How safe is to use Zoom?

Our lives have changed and become home-based due to the virus outbreak. Now personal trainers, instructors, educational establishments and even big corporations are using Zoom for meetings and conferences.  No wonder that experts are disputing how safe it is to use the software.

How good is Zoom?

Zoom’s daily users reached 200 million just over the past weeks and most people seem to be satisfied with services provided. Despite that, recently Zoom’s privacy policy was criticized for collecting user’s data like notes and transcripts that might be used for the profit. Later Zoom clarified they don’t use data for advertisement, but do use the data from Zoom’s marketing websites. 

Zoom application

Another feature of Zoom is data mining, which automatically matches e-mail addresses to LinkedIn profiles when signed in, even if you chose to be anonymous or used a pseudonym. As a result, if another person in the meeting was a Sales Navigator subscriber, he could access the LinkedIn profiles of those he was talking to in Zoom meetings. Later Zoom permanently removed this function.

End-to-end encryption was also an issue while disputing Zoom. As a result, on April 1, Zoom has published an update that while the meeting is not being recorded and all meeting participants are Zoom clients, all video, screen sharing and other content is encrypted and is not decrypted until reaching the receiving client.

Besides, the Waiting Room feature was created in order to avoid cybercriminals to access unprotected meetings and broadcast inappropriate material. The Waiting Room feature is requiring a password to access Personal Meeting in order to prevent unwanted participants in your meetings and conferences.

 To use or not to use?

Zoom has become a lifesaver in the period when everything has become remote. You can use it for casual meetings, yoga sessions, educational purposes, and other social events. Its security level is sufficient for those purposes. As for meetings where you share any sensitive information, you might consider other services like Wire or Jitsi.

Hello VPN wishes you to stay safe and secure on the Web!

Malware named “Corona Anti-Virus” has been discovered recently

The world is experiencing hard times right now and while this stage is full of fear and panic for people, some see it as a good way of propagating and earning money.

Attention! Cybercriminals are using Covid-19 outbreak for their own advantage. There are various kinds of scams and tricks used to make people install malicious software.

Corona Antivirus- world's best protection
Image: Malwarebytes

“World’s best protection” website?!

The latest website that turned out to be a scam was advertised as “Corona Antivirus World’s best protection”. It sounds like nonsense,  but the website is supposed to protect users from the real Coronavirus infection. To make things more absurd, the creators of the malware attached a note stating

Our scientists from Harvard University have been working on a special AI development to combat the virus using a windows app. Your PC actively

The newly discovered malware was discovered by Malwarebytes and many more are popping out. Malware, phishing attacks, trojan horses are aimed to breach your security on the Web and to get control over your PC, steal save passwords, take screenshots, etc.

How to stay safe on the Web?

Now it is the time when people mostly work remotely from home. That is why being extra cautious is critical. Do not download from unknown websites and stay alert when instant pop out messages appear on your computer.

If you want to learn more about cyber hygiene, you can read our article on How to be absolutely secure on the Web. 

Hello VPN wishes you to stay safe and protected at any time anywhere!

A list of the most common passwords in 2019

Every time people need to create a new password, here comes the question: what password will keep me safe and unhacked? Traditionally, SplashData has announced the most-used passwords people have chosen in 2019. Let’s take a look at them.

Most-common and worst  password in  2019

In order to prevent your accounts from hacking, strong passwords, that will be hard to guess but easy to remember are required. Weak passwords making it easy for cybercriminals to intrude and steal your information

What is your password?

SplashData has revealed the most-used and the worst passwords of 2019. The first place took “123456”, the same story happened last year. The second place went to “12345678”, among other passwords were: “qwerty”, “password”, “iloveyou”, “123123”, “donald”, “666666”, “dragon”, “654321” and others.

Most-common and worst  password in  2019
Image: SplashData

According to the above mentioned, people don’t combine letters with upper cases and numbers to create a strong, hard-to-hack password. Whenever the password is easy to get or you use the same password for different accounts creates danger for your data.

Take care of your privacy


In case you have found one of your passwords among the list, you might consider changing it. You can use password manager or KeePass to keep your passwords safe and not worrying about forgetting any of them. 

Find more information on how to stay secure on the Web here.

Russian hacker Maksim Yakubets wanted for cyber crime’s activity

Russian citizen Maksim Yakubets, aged 32, has been accused of distributing banking malware, that helped him steal more than $100 million from 300 banks in 40 countries. Russian hacker is also known for leading cybercriminal network “Evil Corp” and a $5 million reward is waiting for any information that will help to capture Yakubets.

cybercrime

How did the Evil Corp managed to steal $100 million

Prosecutors claim that Evil Corp’s focus for the last 10 years was financial organizations in the U.K and the U.S. The cybercriminal network has created a malicious software-malware Dridex, which Yakubets and other members of Evil Corp were spreading via phishing attacks and ransomware. Their target audience (financial workers) were letting the malware in by clicking the email.

