Tag Archives: News

Facebook Survey: More than 50% of users don’t trust news on the social network

Facebook tries to stop “fake news” by surveying its own users

Facebook is surveying its own users to try and stop the spread of “fake news” on its social media platform. The new survey asks two questions:

  1. Do you recognize the following websites?
  2. How much do you trust each of these domains?

The “fake news” phenomenon is a cybersecurity issue that we predict will be relevant in 2018 and beyond, since social media platforms are used to sway public opinion. As reported by the New York Times, social media companies provided evidence to Congress that Russian influence might have reached 126 million Americans on Facebook and other platforms during the 2016 elections.

Social media critics are questioning whether Facebook’s own users should be trusted to determine which news outlets are “fake news”. In fact, when it comes to domain trust, Facebook itself faces skepticism. A recent Panda Security survey showed that 47 percent of parents consider Facebook “unsafe” for their children to use.

Panda Security has conducted an additional survey using Google Surveys to see how much consumers trust Facebook as a gatekeeper of news and information on their newsfeeds.

We asked a weighted sample of 765 online users in the United States: “How much do you trust Facebook to choose what news you read?”

  • 8.2 percent said “A lot” or “Entirely”
  • 20.4 percent said “Somewhat”
  • 20.0 percent said “Barely”
  • 51.5 percent said “Not at all”

The data shows almost three-quarters of respondents have little confidence in Facebook’s ability as a news gatekeeper, with a minority of respondents indicating high levels of trust.

Looking at the data by gender, male survey respondents were more likely to distrust Facebook than female survey respondents. While 73.4 percent of males said they “Barely” trust Facebook or trusted it “Not at all”, 69.7 percent of females said the same.

A larger percentage of males also said they trusted Facebook “A lot” or “Entirely”: 8.9 percent of males versus 7.4 percent of females.

Trust among age groups was fairly consistent. While 49.1 percent of respondents aged 18 to 34 answered “Not at all” with respect to level of trust, 56.9 percent of respondents aged 35 to 54 answered the same. Among respondents aged 55 and older, 51.5 percent answered “Not at all”.

Methodology

The Facebook Trust Survey was written by Panda Security and conducted using Google Surveys. The survey collected responses from 1,015 online users in the United States from January 25 to 27, 2018. Responses were matched down to a weighted sample (by age, gender, and geographic distribution) of 765 to produce the final results.

The following methodology description is provided by Google Surveys: Google Surveys shows questions across a network of premium online news, reference, and entertainment sites (where surveys are embedded directly in the content), as well as through a mobile app, Google Opinion Rewards. On the web, users answer questions in exchange for access to the content, an alternative to subscribing or upgrading. The user’s gender, age, and geographic location are inferred based on anonymous browsing history and IP address. On the mobile app, users answer questions in exchange for credits for books, music, and apps, and users answer demographic questions when first downloading the app. Using this data, Google Surveys can automatically build a representative sample of thousands of respondents. For more detailed information, see the whitepaper.

Download your Antivirus

The post Facebook Survey: More than 50% of users don’t trust news on the social network appeared first on Panda Security Mediacenter.

Read More

Why is technology leaving older people behind?

Advances in medical health treatments and public health programs are helping people live longer than ever before. The generation born after World War II, known as “baby boomers”, now makes up a significant portion of the world population.

In some countries, like the UK, estimates suggest that the baby boomer generation is growing faster than new babies are being born. In the USA, 45% of the population is aged 50 or over. Which means that the average age of the population is steadily increasing.

This is important because there is a common misperception that older people struggle with technology. As a result, most new technology developments are targeted at younger customers.

Why older people don’t use new technology

The reality is that given the right training, older people are perfectly capable of using new technology. The surge in Facebook sign-ups by the over-50s is clear evidence of older people adopting a product that many assume they could not use.

The difference between technology use by the young and old has a relatively simple explanation; almost all new technology is designed for use by younger people. Designers and manufacturers are deliberately ignoring the over-50s when creating new products and services. Quite logically, older people choose not to use products that have nothing to offer them.

