Two weeks ago, the WannaCry cyberattack hit more than 300,000 computers in more than 150 countries. This global "ransomware" attack disrupted factories, hospitals, shops, and schools. Wannacry did not discriminate much in its targets. In the past, I've written about the importance of locking down your passwords. My goal today is to educate and inform so that you can better protect yourself.
What is Ransomware?
In a ransomware attack, victims will open an email addressed to them and may click on an attachment that appears legitimate, like an invoice or fax, but that actually contains malicious ransomware code. Or the email may include a legitimate looking website link (URL), but when the victim clicks on it, the link directs to a website that infects the computer with malicious software. In turn, the malware encrypts files and folders on local drives, any attached drives, backup drives, and even other computers on the same network. Users are often not aware of a problem until they realize they can no longer access their data or they receive a message advising them of the attack along with demands for a ransom payment in exchange for a decryption key. Also included is a time limit: Pay up soon or the files are gone forever.
Ransomware on the Rise
Here are a great graphic and trends from The Economist.
- Since 2014 the varieties of ransomware have more than tripled. (Internet Security Threat Report by Symantec)
- CryptoWall, a particularly nasty strain of ransomware, netted at least $18m for cyber-crooks in 2015. (FBI)
- Hackers are also getting greedier: the average haul from a ransomware attack has gone up from $373 per victim in 2014 to $1,077 in 2016.
Be Careful with Email
Email is still the #1 source of identity theft. Therefore, be sure not to leave sensitive documents or communications containing account numbers, passwords, or social security numbers lingering in your inbox. In fact, I suggest never emailing your social security number. Also, be wary of links that you receive via emails. Before clicking on a link, be sure that the entire web address is recognizable prior to clicking to avoid visits to fraudulent domains. This is actually easier said, than done. For an example. read on below.
What Kind of Idiot Gets Phished?
This is the title of the episode #97 of ReplyAll and a good follow-up to episode #91 The Russian Passenger that I also wrote about. Phia Bennin conducted an experiment on her co-workers to discover who is susceptible to a phishing attack. The conclusion was that it's not just insanely, gullible luddites who can fall victim but even smart, tech savvy people! We are all targets. Nobody is safe.
In the show, Phia has digital forensic expert Daniel Boteanu perform a phishing test on her colleagues at Gimlet Media. Frighteningly, Daniel started his test on a Monday morning and had gained control of an employee's email by 6 PM that day!
Keep Your Guard Up and Eyes Open
How did Daniel do it? He bought the domain gimletrnedia.com so he could impersonate actual Gimlet employees. Notice that the r + n looks like an m! He emailed legitimate looking attachments like invoices or audio files that when clicked prompted users to re-enter their Gmail credentials. If they did so, they were hacked!
I've noticed more phishing emails hitting my inbox recently. Here are some actual examples.
- I received emails from Apple ID "Receipt Invoices" that made it appear that I've made an iTunes purchase. There is a PDF file attached.
>> This attachment either has malware or will prompt me to enter my Apple username and password.
- There is an email from Apple Support that claims someone in Ecuador has attempted to access my account so I should update my information immediately.
>> This email contains a link to applestore-icloud.com that will attempt to collect my username and password. Obviously, this is not an Apple website.
- I received an email from Microsoft alerting me that my inbox exceeded the quota and needed to be upgraded. It went on, "To continue using your mailbox, Please upgrade to your extra 15GB plan with just a single click without any charges." Seemingly harmless right?
>> Do not click links without first looking at the email address of the sender (not a legitimate Microsoft address) or web address of the link (also not Microsoft!)
Take your time and be thorough when reading through your emails. If something does not look or feel right, do not give anything sender or link the benefit of the doubt. Hackers prey on the fact that we are busy, in a rush, and may have our guard down. Be aware and be safe!!!
- FBI Cybercrime
- Risk Alert: Cybersecurity: Ransomware Alert
- Symantec: WannaCry Ransomware
- Ransomware on the rise: Norton tips on how to prevent getting infected
Have you been a victim of identity theft or cybercrime? If you have advice to share, please post a comment.