Remember the good old days when there were only viruses, and the only way you can get one is if you went online to some obscure website and downloaded it, or if someone handed you a floppy disk with a file that was infected from their computer. If you had virus software it was caught and you went about your business unscathed. Back then the reasoning behind viruses was the same as the reasoning behind taggers, to express “art” and be noticed. It’s different today; we have viruses, trojans, malware, ransomware, hackers, and cyber mafia.
While any one of these can corrupt your system, ransomware stands out. Ransomware has become a very profitable business for some. It was developed by the cyber mafia, a tech savvy version of the crime mafia, looking to receive notoriety for the action and to make a good buck while doing so.
The way ransomware works is you get an email which appears to be from your bank, a friend, a credit card company, or even a charitable organization. The “creators” of this email may send it out to thousands of addresses in the hope of catching a few. The email may ask you to go to a web site and login, or reply to an email address at the bottom, which is not an email at all but a file disguised to look like an email. Once you take the bait, the fun begins. The data on your hard drive is encrypted and becomes unreadable. The only way to fix your computer is to pay the “ransom” you are notified of. In many cases the ransom could be in bitcoins, which is an internet currency, and like gold the value can go up and down on a daily basis. The ransom can be $500, $1000, whatever the market will allow. Sometimes the ransom request may even be for prepay debit cards.
You may say, “I have virus software so this doesn’t apply to me”. That is not always the case. The ransomware creators usually write new versions that can get through the virus protection, and they use the smash and grab approach. They get in and get out, leaving you with the decision of do I pay the ransom to get the key to unlock my data, or do I go to a recent backup and reload my computer, or do I restore my computer as it came out of the box.
Now that you are thinking all hope is lost, know that there is some good news. If you are diligent when opening emails, going online, or opening files sent to you, you should be okay. When you receive an email, always ask these questions of yourself before opening any file, clicking on any link, etc.:
Is this something I was expecting?
Does the email address of the sender look legitimate, or is it some unusual version of the legitimate email address you are familiar with?
If the email is from my financial institution, call them and give them any information requested in the email verbally. Don’t send any information in a reply to the email you received.
If you are requested to click on a web site, or an email address, hover your mouse over it to see if the address it is taking you to is what or where you expect. It is important to do this even if the email is from a friend or coworker. Their email address may have been used by the “creator”.
If the email sounds too good to be true it probably is. Remember the old saying …. “Don’t take candy from strangers.”
These precautions are not fool proof, but they may save you much heartache in the long run. A good rule of thumb is that it’s always better to “err on the side of caution” when using your computer these days or you may pay for it later.
This article was written by Joe Sopron, IT Director at Chicago Communications. Joe has over 20 years of experience in the industry. If you have any questions for Joe, or another representative at ChiComm, please contact us.