Manufacturers are missing a big opportunity

By targeting products at younger people, businesses are actually reducing their potential customer base by almost half. Where products have been designed for older users first, manufacturers have seen sales increase across all age groups.

Take the motion detection system designed by engineers at the Massachusetts Institute of Technology which is specifically designed to “see” when older people have had a fall in their homes. Using wireless signals, the system can monitor a person’s movement in their home, and alert friends and family if they fall over.

This technology is aimed at the elderly, but it has applications in other areas that benefit everyone, like burglar alarms or nanny cams. Again, the issue is not that old people won’t use technology, but that technology explicitly ignores them.

Helping older relatives online

Going back to the example of Facebook, older people have discovered it is a great tool for staying connected to their friends and family. Social networks give them a glimpse of people they don’t see as often as they would like.

As the baby boomer generation “catches up” (and manufacturers begin to create services better suited to their needs), we should expect to see them using more technology every day. But just as they need help to get started, most older people will also need advice about how to use technology and websites safely.

To make the process of training older people in cybersecurity easier, Panda Security has put together a handy guide here – How to protect the elderly online. And you can start protecting them now by installing a free trial of Panda Antivirus Protection on their computer today.

The post Why is technology leaving older people behind? appeared first on Panda Security Mediacenter.

Read More

OnePlus Site’s Payment System Reportedly Hacked to Steal Credit Card Details

oneplus-credit-card-hacking

This year’s first bad news for OnePlus users—a large number of OnePlus customers are reporting of fraudulent credit card transactions after buying products from the Chinese smartphone manufacturer’s official online store.

The claim initially surfaced on the OnePlus support forum over the weekend from a customer who said that two of his credit cards used on the company’s official website was suspected of fraudulent activities.

The only place that both of those credit cards had been used in the last 6 months was on the Oneplus website,” the customer wrote.

Later a good number of users posted similar complaints on OnePlus, Twitter and Reddit forums, saying they also became a victim of credit card fraud.

Many of the customers claimed that their credit cards had been compromised after they bought a new phone or some accessories directly from the OnePlus official website, indicating that the leak might have been through the company itself.

Cybersecurity firm Fidus also published a blog post detailing the alleged issue with the OnePlus website’s on-site payment system. The firm suspected that the servers of the OnePlus website might have been compromised.

OnePlus

According to Fidus, OnePlus is currently conducting the transactions itself on-site, which means that all billing information along with all credit card details entered by its customers flow through the OnePlus official website and can be intercepted by attackers.

“Whilst the payment details are sent off to a third-party provider upon form submission, there is a window in which malicious code is able to siphon credit card details before the data is encrypted,” Fidus wrote.

Fidus went on to clarify that their findings did not in any way confirm that the OnePlus website was breached; instead, they suggested the attacks might have come from the Magento eCommerce platform—which is used by OnePlus and is “a common platform in which credit card hacking takes place.”

OnePlus has quickly responded to the issue on its forum, confirming that it does not store any credit card information on its website and all payment transactions are carried out through its PCI-DSS-compliant payment processing partner.

Only credit card-related information of users who have enabled the “save this card for future transactions” feature is stored on OnePlus’ official servers, but even they are secured with a token mechanism.

“Our website is HTTPS encrypted, so it’s very difficult to intercept traffic and inject malicious code, however we are conducting a complete audit,” a company’s staffer using the name ‘Mingyu’ wrote.

The Chinese smartphone maker also confirms that purchases involving third-party services like PayPal are not affected.

oneplus-credit-card-hacking

OnePlus does not reveal much information on the incident but confirms that its official website is not affected by any Magento vulnerability.

The company confirms that oneplus.net was indeed built on the Magento eCommerce, but said since 2014, it has entirely been re-built using custom code, adding that “credit card payments were never implemented in Magento’s payment module at all.”

There are almost 100 claims of fraudulent credit card transactions on the OnePlus support forums. OnePlus announces a formal investigation into the matter, and advises affected users to contact their bank to reverse the payment.

Skype Finally Adds End-to-End Encryption for Private Conversations

Good news for Skype users who are concerned about their privacy.

