Ransomware is one of the biggest threats in today’s security landscape; it has been on the scene for more than a decade and, as it continues to prove successful for cyber criminals, more high-profile business targets fall victim on an almost daily basis.

Ransomware is always evolving. Attackers are getting more sophisticated in how they infect systems, avoid detection and foil decryption efforts. Nobody is safe, says Carey van Vlaanderen, CEO at ESET South Africa.

Do you know what ransomware is? Do you know a filecoder from a lockscreen?

How does ransomware attack?

Ransomware is one of the worst forms of malware. Once your machine is compromised, two significant things happen.

1. The malware will start to encrypt as many files as possible. In its simplest form, this will convert the files from a readable to an unreadable format.

2. Then you will be sent a notification that the encryption has happened, and you will need to pay a ransom to get your files back.

The usual process is that you are required to pay a ransom in bitcoins (digital currency) to gain a code, the you will enter the code to prove you have paid the ransom, then the software will, if you’re lucky, decrypt your files.

What happens when this attack takes place?

All or most of your files are encrypted; this essentially means they are wrapped in a protective program to stop you or anyone else accessing them. It’s like a lock box. The files are still inside, but unless you have the key to unlock them, you cannot access them at all.

Ransomware can be a truly devastating piece of malware to hit your business; it has no morals and it doesn’t care if you provide a product, service or just information. What it does is cause mayhem, worry and concern.

Usually, the only fail-proof way of getting your data back is through backup and disaster recovery, but it’s not just whether you pay up or not, it’s the inconvenience your users suffer as a result. Restoring data can take hours, if not days, depending on the systems, and the actual malware must be completely eradicated from your network or it’s just going to start all over again.

What is the best way to prepare for potential attacks like this?

Safeguard yourself from ransomware attacks by implementing a multi-layered approach when dealing with cyber security safety, starting with the right security software; this will allow you to detect and react to cyber threats fast and effectively.

Make sure that you have a good point-in-time backup at regular intervals stored offline and off-premises. That way, if you get compromised, it’s just a case of restoring from backup once you have dealt with the initial malware infection.

Here is a link to the Full Article

If you receive a phone call from a security ‘expert’ offering to fix your PC – it’s a scam. Here’s how to avoid the ‘Microsoft phone scam’, and what to do if you fear you have fallen victim to it.

Despite having gone on for years – since 2009 in fact – the “I’m from Microsoft and you’ve got a problem with your PC” scam phone calls haven’t gone away

Microsoft phone scam: how it works

The scammer calls you, and asks for you by name. They say they are a computer security expert from Microsoft (or another legitimate tech company or a Microsoft ‘partner’). The ‘security expert’ is plausible and polite, but officious. They say that your PC or laptop has been infected with malware, and that they can help you solve the problem. What happens now depends on the particular strain of scam with which you have been targeted.

Some crooks will ask you to give them remote access to your PC or laptop, and then use that access to get hold of your personal data. Others get you to download a tool which they say is the “fix” for your problem, but is actually malware. A more straightforward scam is to simply ask for money in return for a lifetime of ‘protection’ from the malware they pretend is on your machine.

Here’s the important bit: no legitimate IT security company – certainly not Microsoft – is ever going to call you in this way. For one thing, they can’t even tell that your PC is infected. They’ve got your name from the phone book, or any one of the thousands of marketing lists on which your details probably reside. They know nothing about your home computing set up – they’re just chancres.

Basically, somebody is sitting in a room calling number after number hoping to find a victim. It’s not personal, but it is ultimately dangerous to your financial and technological health.

Microsoft phone scam: what to do if you are called

1. Put the phone down. Get rid of the caller and move on with your life. It is not a legitimate call.

2. During your conversation, don’t provide any personal information. This is a good rule for any unsolicited call. And certainly never hand over your credit card or bank details. Just don’t do it.

3. If you’ve got this far, we can only reiterate point number 1: get off the phone. But whatever you do don’t allow a stranger to guide you to a certain web page, or instruct you to change a setting on your PC or download software.

4. If possible get the caller’s details. You should certainly report any instance of this scam to Action Fraud.

5. Finally, change any passwords and usernames that could plausibly have been compromised, and run a scan with up-to-date security software. Then ensure that your firewall and antivirus are up to date and protecting your PC.

Oh, and there is a number 6: tell everyone about it. This scam preys on people’s insecurity about lack of tech knowledge. It is very easy to be a victim, and the best defense is sharing knowledge. It is much easier to put the phone down if you are forewarned.

 

Microsoft phone scam: what to do if you have been a victim

First of all don’t beat yourself up. This could happen to anyone (and does). You need to change all the personal data that you can change. As much as you might like to you can’t change your date of birth, and changing your name and address seems extreme. But you can change all your passwords and usernames, starting with your main email account and any bank- and credit card logins. Also, contact your bank to ask them to be on the lookout for anything dodgy.

Again, use up-to-date security software to scan and cleanse your PC, and if the scammer did get you to do something to your PC using System Restore to roll back the settings is always a good idea. And tell the police. If you have lost money, it’s possible your credit card company or contents insurance will cover the loss.