Unredeemable con artists are deviously hijacking computers and smartphones and demanding ransom be paid or precious personal data deleted. Malicious software is shrewdly installed and documents, financial records, family photos, files and valuable data held for ransom. Often a countdown clock is displayed on the victim’s screen with anywhere from a 3 to 7 day deadline to pay or promised action taken.
IBM Security
reports that on average the payments are from $200 to $10,000, with 25% of
businesses forced to pay up to $40,000. The FBI released 2016 data detailing
ransomware losses of at least $1 billion in the US alone. The cybersecurity
firm Symantec estimates there were on average 4,000 attacks per day in 2016.
Osterman Research reports that 59% of attacks are conducted by phishing emails luring
victims to click on malicious links or attachments.
Cybercriminals
have obtained millions of valid emails and personal information from data
breaches at major firms like Yahoo, Linked In, Google and many others. Vast
numbers of phishing emails are sent out and the criminals just wait for those
who take the bait. When a victim agrees to pay, they are directed to an
untraceable “dark web” site where helpful and friendly agents provide top-notch
“customer service” on how to obtain Bitcoin currency and send the required
amount to them.
How to outfox the swindlers:
1) Use software that frequently and automatically scans
and uploads your data to an offsite, digital storage service. This is also
essential in case of burglary, flood or fire. Some of the top ones you pay for
are IDrive and SugarSync, while reliable free choices are Microsoft OneDrive,
Google Drive, Apple iCloud and Dropbox.
2) Some of the best free antivirus software includes
Avast, AVG and Bitdefender.
3) For
extra security regularly back up all your data to a USB drive or external hard
drive. Disconnect immediately after you’re done. If an attack happens with the
drive still attached, it will be hijacked as well.
4) Criminals exploit vulnerabilities in older software.
Be diligent in all security updates. The most common targets are browser
plug-ins like Adobe Reader, Flash Player and Java. Numerous quality free
security scanners are available. Flexera’s Personal Software Inspector is among
the best reviewed:
“Personal
Software Inspector is a free computer security solution that identifies
vulnerabilities in applications on your private PC. Vulnerable programs can
leave your PC open to attacks, against which your antivirus solution may not be
effective. Simply put, it scans software on your system and identifies programs
in need of security updates to safeguard your PC against cybercriminals. It
then supplies your computer with the necessary software security updates to
keep it safe.”
For Mac
users: Apple Menu - System Preferences – Apple Store – “automatically check for
updates”.
5) NEVER click on links in unsolicited emails that appear
authentic and come from recognizable businesses, your bank or the IRS. Use
separate contact info to confirm the legitimacy of the inquiry.
6) Be alert for this common tactic: An unsolicited email
asks you to “enable macros” so you can view an attached Microsoft document.
More often than not this is a ploy to install malicious code.
7) The cybercriminal encrypts the victim’s files and
sends a decryption key to unlock the files when the ransom is paid. The same
ransomware codes are used by multiple scammers and some of the codes have been
decrypted by cybersecurity volunteers. These decryption keys are available for
free and can be used if applicable. The site https://www.nomoreransom.org/ helps you find out what kind of ransomware you
have and if a decryption key is available. Law enforcement in 25 countries
endorse this site.
8) This No More Ransom site also offers the same general
security advice, including one piece omitted by some anti-ransomware
sites:
“Enable the
‘Show file extensions’ option in the Windows settings on your computer. This
will make it much easier to spot potentially malicious files. Stay away from
file extensions like ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can use several
extensions to disguise a malicious file as a video, photo, or document (like
hot-chics.avi.exe or doc.scr).”
9) Another widely used and helpful site is https://www.bleepingcomputer.com/.
Their Welcome Guide states:
“Welcome to
BleepingComputer, a free community where people like yourself come together to
discuss and learn how to use their computers in an atmosphere that is both
helpful and welcoming. With over 700,000 registered members asking and
answering questions, BleepingComputer.com has become a vibrant and lively
community of like-minded people. Now it is your turn to become part of this
experience.”
Ransomware
victims are aided by experts and fellow members in their online forums. Free
decryption tools and codes are offered, many not found in the No More Ransom
site. Caution: only use reliable and well-known ransomware help sites. Many of
the smaller, one-person sites are actually cybercriminals ready to load even
more malware.
10)
If no
encryption keys are available, many individuals and businesses are forced to
pay the ransom due to the importance of their data. The Bleeping Computer site
advises before you pay, use “the customer support links provided in your ransom
note to try to negotiate better terms. ‘We've found that if you explain that
you can't afford what they're asking, these people will negotiate because they
just want to get paid and move on,’ (BleepingComputer) says. In fact, the
European cybersecurity firm F-Secure reported recently that three out of four
criminal gangs they evaluated were willing to negotiate their ransom fees
downward, giving victims an average break of nearly 30% in the cases they
examined. And all of them were willing to extend payment deadlines as well.”
11) For those who refuse to be
victimized:
“If on
principle or for economic reasons you choose not to pay, you might want to save
your encrypted data; a free decryption key for the ransomware that hit you
might become available someday. In that case, (Bleeping Computer) recommends
copying your entire hard drive—including all encrypted files and ransom
notes—onto an external hard drive. A local computer technician can help you
with this process (known as cloning) and also with clearing malware and
encrypted files off your computer's infected hard drive so that you can get
back to using it. Then periodically check online to see if decryption tools for
your strain of ransomware are available yet.”
12) No matter what you decide, immediately
file a complaint with the Federal Bureau of Investigation Internet Crimes
Complaint Center: https://www.ic3.gov/default.aspx
Primary Source
Andrea Rock,
“Cybercrime Gets Personal” Money,
March 2017 http://time.com/money/page/ransomware-remove-prevention/
More Tools
10 free virus and malware removal tools
Photo: https://blog.comodo.com/wp-content/uploads/ransomware-1.jpg
Jerry De Luca is a Christian freelance writer who loves perusing dozens of interesting and informative publications. When he finds any useful info he summarizes it, taking the main points, and creates a (hopefully) helpful blog post.
0 comments :
Post a Comment
Feel free to leave any comments...