Microsoft is collaborating with popular encrypted communication company Signal to bring end-to-end encryption support to Skype messenger.

End-to-end encryption assured its users that no one, not even the company or server that transmits the data, can decrypt their messages.

Signal Protocol is an open source cryptographic protocol that has become an industry-wide standard—which is used in Apple iMessage, Facebook Messenger, Whatsapp, and Google Allo for secure messaging.

Dubbed Private Conversations, the new feature which is about to be introduced in Skype will offer end-to-end encryption for audio calls, text, and multimedia messages like videos and audio files.

“Skype Private Conversations give you enhanced security through end-to-end encryption with an additional layer of security for conversations between you and your friends and family,” the company announced

“Private Conversations can only be between you and one other contact. This is not supported in groups.”

How to Start Skype End-to-End Encrypted Calls and Chats

Private Conversations is already available to the Skype Insider program—a platform that allows Skype users to test new features before they rolled out to the rest of its over 300 million of users worldwide.

To initiate a new secure communication with your Skype contact, you need to tap or click on the (+) icon, select ‘New Private Conversation’ and then select the contact you would like to start the secure communication with.

A Private Conversation will have a lock icon next to your Skype contact’s name. Preview messages from Private Conversations will not appear in the chat list or notifications.

Unlike WhatsApp, end-to-end encryption feature is not enabled by default in Skype and users need to select ‘New Private Conversation’ from the app’s “Compose” menu, or from another user’s profile to initiate a secure communication—it’s like Facebook Messenger’s Secret Conversations, which is also based on of Signal.

Unfortunately, Private Conversations also doesn’t currently support video calling, but this is secured by the standard encryption that Microsoft already provides with its Skype service.

Also, even with Private Conversations enabled, Skype will still be able to access some information (metadata) about your secure communications, like when you initiate them, and how long the conversation last.

Skype Insider users can test Private Conversations using Skype build version 8.13.76.8 for iOS, Android, Linux, Mac, and Windows Desktop.

New wave of phishing emails aimed at stealing Netflix accounts

PandaLabs, Panda Security’s anti-malware laboratory, has detected a massive attack on hundreds of users in the United States and other countries in which hackers are using emails purporting to be from Netflix in order to steal user account passwords.

The phishing attack uses a fraudulent email with the subject “Notice – Document”, followed by a sequence of numbers such as “941-4259”. The email, which does a good job of impersonating an actual email sent by Netflix, asks victims to validate the login credentials they use to access the platform.

However, the link displayed does not takes users to the Netflix website, but to a fraudulent page.  The worst thing about this attack is not the fact that it may allow the attackers to use the stolen data to watch movies and TV shows for free, or sell the accounts to others so they can enjoy free audiovisual contents at your expense.

 

“The real threat lies in the fact that these criminals are selling the stolen passwords indiscriminately on the black market, which may lead to further, large-scale attacks, as many users use the same access credentials for different services and other hackers could use them to break into their email or social media accounts. There is no doubt that these attacks are masterminded by cyber-crime gangs going after people’s money,” explains Luis Corrons, Technical Director of PandaLabs.

Three easy ways to detect the Netflix phishing attack

First, take a look at the email subject. Since the email has been supposedly sent by the Marketing or Sales Department of a reputable company such as Netflix, you would expect its subject line to be a meaningful text related to its content.

That’s not the case here. If you receive an email from Netflix or any other service, free or paid, with a vague or unintelligible subject line, be wary and run an antivirus scan.

Second, the message is written in English. If you live in a non-English speaking country, this is highly suspicious unless you have set your Netflix Communication settings to receive all communications in English. Also, we recommend that you check the URL displayed on your Web browser’s address bar to make sure it doesn’t show a dubious domain name.

Finally, the second paragraph in the email reads as follows: “Failure to complete the validation process will result in a suspension of your Netflix membership.” This type of text aims at triggering a quick reaction from the victim, rushing them to update their access credentials.

However, that message is too aggressive to appear in a commercial communication, and it is highly unlikely that a reputable company such as Netflix cancels a user subscription because of a problem with their platform.

