Think before you click, its a scary world on the internet
There is a common misconception that everything nasty out there is a virus, and that is not true. When it comes to a virus, they usually just mess with things and cause trouble. To be honest, it’s been years since I have had to help a customer remove a virus from their computer.
These days it’s all about malware, encryption and data theft. With malware someone is making money, one of the reasons it is referred to as Cybercrime. They are either stealing your data, or watching what sites you are going to and selling that data, or worse.
In the last year alone, you have probably seen countless news reports about companies that have been compromised, or been hit with Ransomware encryption attacks.
Encryption is nothing new, we have been helping firms encrypt data for 10+ years. But like any tool, it can be used by criminals to exploit people for money.
How Does it Work?
Let’s talk about the “encryption attacks”, usually in the news they call it Ransomware. This is when you are tricked into running a program that encrypts your data (pictures, documents, videos, etc.) and only the bad guys can unlock it. The encryption they use is so strong even Police departments have been advised by the FBI to pay the ransom because it would take too long to figure out the code to unlock them.
Did you notice what I said above: “when you are tricked into running a program.”
That’s how it happens. Its payload is executed by a program that you run by mistake. Cybercriminals have become more devious in the ways that they can trick you. Take a look at the below email.
Notice how I put my mouse over blue link?
The URL you see in the email looks legitimate:
But when I place my mouse over the link it says something totally different. It points to:
Placing your mouse over a link (don’t click!) is one of the easiest ways to identify a fake and potentially dangerous link. Remember, ‘think before you click’.
Even if you use LogMeIn, they would never send this email. So it is garbage outright, but still it’s a crafty way for criminals to trick you into running their program.
Here is a video from our Security Partner Sophos – It shows you how a simple thing turns into a nightmare:
So again, think before you click. If you have our Backup and Disaster Recovery Service (BDR) and you accidently do this, it is easy for us to re-wind you and restore all of your files. In most cases you always need to restore the files from backup. When in doubt, call our Help Desk, as this is the safe way of doing it.
Here are some other examples of how I have seen malware such as this distributed:
- You get an email from a “printer/scanner” with a fax for you to read. Think about it. Has your scanner ever done this before? Are you sure it’s your scanner? And look, it has a .zip or .exe file. Your scanner sends PDF’s .
- You get an email from your “administrator” with files for you to review. Has your IT Team ever done this? Do they identify themselves as someone you know? If some dude came to you on the street and handed you a package, would you open it?
- Free USB Keys. This is one really to watch out for. People are leaving USB Keys (also called Flash Drives or Thumb Drives) in random places like fast food restaurants or parking lots. You stick it into your computer to see what you have found, and… Surprise! You are infected now.
- You get an email from ADP with your paycheck. First, do you even use ADP? And even if you do, have they ever done this before?
In closing, there are a lot of things that can get you into a jam with CryptoLocker type infections. It is all about thinking before you do something. Always ask, “should I be doing this?”
Calling our Help Desk to see if something is going to possibly infect your computer is a far easier than making that call to tell us that you are looking at the following screen:
Image credit: Malwarebytes blog