By David Gracey
If you’re feeling concerned about ransomware, you’re not paranoid. This growing cyberthreat affects an ever-growing number of people, including businesses and individuals who aren’t particularly high-profile and didn’t expect to be the targets of an attack. Anyone who uses a computer is at risk, so it’s important to know what to look for and how you can protect yourself.
What is ransomware?
Ransomware is a specific kind of malware that prevents you from using your PC or the files it contains. You might find out you’re under attack by seeing a ransomware note, locked screen or browser, renamed or encrypted files, or a message telling you how to decrypt the files under the hacker’s control. To return your files or control of your computer, hackers will often demand a ransom paid in Bitcoin or traditional funds, but there’s a significant risk that even if you pay you won’t get your files back the way they once were. If it happens, immediately turn off your computer and disconnect the network cable, if you have one, then seek professional help from a trusted IT professional.
Where does it come from?
Hackers can install ransomware on your computer using a variety of methods. Some attempts may be obvious to an educated web user, but others may fool even experienced professionals. The best way to prevent ransomware is to be vigilant about where you go and what you do online. Common sources of ransomware and other malware include:
- Sketchy websites – don’t browse sites that you don’t feel confident about
- Websites that ask you to update the Chrome font pack – don’t click the link
- Unpatched computers – always install updates as soon as they are available
- Pirated or outdated software – avoid installing older versions of software or operating systems, and never install software that might have been illegally obtained
- Compromised networks – careful users may still pick up malware from a network that has been infected, unbeknownst to the users
- Downloads or attachments from spam emails – this is one of the most common ways of allowing ransomware onto your computer, and it’s not always to distinguish between legitimate emails and malicious ones
Malicious emails may seem to be normal communications from trusted contacts, but actually be the work of hackers who are targeting your system. Any email or attachment that contains executable files (such as macros) could pose a threat. These file types are all potential carriers of ransomware:
- .doc, .docx or .docm
- .xls or .xlsm
- zip files
How can you identify malicious emails?
Unfortunately, you can’t always identify malicious emails, but with enough vigilance you can minimize (but not eliminate) the possibility of allowing ransomware to infect your computer.
- Do not open unexpected invoices or requests for e-signatures
- Don’t click unexpected Dropbox links, or those from unknown contacts
- Beware of unexpected emails from your contacts, and never open emails that purport to be from contacts but use the incorrect email address
- Before clicking a link, hover over it to check if the url is legitimate
- Watch for uncharacteristic writing style, misspellings and poor grammar in emails – this can be a sign that the sender is not really the owner of that email address (many hackers are not native English speakers)
- Instead of responding to an email, call or text your contact to confirm the email is legitimate. Hackers could still be active in the account and simply respond saying the attachment or signature request is safe. This has happened to several of our clients!
- Do not enter login credentials at sites you reach by clicking an emailed link. Open a new browser window and type in the site’s address to ensure that not offering your login information to hackers.
- Don’t fall for emails that allegedly contain Microsoft updates. Microsoft does not send updates via email; these emails are malicious and should not be opened.
What else can you do?
Here are some additional strategies to minimize the risk of malware and other types of hacking:
- Use only safe, password-protected internet connections. Public wi-fi is NOT secure and you should assume that anything you send over these networks can be intercepted.
- Keep your operating system and anti-virus program (a necessity) up to date
- Save files on a server, not your local desktop
- Disable stored passwords on your browser. Never allow your browser to save login credentials to sites that contain sensitive information, since that makes it easy for hackers to find them if they get into your system.
- Use a password manager such as LastPass to create strong and unique passwords. Download the browser extension for easy access to all your passwords, but DO NOT save the password you use for your password manager. That is the only one you’ll have to remember, but this is something you and not your password manager should do.
- Enable two-factor authentication for all applications that offer it
There’s nothing you can do to make using the internet safe, but are many ways to make it safer. Educating yourself about the threats and learning best practices can offer protection, as can technology tools. The most important thing you can do, however, is to be cautious and check with a professional when something doesn’t seem quite right.