The post New wave of phishing emails aimed at stealing Netflix accounts appeared first on Panda Security Mediacenter.

Read More

Top 8 cyber-security mistakes in Star Wars

The Death Star is the easiest-to-hack infrastructure in the entire universe

If the Galactic Empire from Star Wars had had just a basic knowledge of cyber-security, the popular saga would have had the same duration as a 10 or 15 minute short film instead of three trilogies.

This is because the security measures implemented by the Death Star, and the action protocols used by the stormtroopers, are so poor that instead of sending out a group of Jedi Knights with lightsabres, a single hacker with basic computing knowledge would have been enough to defeat Darth Vader’s army and the Emperor.

What’s more, if a CISO had been on board of the Death Star, they wouldn’t have needed lightsabres or laser blasters to defend themselves from such intruders as Luke Skywalker, Obi-Wan Kenobi, Han Solo or Chewbacca. The elderly character portrayed by Alec Guinness would never have been able to deactivate the tractor beam that captured the Millennium Falcon, nor would R2-D2 have been able to find the cell where Princess Leia was imprisoned.

Since the Stars Wars saga is too long to be analyzed in a single post, we’ll focus our attention on the first installment of the original trilogy: Stars Wars: A New Hope.

Anti-spoofing protection failures

The cyber-security flaws affecting the Galactic Empire are not just in the Death Star. The Imperial stormtroopers can be considered the weakest link in the entire Empire cyber-security chain. Unfortunately, this is not science fiction, as the same happens in the real world. In any organization, people are the most productive attack vector used by hackers.

The scene in Mos Eisley in which Obi-Wan uses a mind trick on a group of stormtroopers to allow him and Luke Skywalker access to the village is a clear example of this. Had the Galactic Empire had an ‘anti-spoofing system for neural networks’, the elderly Jedi and his apprentice would have never gone beyond that point.

Remember that the term ‘spoofing’ refers to a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver.

Wrong network segmentation

As soon as our heroes arrive at the Death Star and get passed the stormtroopers that watch the landing bay where the Millennium Falcon is located, they sneak into a control center where there is an access point to the battle station’s main computer.

Without hesitating for a moment, Obi-Wan orders the droids to connect to the computer, because from there they will be able to “access the entire Imperial network.” This would have never happened if the bad guys had segmented their network correctly.

Access by ‘malicious dongles’ allowed

Although the term ‘dongle’ is little known among the general public, we all are familiar with those small pieces of hardware that we connect to our smartphone or PC to provide it with additional functionality. A dongle, for example, is that small antenna you plug into your computer’s USB port to receive the signal of your wireless mouse. They are also very common with Apple devices, for example, in order to connect a Mac to a TV via an HDMI cable.

On the Death Star, R2-D2 uses his small gyroscopic arm as a dongle to connect to the Imperial network. This way, the good guys get all the information they need to attack the system and find Princess Leia. A security system that prevented unauthorized devices from connecting to the network would have been enough for Darth Vader to stop his daughter from being rescued.

Lack of document security and encryption

While Luke Skywalker and his friends are still hiding in the Death Star control center, we see another major cyber-security mistake. Once R2-D2 manages to access the Galactic Empire’s computer network, he gets the space station’s blueprints without difficulty.

Given that this information is so critical for the security of all the inhabitants of this gigantic artificial planet, you would expect that, at least, access to those files would be password-protected.

Also, it would have been advisable to encrypt all of those documents to protect them from prying eyes.

Lack of physical barriers

Nor does it make much sense to see the tractor beam control unit on board the Death Star with such poor security. Obi-Wan Kenobi manages to access the console and turn off the device without problems, in order to allow Han Solo’s and Chewbacca’s ship to escape. If only the architects who designed the battle station had put a door in front of the controls, it would have been much more difficult for the Jedis to escape.

Need for better action protocols in the event of a security incident

Luckily for Luke, Han and Chewie, the stormtroopers don’t have an adequate action protocol to follow in the event of a security incident. Any company in the real world that stores valuable information or materials (we are not aware of any company that is holding a galactic princess captive in its basement), would have responded much more effectively to the attack launched on the Death Star’s dungeons.