Yakubets has been accused of spreading the “Zeux malware” before to get banking information. The losses from Zeux  were estimated at $70 million. 

cybercrime

Who else is involved 

In total 17 members of cybercriminal network Evil Corp joined the blacklist. Igor Turashev, Denis Gusev and others are believed to be involved in multiple cybercrimes. Both Yakubets and Turashev were charged in Pittsburgh and Nebraska for bank fraud and computer hacking.

$5 million for a cyber criminal

$5 million reward was announced for any information that would lead for capturing Maskim Yakubets. It’s worth mentioning, that $5 million is the highest amount of money that has ever been offered for a cyber criminal.

As a reminder Hello VPN suggests you to secure yourself by recognizing phishing attacks and using VPN coverage

Everything you need to know to stay secure on the Web is here

How to recognize that your phone has been hacked

Not only your PC can be hacked these days, but your phone as well. Sometimes phones contain as much personal information as the computer itself. That’s why it makes a good target for hackers to get your data and sensitive information. Hello VPN has prepared some tips on avoiding the threat of being hacked.

Phone, security on the Web

First things first! How can your phone be hacked?

Usually while downloading apps from non-official resources causes downloading malware. Malware is a malicious software that damages your phone or computer. Malware can be presented as a virus, trojan horse, spyware, SMS-malware, adware and others. 

You should pay attention if:

  • Your phone’s battery significantly decreased. The malware might be using your phone to transmit your data to third parties, which causes extra battery usage;
  • Adware presence. Pop-up messages, which is hard to close and which redirect the user to other websites;
  • Sometimes your phone might freeze or crash unexpectedly, which is one of the signs of malware presence.
Phone, security on the Web

How to protect your mobile device from hacking

This way or another, cybercriminals find their way to invade and steal your sensitive information. To prevent it from happening, you should use a VPN coverage while browsing the Web. 

  • Among other things, VPN service provides end-to-end encryption, meaning your private conversations stay confidential. 
  • Don’t connect to free WIFIs in hotels, coffee shops or elsewhere, because it may lead to information leakage and malware invade as well.

Follow these simple steps and be secure on the Web! 

How to protect yourself from BEC attacks

BEC is a sophisticated way of phishing attacks, which does not include only email phishing, but tends to attack social media, mobile devices, etc. Cybercriminals go on targeting global companies with more advanced technologies than ever. How to recognize and protect yourself from BEC attacks?

The definition of BEC

BEC stands for Business Email Compromise. BEC is a method, which is used by criminals to hack emails of big organizations/companies, contact employees by pretending to be CEO or someone well-known in the company. There are different schemes but the most common case is when cybercriminals emailing a person in charge of wire transfer and ask to deposit the money.

BEC’s target companies

According to Gulfnews cybercriminal targeting different industries and their customers globally. The focus industries are high-tech, financial services, e-commerce and media. Their objectives are the biggest world’s brands like PayPal, Dropbox, Microsoft, DHL. 

How to identify and prevent BEC attack

Cybercriminals are using different tactics to find the right person to scam. The first alarm is noticing suspicious words like “urgent”, “payment”, “requested”. The next step is to check the sender’s email address and forward the message, so the address would be double-checked before you reply. The other technique is creating a unique domain for the company’s mailbox instead of using online emailing services.

Ransomware or BEC is a very significant cybercrime threat. According to Trendmicro companies lost in total 140,000 USD in 2016 due to such attacks. That’s why neglecting any kind of suspicious activity on your PC or in particular emails or messages, requiring to transfer a certain sum of money, might be dangerous. So beware! You should also join a training course or an educational program (if there is any in your company) on how to detect this kind of threat.

How Can I Change my IP Address?

The “IP” shortening means Internet protocol. The “address” is a unique number of digits that connects to all your activity. To make it more simple, IP address is  the individual address that ensures: the information you requested is routed back to you! But what are the ways to change my IP address?

The reasons WHY

Your motives for borrowing a different IP address might vary from accessing blocked content and avoiding Web snooping to bypassing bans and changing your geographical location. You can use the next options to change your IP address, let’s take a look at them.

Location change

When you are home, your IP address connects to your home router, therefore all the devices are assigned with your “home” IP address. When you are at the office Your IP address is not traveling with you and you will be assigned a new one. Whenever you connect to a different WIFI your location at the same time will change. How does it work? You are just using a workplace network IP address while you surf the Web.

