Ransomeware scams have been around for several years.
However, they are on the rise.
Every business needs to train staff who have access to computers how to avoid this kind of scam. Ransomware is one of the many kinds of malware — that is, malicious code that can infect a computer.
Ransomware enters a network, computer, or other device in the same way as other malware. Usually, a user clicks something they shouldn’t — like an icon, a link, or a file attachment in an email or text message. Increasingly, criminals are inserting malware links in social media posts as traps for the unwary.
Click and thieves are in the door.
Once ransomware finds its way into a device or network, the device will freeze or appear to crash. Initially, ransomware scams were perpetrated by cybergangs who encrypted the infected device. The only way for the victim to regain control was to pay the required ransom. Now, less skilled copycats generate a pop-up message on the infected device that says the device is frozen or encrypted, but the warning may be a ruse.
Some scammers generate a pop-up warning that purports to be from law enforcement. The warning states the victim has broken a law and that the agency has locked the victim’s device pending payment of a fine.
Other versions of the scam simply notify the victim that the device has been encrypted, and a ransom must be paid to regain control of the device. Either way, the criminal’s endgame is the same: to force the victim to pay to remove the malware. The size of the ransom plus the damage to a business if the situation lingers prompts most victims to pay up.
The FBI has just released a public warning that includes a helpful list of steps to take to avoid ransomeware scams. You can find the full press release here: https://www.fbi.gov/sanjuan/press-releases/2016/fbi-warns-the-public-about-ransomware-internet-scam.
In a nutshell, the FBI suggests:
- Keep your data backed up, and store the backup file in a remote location.
- In addition, we suggest using at least a two-step backup system. Use a backup service that stores a copy of your files in a remote location either in the cloud or in a remote server, and perform regular backups on a portable storage device such as an external hard drive. Keep the external hard drive in a safe place.
- Update your settings to show hidden file extensions. The FBI warns that malware may contain double file extensions, e.g., *.pdf.exe.
- Don’t open *.exe files attached to emails.
- Use antivirus and firewall protection, keep it up-to-date, and make sure you install operating system updates and security patches as they become available.
- Use strong passwords, and avoid using the same password for everything.
- We suggest changing passwords regularly as well.
- Use a pop-up blocker.
- Download software only from trustworthy sources. Be especially careful when downloading freeware.
- Don’t open attachments in unsolicited emails.
We suggest treating all unsolicited communications as if they are scams. In other words, if you did not initiate a conversation, be extra careful even if the communication purports to be from someone you trust. Scammers can hijack or spoof email addresses.
When in doubt, contact the alleged sender. Don’t use contact information from an email, text, or pop-up message. Go to your contacts list, address book, or an official source such as an agency’s website to get the email address or telephone number. Ask whether they sent the suspicious message before opening anything attached to it.
Train your staff to use internet-connected devices safely. If you become a victim, report the crime at www.ic3.gov. Do not jump to pay a ransom. First, turn off file sharing. Then, check to see whether any of your files have been compromised by running your antivirus program. Remove any infected files, and restore them from your backup. This may resolve the problem. If not, contact an IT expert for assistance.