It is unbelievable that so much time passes between the time when Han and Chewbacca destroy all surveillance cameras in the detention center, and the time when someone finally realizes that there is something wrong and decides to send troops to put the situation under control.

Top executives are not very receptive to the CISO’s advice

If the Death Star were an organization in the real world, Admiral Wilhuff Tarkin, who is responsible for supervising the operation of the battle station, would be the General Manager. Despite knowing all the intricacies and potential of the gigantic ship, it is really surprising that he pays absolutely no attention to any warnings regarding security risks.

At the end of the movie, when the Rebel Alliance’s X-wing squadron is attacking the Death Star, a member of the battle station’s crew – equivalent to a CISO or a member of the IT security team in a real-world organization – warns Tarkin of potential vulnerabilities. Had the Admiral been more receptive to these cyber-security recommendations, he would have evacuated all personnel from the space station.

No patch management policies

Nevertheless, the most serious security mistake affecting the Death Star is the vulnerability found and exploited by the rebel forces in order to destroy it. This is a tiny space, only 2 meters wide, which Luke Skywalker fires at, blowing up the Death Star.

However, a few minutes before the young Jedi fires his proton torpedoes, the Death Star engineers also discover its one fatal flaw. Had they installed a security patch, the Galactic Empire would probably still be ruling the Galaxy.

Reality vs fiction

“This is one more example in which parallels can be drawn between fictional and real-life situations,” states Hervé Lambert, Global Retail Product Manager at Panda Security. “Almost any connected device is susceptible to hacking and reprogramming for shutdown or for any other purpose other than the intended one. Device and/or program developers must be aware of this and reinforce security protocols.

The bad guys’ goals have changed, their techniques have become more sophisticated, the attack vectors have multiplied, and their tools are more precisely designed. Attackers are meticulously studying their victims to adapt their strategy and achieve the greatest possible impact.
The efficiency, effectiveness, and profitability of the real world’s dark side are proven time and again, and we must be vigilant to implement the mindset shifts and strategies required to achieve the highest levels of security.”

Download your Antivirus

The post Top 8 cyber-security mistakes in Star Wars appeared first on Panda Security Mediacenter.

Read More

Meltdown and Spectre, behind the first security hole discovered in 2018

The security flaw affects virtually every operating system, in particular those based on Intel, AMD and ARM processors.

2018 could not have had a worse start from a cyber-security perspective as, yesterday, a major security hole was found in Intel, AMD and ARM processors.  The critical flaw discovered in the affected computers’ architecture and operating system has rocked the technology industry, and developers around the world have rushed to roll out fixes.

The vulnerability, leveraged by the Meltdown exploit on Intel systems, is particularly worrying as it can lead to exfiltration of sensitive data such as login credentials, email messages, photos and other documents. It enables attackers to use a malicious process run at user level on the affected workstation or server in order to read other processes’ memory, even that of high-privileged kernel processes.

The flaw can hit home users and virtually every company, as Spectre affects all kinds of computers: desktops, laptops, Android smartphones, on-premises servers, cloud servers, etc. The more critical information handled by a potential victim, the greater the risk to suffer the attack.

Microsoft and Linux have already released updates for their  customers security. We’d like to inform our customers and partners that the tests carried out by Panda Security show that there are no compatibility conflicts between our endpoint security solutions and Microsoft’s security update.

At present, there is no evidence of public security attacks leveraging the flaw, but judging from past experience, it is not at all improbable that we may witness an avalanche of Trojans and spam campaigns attempting to exploit the vulnerability.

How to mitigate the vulnerability

Newer generation processors are not affected by the flaw, however, replacing all vulnerable systems is not a viable option at this time.

For that reason, the only possible countermeasure at this stage is to mitigate the vulnerability at operating system level. Microsoft and Linux are working on or have patches ready that prevent the exploitation of this hardware bug, with Linux being the first vendor to release a fix.

Microsoft, which initially planned to include a patch in the security update scheduled for Tuesday January 9, released a fix yesterday that is already available on the most popular operating systems and will be gradually deployed to all other systems. For more information, please visit this page.

