What is Ransomware?
Wikipedia defines ransomware as “a type of malware which restricts access to the computer system that it infects, and demands a ransom paid to the creator(s) of the malware in order for the restriction to be removed.” A common ransomware is Cryptolocker and it is attacking networks nationwide. You and your staff should be aware of this threat and learn how to avoid it.
How Does it Work?
Cryptolocker is typically spread via email, but it can also be spread through social media sites by sending users links to phishing sites where they become infected. Computers are typically infected by either a user clicking on a web link that takes them to a phishing site that’s disguised as a business or customer-support related service or by a email that contains a .zip file containing the virus. The zip file usually contains a virus that appears to be a PDF file with a PDF icon. Often the cybercriminal tries to trick you into opening the email by offering tracking information, or other false important-looking messages in the email or subject line. These bogus emails typically appear to be from businesses like FedEx, UPS, Xerox, prominent banks, or others. Worst of all, not only is the computer infected by the virus, but all network shares the computer has access to including server shares. Often, entire shared company folders are crippled by the virus causing significant downtime.
What Can I Do?
1. Update Antivirus: Make sure your IT provider that keeps your anti-virus updated.
2. Email Security: Make sure you have great spam protection.
3. Exercise Caution When Opening Emails: Be careful when opening emails. Do not open email attachments or click on email links from unknown senders or suspicious looking emails. While anti-virus and spam filters can protect you from known variants, new variants (much like the flu) can still infect your systems if a user opens them.
Click on the picture below to see some examples of Cryptolocker subject lines: