Beware of Ransomware!

If you’ve never heard of ransomware, you’re most susceptible to its evils. That’s because ransomware relies on people having not heard about it and the techniques it uses.

Ransomware is a malicious software that is designed to block access to your computer, smartphone or other internet enabled system until you pay a sum of money. These unscrupulous scammers use a variety of methods to trick people into installing the software. Once it’s on your system, they can literally keep your device hostage until you meet their terms.

While ransomware developers have traditionally targeted individuals, they’re becoming increasingly bold, targeting businesses too – but never fear! Once you know the tricks and techniques these scammers use, you’re less likely to fall prey to their hustle.

So let’s look first at how your computer might get infected with malicious software. There are three main ways: email, compromised websites and pirated software.

Have you ever accidentally opened an email you thought was legitimate, only to find it was clearly a scam? Sometimes these scam mails will come with an attachment, with the email message in some way encouraging you to open the attachment. An example might be an email that claims you have an overdue invoice. You might panic and open the attachment to view what you think is the invoice. That’s when the software is automatically installed on your machine. It’s an easy mistake to make, but not as easy as it is to accidentally visit a compromised website.

In today’s world we all search a myriad topics and happily click through to the sites recommended by our search engine. Sadly, sometimes you can be directed by a well meaning search engine to a compromised website. Say you’re after a free printable event invitation. You visit one of the sites in your search results and choose to download what you think is a free invitation design. You could, in fact, be installing ransomware onto your machine.

Finally, some ransomware will fool users into thinking they are installing a legitimate software update. So what can you do to avoid these pitfalls? It’s overly simple to say, ‘Don’t open email from untrusted sources’, ‘Don’t download free things from sites you don’t know’, or ‘Make sure you only install updates from legitimate sources’.

Businesses have to open emails from unknown sources as they could be new customers. You’re always aware of your bottom line and there are legitimate freebies to be had online. Some malware scammers have done a very good job at imitating legitimate software update sources.

So here are steps to take before infection…

• Back up your important files regularly. Schedule a regular system backup, preferably off site to a cloud service. In fact, if you store your files on a cloud service all the time, it can protect them from these sorts of attacks.
• Encrypt wherever possible. Consider encrypting business sensitive documents.
• Educate your team on ransomware and how to avoid it.

And if you should be an unfortunate target of an attack…

• Never get caught up in paying the money. You’re better off investing in saving your data and removing the malware. Also avoid installing free software that claims to remove the ransomware, as it likely holds more threats.
• Immediately seek out the help of IT professionals as they may be able to recover and protect your data. If you see them soon enough, they may even be able to clean the device/s of malware for you and stop further damage.
• Once your data and machines are safe, change all your passwords. Make sure they’re strong and not easy to guess.

Good luck! If you have any questions or would like to talk to South Pacific IT’s team of experts about your ransomware concerns, give us a call, or contact us via our website.