Computer & PC Help

A Word about Ransomware04 Sep

Ransomware is the latest and greatest virus/malware to disrupt both business and private users.  It comes via email, phony ads and web pages that are hi-jacked.  There is no cure for this type of malware.  It’s either pay up or lose everything.  My advice, better to lose everything then pay up.  If you pay up it doesn’t necessarily mean that you’ll get your docs, spreadsheets, etc. back, it just means in my opinion that you’re encouraging these thieves to continue on.

Let me briefly explain what ransomware is. Ransomware is an infection you get mostly via emails that contain either infected attachments or infected links.  When you open these attachments, or click on these links, immediately your information becomes encrypted with an extension other than for example .doc.  The extension .doc or even xlsx would be changed to doc or xlsx.MOLE66 or doc or xlsx.crypt or doc or xlsx.lckd and the only way to decrypt this information is to acquire the decryption key. That’s what these thieves sell you.  Well at least they say that that will.  Once you’re infected a note will appear on your screen



Or

 

 

Once you see this, the “deed is done”.

This is an interesting article of ransomware

https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-30th-2018-mostly-small-variants/

 

There are things you can do to avoid getting infected. The best way it to simply be very mindful of everything in your email and on line

If something doesn’t appear right, it’s not.  As for emails they are getting more creative using banking logos, Microsoft logos, IRS logos, FedEx, UPS, etc.  Just remember, if you are not expecting a package, you shouldn’t even open the email. If you are expecting a package the company will NEVER send you an attachment in the mail, they will send you your tracking number and a link to the delivery information, but you still need to be careful.  Your bank will never ask you to verify anything on line, unless you’re logged into the website.  Microsoft, The IRS, etc. doesn’t send out emails and they don’t call you.

Make sure you check the email address, that it a major clue.  If the email address is abc@xymmm.com or something that makes no sense it’s phony.  I’ve written an entire blog on how to spot phony email.

And as for calling you, how in the world would someone know that there’s and issue, virus, etc. on you PC without actually being in front of it? I’ve heard so many stories of people getting these phone calls and allowing someone they don’t know login in to their PC remotely, the next thing you know, the PC is now encrypted with ransomware and someone is asking you for money to get your information back!

If you’re a business, you need to make sure your IT department has backups. There’s a saying “You’re only as good as your last backup” If you’re a home user you can backup your information too. Simply purchase an external hard drive and copy whatever you can’t afford to lose on that drive and only use it when necessary.  This way if you do happen to get infected you have your information safely stored away and its can’t be touched.  You’ll need to make sure your “infection” is cleaned before you access your information again and that could mean either doing what’s called a system restore, or reformatting you machine.  Only then should you try to access anything stored, otherwise you’ll infect what you have backed up.

If you’re surfing the net and something doesn’t look right, just close the browser (IE, Firefox, Edge or Chrome).  If you’re suddenly getting popups or your home page is something different you’re probably infected with something.  Again, do a system restore or call someone in to clean whatever you’re infected with.

The moral of the story is the more aware of what you’re doing either on line or with emails, the less likely you’re going to get infected.  I’ve heard time and time again especially from the business community, “I get so many emails, I don’t have the time to check everything” Well my answer to that is the 5 extra minutes it takes you to check something will prevent you from losing everything and infecting everyone else and possibly taking down that particular business.  It can take weeks to restore all business information and in some cases they are forced to pay because they don’t have a good backup or disaster recovery plan.

If you’re employed in IT make it your business to educate your users on how to avoid getting infected.

No matter what you’re using for virus/malware protection it’s not enough.  Ransomware often times, disables your virus/protection so you can’t rely on that to make sure you’re not going to get infected. You need to rely on you.  Awareness is your best friend to avoid getting infected.

There are some decryption tools available for some ransomware infections, however, it’s all catch-up.  Some of these tools work and some of them do not.

Here’s another link for decryption tools, but again remember this is all catch-up and you must have the variant of ransomware that is listed in what ever decryption tool you’re trying to find.

https://heimdalsecurity.com/blog/ransomware-decryption-tools/

 

I hope I’ve encouraged you to be more mindful when reading emails and surfing the internet. And I hope you now understand how dangerous ransomware is.

Comments are closed.

Network Setup and Computer Repair

A Woman’s Touch Computer Services, AWTCS, sets up networks and provides PC repairs for New and Existing Businesses, Home Offices, and Residences. See our expanded list of computer services. Please Contact us if you have additional questions.

Computer Repair Services near Miami

Local On Site PC Service

AWTCS covers south Florida including Coral Springs, Wellington, Sunrise, Margate, Parkland, Pompano Beach, Deerfield Beach, Fort Lauderdale and Boca Raton.