still more important, especially for Android users, to have security software installed that can warn against the approximately 500 million links classified as hazardous. “This way you can at least avoid visiting the already known infected sites. The challenge for the mobile security industry will be to develop a technology similar to what exists on computers and which can recognize patterns and thus warn against suspicious but not yet registered hazardous sites. This technology is not yet available for smartphones, but it will be all though this will probably rather happen in 2013 than 2012 “, he says.

Stolen or lost phones
An employee forgetting his phone in a restaurant or somehow letting it fall into the wrong hands, will actually be amongst the biggest security risks for companies next year. Corporate data leakage can potentially end up being a very costly affair. “The attack risk is much bigger on mobile devices than on laptops and there are fewer security controls”, Kevin Freij says. “Apart from the same things you can do on a laptop, you also have other features on a smartphone like location information, camera, voice dialing and SMS channels that are potential ways into the phone. It is still a challenge for the mobile industry to find ways to deal with these new risks and threats”.

Spyware such as CarrierIQ
After the recent discovery of the existence of the program Carrier IQ on most smartphones, the discussion about whether surveillance is acceptable or not has been intense. “There is no doubt that the mobile security industry is still not defined. None of the mobile anti-virus firms in the market discovered CarrierIQ. Security firms simply do not look after those type of activities – yet, “says Kevin Freij. “We know that a combined approach of different functions working together is the best way to achieve the highest level of security on a mobile today. If you add antivirus, theft protection, backup, network monitoring, safe surfing, app security management and more, you will reach a higher security level than just having an antivirus. However, that does not solve the CarrierIQ issue right now, but the security industry works continuously towards developing new technologies, and hopefully we will be able to track that kind of programs in the future”, he says.

QR bar codes and viruses
In 2011 we saw the first mobile QR barcode – the codes that is scanned by the camera on the phone – spreading viruses. It was a Trojan virus that sent text messages to an expensive toll number. Janus R. Nielsen believes that 2012 we bring more examples of fake QR codes, but the threat will not be overwhelming. “There are certainly more of these examples to come – the more users of QR codes, the more hackers. But as long as you have a security program installed that warns against unsafe links and URL´s, this should be a manageable problem.”

Mobile banking and transactions
Bank apps had a breakthrough among the private smartphone users in 2011. “We see a huge demand for mobile banking applications that provide full access to the user’s bank accounts. Most of the apps are very safe, but if you use mobile banking, it is wise also to have some kind of security software installed.” Kevin Freij says. He estimates that the biggest risk with mobile banking can be found in cases where banks send a code via SMS to the mobile phone so that the user can enter the code to confirm that it is the right person logged in. “The code can be easily intercepted if a spyware program is installed on the mobile. And if that is the case, the user is usually unaware of it unless the security software has spotted it. Another good tip is to check your account statements regularly so you are sure that no unpleasant surprises appear”, he says.

For more information contact:

Stine Mynster, PR Manager
stine@mymobilesecurity.com
Mobile: 0034 699403895

Tips & Tricks for your Smartphone

Avoid malware on your smartphone!

• Do some research before downloading
Before you install an app, do some research on it. Check the reviews on Android Market and the other app stores. Are they positive? If there are no reviews and the app is not brand new, you should get suspicious. Also check to see what acknowledged websites such as PCWorld, ComputerWorld, AppBrain, AppCircus etc. say about it. You can also check who the developers behind the app are. If they do not even have a website, you should probably stay away.

• Check the permission on personal data collect
A good idea is to always check what kind of data your app has access to before you download it. For instance, there is no need for a bar code scanner-app to have permission to look through your contacts or localize you via GPS. If an app is asking for too much unnecessary information you should reconsider the download.

• Don’t use automatic logins
Don’t set an app that has access to your bank account to log in automatically. Set your phone to lock after it has been on for a certain period of time. That will make it more difficult for others to access your data.

• Make sure your phone has an antivirus scanner installed
With antivirus applications you can scan your phone and avoid installing files with known malware and viruses. Most programs allow you to track and lock your phone down remotely if you lose it, and to back up your personal data. All features that our antivirus apps MYAndroidProtection and MYMobileProtection have.

• Watch also out for scams on your phone
Just as it happens on your PC, your phone is also a target for scammers. Fake websites try to trick people into entering personal data and some sites also make you download malware on your phone just by entering it.

• Be aware of fake QR-codes
Look carefully at the link that pops up when you scan a QR-barcode with the camera on your smartphone. If it contains many numbers and symbols and it does not match the ad or text that you scanned, stay away from it.

The 2011 scammer-trend: Phishing emails

Don´t be fooled by scammers. Hear what happened to one of our customers when she received a phishing email from a man requesting counseling and a health check-up.

You have probably heard about the so called phishing emails, were scammers try to “fish” money out of innocent people´s accounts approaching them via more or less trustworthy looking emails. In 2011 this trend increased significantly making it one of the most common security threats for PC users.

One of MYSecurityCenter´s customers, practitioner Rumana Zahn wrote us an email telling about her experience with scammers pretending to be interested in two weeks of yoga retreat, checkups and counseling for a group of ten people.

Rumana Zahn took the request seriously to begin with, she almost followed through, but luckily she got suspicious. The scammers asked her if they could pay her for full fee including their interpreter´s fee which meant that she should pay their interpreter directly. The trick consisted in the fact that the fraudsters would pay over the net with a stolen credit card. Out of the 7,000 euros they would transfer, she could keep her fee of 2,000 and the rest she would transfer by bank to their translator, which of course was part of the scammer team. That way she would participate in laundering stolen money, which is illegal. She was repeatedly asked whether she accepted credit card payment, but since she had no possibility of accepting this form of payment, she asked the fraudsters to make a bank transfer. She began to get suspicious when she received a second email in which he repeated his questions about credit card payment.

“I began to suspect the whole thing being a hoax, although I actually thought that the approach initially sounded serious. I guess it would have meant me having to be liable. Very clever indeed”, Rumana Zahn says. She asked them to pay by bank transfer or PayPal but she never received an answer.

“Since then I get an email like this twice a year – it’s very similar – a group coming, please arrange. Another friend of mine got the same email two years ago”.

Rumana Zahn is just one of many people who have been attacked by scammers sending out fake emails. Read this newsletter´s Tips and Tricks on what to keep in mind when a phishing email hits you in 2012.

Thanks to Rumana Zahn for telling us her story.
See one of the original phishing emails below.

From: johnsonwilliams400 [mailto:johnsonwilliams400@gmail.com]
Sent: Wed 02 November 2011 15:21
To: j.williams2000@rocketmail.com
Subject: Inquiry

Greetings,

I want to book for 2 weeks checkups and counseling, 1 or 2 hours each
day Monday to Friday (morning or evening hours) for a group of 10. We
will be coming for a one month vacation/holiday from 29th Nov 2011 and
in line with our plans we will require 2 weeks Natural Therapy to help
maintain healthy body due to the nature of our job and also to make
our stay fun. The checkups and counseling should basically be on
Naturopathic consultations or any other Natural Therapy you can offer.

Please let me know if your clinic can handle this for us and get back
to me with requirements to enable me contact you with more
clarifications. Also confirm if you can arrange a one on one checkups
and counseling for us or if its better in group.

Awaits your email.

John Williams

Tips and Tricks

 

Avoid falling for phishing-emails!

 

• Do not reply on emails or pop-ups asking for personal or financial information.

 

• If you are not sure about the reliance of the email, check up on the contact information. Open a new internet browser session and type in the company´s web address yourself. Don´t click on any links in the email and don’t copy and paste the link from the message, it could be a fake link.

 

• Check that the name in the website from the email is not changed slightly. For instance spelling Microsoft as Microsofts or Mircosoft.

 

• Make sure your antivirus, antispyware and firewall are updated. Antivirus software scans incoming communications for troublesome files and warns you before you download harmful files. A firewall helps make you invisible on the Internet and blocks all communications from unauthorized sources.

 

• If the email contains errors, spelling mistakes or if the text simply does not sound good, stay away!

 

• Check that the sender of the email is the same as the company stated to be behind the email.

 

• Don’t email personal or financial information. Email is not a secure communication method. Normally proper companies as your bank would never ask you to email them your passwords or credit card number.

 

• Review your bank account or credit card statements every week. That gives you time to react on any unauthorized payment or transactions. If you see something suspicious, contact your bank immediately.

 

• Report spam and phishing-emails to FBI via Internet Fraud Complaint Center on www.ifcbi.gov. They collaborate with the authorities worldwide about closing down the phishing-websites and identifying the scammers behind. You can also report it to Anti-Phishing Working Group (an e-commerce-community) on reportphishing@antiphishing.org.

 

Worst passwords in 2011 – is yours one of them?

 

We all know that having a strong and difficult to guess password is important. However, a recent report from SplashData on the 25 most common passwords in 2011 shows that internet users still go for hackable and easy to remember passwords. The list is generated from millions of stolen passwords posted online by hackers.

 

Take a look and see if your password is on the list. To create a strong one, we recommend both upper and lower case letters combined with numbers and symbols. Sometimes it is easier to remember whole sentences like my_dog_is_sweet1 or house_on_fire! instead of singular words.
Remember also to change your passwords regularly.

 

1. password
2. 123456
3. 12345678
4. qwerty
5. abc123
6. monkey
7. 1234567
8. letmein
9. trustno1
10. dragon
11. baseball
12. 111111
13. iloveyou
14. master
15. sunshine
16. ashley
17. bailey
18. passw0rd
19. shadow
20. 123123
21. 654321
22. superman
23. qazwsx
24. michael
25. football