It is worth mentioning that Microsoft’s security patch is only downloaded to target computers provided a specific registry entry is found on the system. This mechanism is designed to allow for a gradual update of systems coordinated with security software vendors. This way, computers will only be updated once it has been confirmed that there is no compatibility issue between the patch and the current security product.

Technical Support

For more information, please refer to the following technical support article . There you will find detailed information about the Microsoft patch validation process, how to manually trigger the patch download, and the way our products will be gradually updated to allow the automatic download of the new security patch just as with any other update.

We’d also like to encourage you to find detailed information about Microsoft’s security update and the potential impact it can have on desktop, laptop and server performance.

Finally, Microsoft, Mozilla and Google have warned of the possibility that the attackers may try to exploit these bugs via their Web browsers (Edge, Firefox and Chrome), and that temporary workarounds will be released over the next few days to prevent such possibility.  We recommend that you enable automatic updates or take the appropriate measures to have your desktops, laptops and servers properly protected.

Cyber-Security recommendations

Additionally, Panda recommends that you implement the following best security practices:

  • Keep your operating systems, security systems and all other applications always up to date to prevent security incidents.
  • Do not open email messages or files coming from unknown sources. Raise awareness among users, employees and contractors about the importance of following this recommendation.
  • Do not access insecure Web pages or pages whose content has not been verified. Raise awareness among home and corporate users about the importance of following this recommendation.
  • Protect all your desktops, laptops and servers with a security solution that continually monitors the activity of every program and process run in your organization, only allowing trusted files to run and immediately responding to any anomalous or malicious behavior.

Panda Security recommends all companies to adopt Panda Adaptive Defense 360, the only solution capable of providing such high protection levels with its managed security services. Discover how Panda Adaptive Defense 360 and its services can protect you from these and any future attacks.

Customers using our Panda Security home use solutions  also enjoy maximum protection as they feed off the malware intelligence leveraged by Panda Adaptive Defense 360, as shown in the latest independent comparative reviews. The protection capabilities of Panda Security’s technologies and protection model are demonstrated in the third-party tests conducted by such prestigious laboratories as AV-Comparatives.

How do these vulnerabilities affect Panda Security’s cloud services?

Cloud servers where multiple applications and sensitive data run simultaneously are a primary target for attacks designed to exploit these hardware security flaws.

In this respect, we’d like to inform our customers and channel partners that the cloud platforms that host Panda Security’s products and servers, Azure and Amazon, are managed platforms which were properly updated on January 3, and are therefore protected against any security attack that takes advantage of these vulnerabilities.

What effect do these vulnerabilities have on AMD and ARM processors?  

Despite the Meltdown bug seems to be limited to Intel processors, Spectre also affects ARM processors on Android and iOS smartphones and tablets, as well as on other devices.

Google’s Project Zero team was the first one to inform about the Spectre flaw on June 1, 2017, and reported the Meltdown bug before July 28, 2017. The latest Google security patch, released in December 2017, included mitigations to ‘limit the attack on all known variants on ARM processors.’

Also, the company noted that exploitation was difficult and limited on the majority of Android devices, and that the newest models, such as Samsung Galaxy S8 and Note 8, were already protected. All other vendors must start rolling out their own security updates in the coming weeks.

The risk is also small on unpatched Android smartphones since, even though a hacker could potentially steal personal information from a trusted application on the phone, they would have to access the targeted device while it is unlocked as Spectre cannot unlock it remotely.

Apple’s ARM architecture chips are also affected, which means that the following iPhone models are potentially vulnerable: iPhone 4, iPhone 4S, iPhone 5 and iPhone 5C. Apple has not released any statements regarding this issue, so it is possible that they managed to fix the flaw in a previous iOS version or when designing the chip.

As for the consequences and countermeasures for AMD processors, these are not clear yet, as the company has explained that its processors are not affected by the Spectre flaw.

We’ll keep you updated as new details emerge.

 

The post Meltdown and Spectre, behind the first security hole discovered in 2018 appeared first on Panda Security Mediacenter.

