Here is the low down on two of the most common ransomware scams that you need to know about.
The pay rise/redundancy scam
Cyber criminals create an email that looks similar to that of a director. For example, firstname.lastname@example.org is changed to email@example.com.
Sometimes the email is also ‘spoofed’ so that it appears in your inbox as though it is sent from the genuine .co.uk address.
If you were to check the original sender address you will see it is slightly different, and actually sent from the fake .com address, so the crooks are relying on you not checking.
So how do they trick you?
The best way to scam you is to attach a document or a subject matter that will psychologically manipulate you into being negligent.
For example, imagine you receive an email from a director entitled ‘company pay rises 2016’ or ‘company redundancies 2016’ – you are going to instantly experience various emotions and will want to open that email.
In order for the virus to spread, the crooks now need to get you to initiate macros, which you will be asked to do this by clicking ‘yes’ or ‘no’.
The crooks are counting on you being so eager to find out what your pay rise will be, or whether you are out of a job, that you will click ‘yes’, without really knowing what you are doing.
At this point the ransomware has been delivered and your PC and everything connected to it, such as your server, is infected and instantly locked down.
The competition scam
A crook phones a business, often targeting reception, and asks them if they would like to win something.
It could be anything, but a popular ‘prize’ is a bottle of champagne.
In order to win the free champagne, it’s as simple as answering three questions.
Two of these questions will be easy and along the lines of ‘who is the prime minister?’, while the third question reveals their true objective.
>See also: How cybercrime became industrial-scale
For example, their question might be ‘what accounts software do you use?’
The cyber criminals are hoping that you will know the answer or call your trusting IT department to find out the details they need.
Once they have the answer they want, they will tell you that you have won the prize, take your details and end the call with you thinking you have a nice bottle of champagne on its way to you – you haven’t!
Let’s say you told the crook you use Sage for your accounting – the crook will now phone the IT department and pretend to be from Sage.
He/she will tell the IT guy that he needs to send some important information, invoice or update.
Once he’s got the IT guy’s email address, the cyber thief will email him the important file from a fake email that looks plausible, similar to the pay rise scam.
If the scammer has been sufficiently convincing on the phone, the IT guy will open the email attachment and the virus infects.
What can I do about this?
Once either of the above scams are successful and your files are locked you have two options – pay the ransom or restore your data to the point before the infection occurred.
Either way you are going to lose valuable working time, data, money or all three.
>See also: Top 10 most devastating cyber hacks of 2015
There are three steps of prevention and cure that you should take to protect yourself and your business:
- Regularly educate your employees on cyber security so they know not to be duped
- Make sure you have a robust data backup and disaster recovery system that you are certain will work.
- Create a disaster recovery/business continuity plan that has procedures outlined for a ransomware infection.
Without doing these three things you are vulnerable.
Sourced by Simon Williams, Pro Drive IT