VPN coverage (the safest way)

Virtual private network usage has many perks and one of them is IP address change.  When activating VPN you hide your public IP address and VPN client  provides you private and secure Internet connection. The new IP address assigned to you hides your location. So you can still be in your home country, but explore the Web as if you are somewhere else! Among other things, VPN provides high bandwidth, safe connection and protects your vulnerable data from leaking, prevents data tracking and digital footprint.

Modem Reset

Besides the above-mentioned options, you can reset your modem to get your IP address changed. Unplug your modem, wait 30-40 seconds and plug it back. Your modem will register with a new IP address.

What is phishing attack and its prevention

Phishing is a technique that is used by Internet criminals to steal information. As a cyber attack phishing uses email as a tool to make the recipient think the information they receive is real. The easiest way to prevent such attacks is to identify phishing among your daily correspondence.

Recognize phishing

Phishing attacks usually appear to be a cloned website of a legitimate one (banks, well-known organizations and companies, that the recipient might have business with. Emails are sent with generic greeting, so hackers won’t need to type the names of everyone they target and they ALWAYS require you to enter sensitive information. Besides, the URL address of such fake emails will contain mistakes, which is an identification that it’s simply an imitation of a trusted website.

Phishing is one of the oldest ways of cyber attacks. The first attempts of phishing are dated back to 90th. It still remains the most simple way of stealing data and in the meantime the most effective.


The main types of phishing attacks


Phishing may appear in different forms. Except for email phishing scams there are:

  • Spear phishing (someone may get information about one of your colleagues and require personal data from you on behalf of his name)
  • Pop-up warnings (when you see a small ad while browsing, that is hard to close/ clicking it by accident may result in downloading malware or Trojan horse)
  • SMS phishing (like in email phishing, a recipient gets a fearful message requiring to visit a website or dial a phone number) 

Security tips


In case you became a victim of phishing activity:

  •  You have to change all your passwords-protected websites and update your accounts;
  • Call your bank manager to report that your passwords and other sensitive information have been hacked;
  • Run effective antivirus software to indicate and neutralize malicious programs on your computer.  

Conclusion

Phishing continues growing its popularity among cybercriminals. It’s working and the methods are getting more sophisticated than ever. That’s why you should keep an eye out: got an email that looks unusual, with an immediate call to action? – Be suspicious! Download new versions of antivirus software that would increase your security on the Web. And remember that real organizations don’t ask for your billing information. Most likely it is a phishing attack.


How to avoid information leaking over public WIFI

We have been consistently warned about how insecure public WIFI is. But is it really that dangerous to connect to free WIFI in your favorite coffee shop? If so, how can your information be stolen? How to prevent it from happening? In this article we are going to unveil potential information security problems in public WIFIs, stay tuned!

In average people seem “to trust” public WIFI in hotels, shopping malls, restaurants and airports. After all, we became obsessed with getting access and stay connected. And of course, public WIFI is free and it’s more convenient than mobile data.

VPN for Public WIFI

What’s the problem with public WIFI

The problem may emerge when you connect to a free wireless network, and your traffic intercepts by somebody else, meaning, the websites you visit and information that you exchange, becomes transparent to others. Let’s see how it works using an example. Imagine sitting in an airport, meaning no harm, and you connect to Airport_wifi_free. In most public places the system asks your authorization to access the network (your full name, mobile number and e-mail). The system remembers your information so the next time you won’t need to redo the same algorithm. So, after you enter your personal information, connect to Wi-Fi, watch something, browse something and then you disconnect and leave.  

How your information gets stolen

At the same time with you accessing Airport_wifi_free, there might be someone who intends to interfere with your privacy. Hacker, who has got a laptop, wifi-adapter and lets say aircrack-ng, can easily “pretend” to be you and use your MAC address. After that, already authenticated device sends a key and hacker can do business on behalf of your name. And that can be anything: access your mailbox, getting passwords from your accounts and doing something, that considered breaching the law.

Threat Protection

What are the ways to prevent your data from being transmitted:

  • You should always check if the URL address using HTTPS protocol. In case your data has been transmitted, it would be impossible to decipher it due to strong encryption.
  • Never download files that are looking suspicious.
  • Enable the function of automatic connection to public networks.
  • Use a credible VPN provider to secure your information.

Let’s conclude

It’s worth mentioning one more time, that you data is not safe without any level of protection. Safety of the information you enter can be protected with Hello VPN, so you can be assured nothing gets stolen. Browse and download with a strong security level. Hello VPN will encrypt all your sensitive data with effective IP coverage.