Read More

Have scientists just invented a vaccine against fake news?

The issue of fake news hasn’t been far from the headlines since Britain voted to leave the European Union, and Donald Trump was elected the 45th President of the United States. These unexpected outcomes have been blamed, in part, on “fake news” circulating on social media sites like Facebook.

There are two problems with fake news. First, it is almost completely untrue, like claims that Pope Francis had endorsed Donald Trump for President. Second, these fake stories aren’t seen by everyone – just the people who the Facebook/Twitter news algorithms identify as the most likely to read them.

The real problem is that not everyone can tell the difference between fake and real news. Surprisingly, young people growing up in the Internet era seem least able to spot a fake news story.

Scientists think they may have an answer

Having investigated the phenomenon, researchers believe they may have developed a ‘vaccine’ against fake news. Their experiments found that people who are shown real news, followed by a fake news story were much more likely to accept the lies they saw second.

But if the “true” news story referenced fake news and warned about its untrustworthiness first, fewer people were tricked when they came to read the second. The research team now believes that by calling out fake news first, people won’t be fooled when read lies at a later date.

No protection is fool-proof

Obviously there are a few problems with this proposed vaccine. First, story writers must be aware of the details of fake news stories before they can write their own. Which makes writing news even harder than it already is.

Second, the exact same “vaccine” can be used by used by fake news outlets to make their own stories even more credible. Presenting a fake story and discrediting the truth in it could have a similar effect on readers – particularly if they encounter the lies first.

Don’t trust everything you see on social media

The proposed vaccine may help to limit the spread of fake news, but it will never eradicate it completely. Instead we all need to take some responsibility for training ourselves to spot the lies that are published online. We can start by being more sceptical about the popular stories appearing in our timelines until they are checked against a reputable news source.

In fact, Facebook published 10 tips for spotting fake news – and they work very well. By learning to verify the news we read ourselves, the vaccine may become irrelevant.

It is also worth remembering that fake news is often about more than fooling people and influencing their thinking. Fake news sites have been known to host malware that infects computers, stealing personal information, or demanding a ransom after encrypting their data.

Fortunately there is a proven vaccine for fake news-related malware – Panda Security Antivirus. This comprehensive anti-malware kit may not stop you being fooled by fake news – but it will stop your computer being infected.

Download your Antivirus

The post Have scientists just invented a vaccine against fake news? appeared first on Panda Security Mediacenter.

Read More

Global smartphone use: 2018 trends

Figures quoted by the TechRadar technology news website suggest that nearly one-third of the people on Earth now use a smartphone. As you would expect, well developed countries in North America and Europe have the highest overall levels of ownership. Globally, Denmark leads the way; more than three-quarters (77%) of the general population own a smartphone.

So what does 2018 hold for the smartphone market?

Here are 5 things to keep an eye out for:

1. Screens will get larger

When the first iPhone was released in 2007, smartphones all looked very similar – most had screens around the 3.5” mark. As people have begun to use their phones for watching videos and browsing the web however, screen sizes have increased dramatically. The latest iPhone X has a 5.8” screen, while the Samsung Galaxy Tab has a massive 6.3” wraparound screen.

During 2018, we expect to see more people choosing devices with larger screens. We also expect more manufacturers to follow the trend for edge-to-edge screens.

2. The developing world will see the largest growth in ownership

Pretty much everyone who wants a smartphone in Europe and North America now owns one. The market has effectively reached saturation point, so the only sales of new devices go to people upgrading or replacing their existing device.

Future growth will come in developing countries like India, China and Vietnam. eMarketer is predicting sales volume increases of nearly 20% in these countries during 2018.

3. More people will get online for the first time

The cost of smartphones continues to fall, making low-end handsets available to even more people – which is why there will be massive market growth in 2018. For most new smartphone owners in developing countries it will be the first time they have ever had direct access to the internet.

The smartphone will be these peoples’ primary computing device too – most will not have a home computer, laptop or tablet. Everything they do online will be using their phone.

