Watch for Dangerous Ransomware in Attachments and Links

Watch for dangerous ransomwareMalware and ransomware attacks are nothing new. But tactics are evolving. Platforms once thought impervious, like Mac computers, are now being targeted along with our smartphones and tablets.

Clever New Scams

The old Nigerian bank scam is joked about today. But hackers are using new ruses that are not really any more clever, just maybe unexpected. Common scam messages today may appear to be a shipment tracking notification for something you didn’t order or a prompt to contact customer support about a problem with your computer or software.  They really only need a small fraction of the recipients of their baited phishing messages to click naively or accidentally on one of their link traps.

Your Data is More Tempting than You May Think

Many people assume the information on their personal devices is not really valuable to hackers. But how valuable is it to you? And is there data or an access point there that could compromise your employer?

Ransomware is on the rise. Hackers can gain access and lock you out of your smartphone demanding you pay to have the device unlocked or the data decrypted. Unfortunately, even if the hackers are paid, their decryption tools are usually unreliable (they spend more time perfecting the attack than the fix!) and, even if you regain your data, you’ve just let them know you’re a great target to try again. Such ransomware attacks and evolving malware tools are used to compromise the computers, tablets, and phones of individuals and businesses alike.

Once your device has been attacked with malware or, especially ransomware, you’ve lost.  It is not fun trying to recover data infected with malware and it is often not possible or even advisable to try to recover data held hostage by ransomware.  So prevention is the key.

March Security Tip

Watch File Extensions in Emails and Even Texts

Nefarious files linked or attached to dangerous emails and texts are often .exe files, sometimes hidden within .zip folders, or are identified by another unfamiliar extension. Unless you are familiar with the attached files type (and/or the sender), be wary of any link or file name that ends in an extension that you do not recognize.

Many email platforms, like Microsoft Outlook, will automatically many dangerous types of files from appearing in your inbox.

Your computer may also be set to hide some file extensions from you.  This is a setting simply designed to declutter your user experience but it could potentially hide a red flag that could save you from the hassle or damage of an attack.

To be safe, you can turn this setting off in settings.

  1. Go to Settings and then search “folder options.”
  2. Click on “Change search options for files and folders.”
    ransomware 1
  3. Beransomware 2hind the “View” tab, uncheck the box “Hide extensions from known file types.” Click Apply and OK.

Use Anti-Virus and Anti-Malware Tools

It is always important to use good (not necessarily expensive) anti-virus and anti-malware tools and to keep those tools updated to be ready for the latest, newly discovered attacks.

Back Up Devices Often

And your best defense against ransomware is to back up your data often and to keep several backups at all times. Do not simply overwrite the last backup with the next. If you are backing up your data regularly, you could backup several times (actually backing up the dangerous malware) before you realize your device is infected. Also do not store backups on the same system. If that system or network has been infected, current and backed up data could be compromised together. The safest backups are maintained offline or off the network. At work, this arrangement is concern for your IT team. For personal use, it may be wise to backup mobile devices to a laptop that is then backed up to an external drive or cloud service. If you are the victim of ransomware, the best and only real option is to be able to restore yourself.

Share this Security Tip

We find that the most effective security awareness training happens over time, not in one long (boring) annual meeting. We provide sharable tips like this every month to help companies provide critical security training in fun, easy reminders.  Use this month’s security tip to share these tips for avoiding malicious attacks with colleagues and friends.

Four Ways to Share this Tip

Smartphone Privacy and Security Tips

  1. Social Media: Share this article on social media.
    Share on TwitterShare on LinkedinShare on Facebookpace
  2. Email: Share this article with your colleagues.
  3. Print: Post this tip in your break room for employees to see.
  4. Newsletter: Download this full image to be included in your next internal employee newsletter. There is also a smaller image here that may fit better in your newsletter format.

We only ask that you use the images intact and unaltered. Thank you.

Hospitals and healthcare companies have been increasingly targeted by ransomware attacks. We are also seeing the proliferation of these tools to more phones and mobile device platforms. Companies and users who have not paid much attention to such tactics in the past are realizing they could be vulnerable.  Share these tips to help your employees recognize the potential threats.

For more sharable security tips, click here.