Ransomware is one of the most unpleasant infections with no known cure

cryptolocker

Ransomware is one of the most unpleasant virus or malware infections, and with no known cure, it poses one of the most serious threats to company and personal data across the globe. In recent weeks there has been a sharp spike in the number of reported infections, so what can you do to protect your valuable data?[vc_separator style=”separator1″]

What is Ransomware?

Essentially, ransomware encrypts documents and images on a computer. Worse still, if the computer is attached to a corporate network, it will infect everything it can see, and will only notify the user once it has finished encrypting all of the data it can find. Usually a pop up window will appear informing the user that all of their data has been encrypted and the only way to decrypt or release the data is to pay a fee to the crooks who created the infection. The amount of ransom demanded seems to vary from a few hundred dollars to several thousand.

How does it infect my PC?

As with virtually all Viruses and Malware infections, Ransomware is usually delivered in an email attachment. There has been a recent trend in emails that claim to be invoices, or confirmations of an order. The emails are worded quite well, and are clearly very plausible, as the number of infections reported in the past few weeks have rocketed

So how do you remove it?

There are many types of infection, but the way Ransomware infects computer networks does not vary much. If you are lucky, you may try to open an infected file quite soon after your computer has been infected. We say lucky, because if you can catch the infection early you may be able to prevent all of your valuable data from being encrypted. Remember that if you are on a network, the Ransomware will infect all of the data it can access, which can take time – days in some cases. Only once it has finished delivering its payload of poison, will it notify its victims.
crypto

If you are on a network, the first thing to do is to unplug the network lead from the back of your computer. If the infection started from your computer, disconnecting it from the network will stop the infection from spreading. Then shut down your system and seek professional help. If you are on a corporate network, hopefully you will not have any data saved locally! If you have, then there is a good chance most or all of your data will be encrypted. The bad news is that there is no way to decrypt your precious data without paying a ransom to the crooks. The good news is that if you have a recent backup of your data, then you should be able to restore it without too much difficulty. Obviously you have to make sure that you have found and cleared the infection before you restore your data, otherwise you may find that your data is encrypted again. If you are on a network, then your administrator should be notified immediately so they can take appropriate action to protect and cleanse the network.

Should I pay the fine?

We would always say NO, as dealing with crooks is not a good idea. However, we are aware that some people are so desperate that they have paid to release their files.

How can you protect your system from this type of infection?

Let’s be very clear, there is no way to 100% guarantee your system will never be infected by viruses or malware. There are new types of infections being created every day, and the leading Anti-Virus and Anti-Malware companies are in a permanent state of “Catch Up” Unfortunately, until a virus is created there is no way to find a cure. Below are the main points of trying to keep your data safe:

1. Backup your data – Backup your data – Backup your data. Make sure that your backups are working. Don’t just check to see if it backed up last night, actually try a test restore to make sure that the backup is effective. ALWAYS keep a copy off-site at another location. Or better still, use a remote backup service. N.B. If you do get infected, make sure that you disable the backups whilst you are cleaning your system, otherwise you will back up the infected files

2. Anti-Virus/Malware protection – Purchase a decent brand, and make sure it is up to date.

3. Be very careful with ALL email attachments –If you have even the slightest doubt, do not open the attachment. Look at it this way, what’s the worst that can happen if you don’t open a genuine email? You might receive a reminder for an unpaid bill but compared to losing all of your data this is insignificant. Never open any attachment unless you are 100% certain of its authenticity.

4. Make sure you do point 1!

The above points are only basic precautions, naturally, there are many other ways to try and protect your data. If you are in any doubt seek advice from IT professionals. For any enquiries email us at [email protected] or call us on 01279 464470.


How To Spot Scam Emails, Five Top Tips

phishing

Recently at ITVET, we received an email stating that we are eligible for a refund on our tax disc and to follow a link to the direct gov website to fill in an application form to receive this refund. This is not genuine, if you have received a similar email do not click the link provided.

This particular email was quite convincing, so we have provided a few tell-tale signs that an email may be a scam. Scammers are constantly devising new ways to trick you into giving away valuable information and it is sometimes hard not to get caught out. It is not always easy to spot a phishing email but here a few tips of what to look for.

1. Always be suspicious if an email asks for personal information.
Even if an email appears official you should be wary if you are being asked for bank details, passwords or credit card information. In a recent scam email we received, we were asked to send our credit card details by fax – it is unlikely that your bank would ever ask you to send them your passwords or account number so always act with caution.

2. Check the spelling and grammar of the email.
If you glance over an email it may appear official with company logos and pictures, but on closer inspection you will often spot obvious spelling mistakes and questionable grammar.

3. Check any links included in the email.
Check the link carefully– the link may seem genuine or valid at first but often the link displayed does not match where you will be redirected to if you click on it. If you hover over a link in the email you will be able to see where the hyperlinked address will take you to. The tax disc email we received showed a link to direct.gov.uk but if you hover over this link is shows a website registered to South Africa. To be safe, do not click on any suspicious links and do not open any attachments that you are not expecting.

dvla-link1

4. Check the sender’s email address.
We recently received a batch of emails from a scammer posing as 123reg and they were sent from [email protected] Even if the email address does contain the name of a company or your bank there will often be something slightly shifty about it too such as including numbers.

5. Something just feels wrong
Often if something seems suspicious or not right then you can trust your instinct. For example, if you receive and email saying that you have won the lottery and you haven’t bought a ticket it is quite clear that someone is trying to trick you into giving away your bank information. These may be an extreme example but if you read through an email and you are uncertain whether the information is genuine, then it most likely isn’t.

For any enquiries please contact us at [email protected] or on 01279 464470.