4. AR will finally take off

The release of ARKit with Apple iOS11 is set to revolutionise the way we access information about our surroundings. Known as ‘Augmented Reality’ (AR for short), apps can use the smartphone camera to overlay graphics and data on your screen, providing a digital ‘layer’ to your surroundings.

The technology has been around for a few years, but with Apple’s support, AR will go mainstream very quickly. Some apps, like Pokemon Go, have already been updated to show game characters interacting with the world around the players.

5. We will see more mobile malware in the wild

Although a boost in the number of smartphones is good news for the people using them, it also means that cybercriminals will ramp up their attacks on mobile platforms. There have already been a number of mobile malware related incidents in 2017, and we expect to see them increase in frequency over the next year.

No matter where you are located, or how many years you have been using a smartphone, we strongly recommend downloading a security app like Panda Mobile Security that can protect you against mobile malware. The low annual fee is a useful insurance policy against attacks.

Ready for more in-depth predictions? Check out our 2018 Cybersecurity Trends Report.

The post Global smartphone use: 2018 trends appeared first on Panda Security Mediacenter.

Read More

Facebook Messenger Kids: Is it safe?

Facebook has always required users to be aged 13 or older before signing up for an account, placing services like Messenger and Instagram out of reach for most middle school children. Laws regarding data collection and advertising to children means that Facebook cannot easily make money from youngsters – so it has always been easier to simply block access.

Despite having more than 2 billion users worldwide, Facebook has struggled to get more people to sign up. More concerning still, for (Facebook management anyway) has been the fact that young people are deserting the platform for alternatives like Instagram and Snapchat. Something had to be done to help bring younger users back into the ecosystem.

Facebook Messenger Kids makes an appearance

In the last few weeks we have seen the roll-out of Facebook Messenger Kids, the first product ever aimed at “under age” children. Facebook claims the app is to help families and family friends stay connected, providing a safe space for group chats and video calls. (It’s also a very useful way to bring people into the Facebook platform younger).

The app is very much like the standard Facebook Messenger platform, and under-13s will now be able to chat with other users – with a few restrictions.

Facebook Messenger Kids does not require a full Facebook account for instance. You don’t even need to supply a phone number. Instead a parent downloads the special kids’ messenger app onto their child’s tablet/smartphone and logs in with their Facebook account to create a profile for the child.

Once set-up, parents will see a new bookmark in their own Facebook account that shows contacts associated with Facebook Messenger for Kids.

A reduced risk of grooming

Importantly Facebook Messenger Kids is a “closed” network, so random strangers cannot contact them – they do not appear in Facebook searches for instance. Instead, every new contact must ask permission to connect – and only parents can approve the request. Each request will appear on the parent’s Facebook account, so they can immediately block strangers or anyone who looks suspicious.

It is impossible for anyone you don’t know to message – or even find – your kids on Facebook. The chat network also uses intelligent content filtering to identify (and block) inappropriate content, adding a further layer of protection for your kids.

Parents still need to be alert

Although parents must approve every contact request, there is a very real risk that strangers and criminals may create fake profiles with the specific intention of gaining access to your kids. You should check each and every connection request very carefully to ensure that no imposters sneak through. You should also talk with your children as they use Facebook Messenger Kids to ensure they know what to do if someone says something inappropriate, or which makes them feel uncomfortable.

The other consideration is how Facebook use your personal data. It is claimed that Facebook Messenger Kids does not collect information from your chat sessions for profiling purposes. They may use other data however, particularly about your contact list, to begin building a profile for use in advertising campaigns. That way when your kids do reach 13 and upgrade to a full Facebook account, the network can start targeting ads more effectively from day one.

Ultimately, parents need to decide whether they want the hassle of checking every contact request – and whether they really want to bring their younger children into the Facebook ecosystem. Although Facebook Messenger Kids is undoubtedly safer than other unfiltered messaging apps like Kik and Snapchat, parents may feel that plain old SMS text messaging and iMessage are just as good.

Facebook Messenger for Kids is available for download from the Apple App Store now.

The post Facebook Messenger Kids: Is it safe? appeared first on Panda Security Mediacenter.

Read More