Held for ransom: is your intellectual property and customer data secure?

93 percent of phishing emails now contain ransomware

93 percent of phishing emails contain ransomewareRansomware attacks are growing rapidly across the U.S., and small businesses are an easy target. A report released by PhishMe revealed that at the end of March 2016, 93 percent of all phishing emails contained encryption ransomware, up from 56 percent in December and less than 10 percent every other month in 2015. This alarming growth is based on how easy and quick the crime is to deploy and collect on from the targeted victims.

What is ransomware?

Ransomware is a type of malicious software (malware) that infects a computer and restricts access to its data until a ransom is paid to unlock it. The criminal will demand money (typically in the form of Bitcoin, so it cannot be tracked) to restore the data. Once paid, the victims are usually able to retrieve their files. The FBI recommends victims not pay the ransom, but most do because the amount is often less than the struggle to recover the locked data by other means. The criminals know this, which is why they keep the ransom amount relatively low. Sadly, it’s an easy return on investment for the anonymous cybercriminal.

How do you identify ransomware?

Be on the lookout for any  email that asks you to take an action such as clicking on a link or typing information into a form. These actions alone can give a hacker access into your computer.

Typical senders of email include those:

  • spoofing law enforcement agencies that claim you have downloaded illegal content and demand you pay a fine for the violation;
  • claiming to be a service provider, customer or vendor who ask that you respond with information;
  • looking like delivery companies providing shipping notices;
  • appearing to come from a government agency (IRS, FBI, Department of Homeland Security); or
  • claiming that your operating system or other system software installation requires activation or that it is out of date or not working.

While most ransomware attacks happen through email, they can also be delivered via drive-by-download attacks on compromised websites and pop-up boxes.

If human targets haven’t received effective training and conditioning, they are 97 percent more likely to open an email and click on a malicious link or open a malware-laden file attachment that may unleash ransomware.

How can you protect your computers from ransomware?

  • Employee awareness and action:
    • Stop and think before opening an email message. Verify that the email request is from a legitimate party before clicking any links within it or sharing information.
    • Pay attention to file extensions. If the document has a “.docx” “.pdf” or “.xlsx” extension, it’s typically safe to open. Be suspicious of “.exe” files as they can download a virus when opened.
    • If you notice an increase of pop-up ads or if your computer becomes noticeably sluggish, instantly disconnect the Internet connection by turning off your Wi-Fi receiver or unplugging the network cable. Be sure to contact your IT or security specialist to report your suspicion.
    • Quiz your employees and test them with realistic scenarios on a regular basis. Here’s an example of a readiness quiz we have used. There are multiple vendors available to assist with the process of employee awareness.
  • IT best practices:
    • Back up your most important files on a regular basis and store in an offline environment. This critical practice is the most reliable method for recovering infected systems.
    • Use a layered approach to security with anti-virus software, web filtering, firewalls and up-to-date patching. Update your operating system, anti-virus, browsers, Adobe Flash Player, Java and other software regularly.
    • Block known, malicious IP addresses and suspicious web categories you don’t need for conducting business.
    • Manage the use of privileged accounts and security levels appropriately. For example, don’t give an employee administrative rights unless absolutely needed.
    • Conduct phishing attack simulations throughout your company, based on real-world threats to condition employees to recognize malicious emails.
    • Provide employees with easy, fast and effective ways to report suspect emails to a designated person or team.

It all starts with education. Learn more about ransomware and other cyber risks, then share this link with your employees to begin the education process.

To stay updated about other fraud risks and prevention methods, register for our business series.

More posts from Tahir