Post Tags: phishing, ransomware, spam
Editor’s Note: It’s no secret that ransomware continues to be a constant threat to government agencies, private companies, and individual users alike. There are many approaches you can take to defend against intrusion– especially when it comes to enterprise IT modernization, a core service of NetCentrics. What’s often missing from the conversation is what individuals can do to protect themselves at home and at work (or as frequently the situation, at home at work!). This post by Shane Lawson of NetCentrics’ IT department offers no-nonsense tips everyone should follow on work networks, regardless of the devices used.
If you are like most people, you have likely received a call about your car’s extended warranty that you did not purchase expiring, or the poorly written emails about winning that contest that you didn’t enter. You most likely view this spam as simply an annoyance that interrupts the normal flow of life until you delete the email or hang up the phone, and then life goes on.
You may be aware of, or have experienced, more sophisticated types of malicious messaging beyond annoying spam calls. While spam that hawks fake products and insurance policies are bad, phishing scams are much more insidious. Phishing attacks come in many different forms, but the goal is always the same: gather information that can be used to an attacker’s advantage later. An example of such an attack is an email that appears to come from your bank, directing you to a malicious website made to look like your bank’s login page, asking you to verify your account information. If you comply, the attacker will then have your login information, security questions, and other PII for their fraudulent use. The material used in phishing scams is often high quality, and can be difficult to detect as fake.
Ransomware is another class of malicious messaging, and is often delivered using targeted emails. Ransomware may be disguised as an invoice, a PDF document from a vendor, an .mp3 file, or other email attachment. The email sender will include some call to action to get you to open the attachment, such as claiming that the attached document needs to be signed and returned, or the invoice approved. Once opened, the malicious attachment will encrypt the files on any drives or computers that it can spread to, leading to data loss and attempts at ransom.
With hackers and scammers becoming more sophisticated in how they attack their victims, it is important to know how to identify and mitigate such attacks. Below are steps that you can take the next time you are questioning a suspicious, or not so suspicious, email.
Spam:
- If you suspect a message is spam, do not click on any attachments as they may be malicious.
- Check for message alerts like: “This email originated from outside of the organization” message. If suspect, do not reply to the message.
- Report the message to a security governing body or mark the message as SPAM. Delete the message from your inbox. Deleting is important because you don’t want the email to introduce unwanted software or instructions.
Phishing:
- If you suspect someone is trying to phish you, do not click on any email attachments or take any requested action.
- Check for message alerts like: “This email originated from outside of the organization” message. If suspect, do not reply to the message.
- Do not reply to the message.
- Report the message to your IT group by following the security protocol set forth by your company infosec policy.
- If the message is claiming to be from a co-worker, vendor, or someone you know, contact that person at a known phone number or email address and verify that the message is authentic.
- Always verify before sending any payments, money transfers, or confidential information.
Ransomware:
- Keep your phone, personal, and work computers up to date with the latest security patches.
- Use caution when clicking on links. Make sure website addresses are not misspelled or altered.
- If possible, contact the sender by phone to verify that the message is authentic.
- Keep files backed up on a network drive for work, or a storage provider such as Google or Dropbox for personal files.
- Keep antivirus/antimalware/endpoint signatures and other security programs up to date.
What to Do If You’ve Been Phished
What to do if you think that you have been a victim of Ransomware, Identity Fraud, or another computer crime?
- At work, contact your Service Desk or Security Team.
- Change all passwords as soon as possible. Use a personal or company-managed password manager to ensure your passwords are distinct and difficult to crack: no “password123”.
- If you are a victim of ransomware, please contact your local FBI for assistance.
- If you think that you have been a victim of Identity Fraud or Theft, visit IdentityTheft.gov
If you receive a spam or phishing email, forward it to the Anti-Phishing Working Group at reportphishing@apwg.org.
Photo by Michael Geiger