Computer viruses are no new concept. We’ve all heard not to open attachments from strangers, not to click on ads, not to type text that is not a website URL into the browser. Well, gone are the days of our computers slowing down when they have viruses. Computers are way more efficient and attackers way more sneaky. You may not even have to click on anything, just load a webpage with ads and a little snippet of something will sit in your computer, waiting for a command from its leader.
One of the growing malware categories is Ransomware. This kind of malware encrypts (or claims to encrypt) your files and hold them for a ransom of hundreds of dollars. One of the most recent variants, CryptoLocker, is getting some attention for it’s seemingly professional assistance in coaching the victim step by step on how to pay the ransom and receive a key to unlock the files (hopefully).
Thankfully, we have an excellent staff on hand to tell us the latest and greatest scams out there and this helps us make decisions that are safer and more streamlined.
One of the improvements we have made is to stop sending PDF proofs via email. So much malware is sent using attachments in emails that are meant to look like they are coming from somebody in your own office! Be mindful of the language the person in each email with an attachment is using. If you sense something out of character, it is better to call them and see what’s up before going any further. Get verbal confirmation first, open the attachment later.
We have adopted a new proofing system to battle these monsters
ProofHQ appears to be a big hit with most of our clients. No longer do you need to wonder if you are opening something safe, you can view the PDF in your browser and have tools on hand to make comments with typed directions for improvement, measuring tools, highlighting, pointing, downloading, uploading, scaling and so much more. There are some basic directions that pop up when you open the link in your email. You can look them over or just dive right in. Take a look at their website for yourself and see what they are all about here.
So how can you avoid Ransomware disaster in everyday work life?
Here are some tips:
- Keep your data and work files backed up on a removable hard drive. This is especially true of any sensitive items like taxes, certificates, medical bills, and anything that you are not comfortable with landing the wrong hands.
- Use a good antivirus that will stop the ransomware from taking over. Sometimes this is not good enough protection, but it is better than being completely exposed.
- Keep your software updated. This is not just your system software but your browser and other applications. Ransomware can take advantage of holes in security.
- Avoid suspicious files and email attachments. Never open an .exe file that you are not expecting and that you cannot verify is the correct file. This is because .exe files are what run and install programs, including malware. It is very important to trust the source of such a file.
- Careful with your email. Make sure that if there is an attachment, you not only know and trust the person sending it, but you are expecting it. A criminal who has done his research knows your company structure and will likely send you an email pretending to be an important person in your office, requesting that you open a file to better see his instructions or an invoice for payment.
- Uninstall Java. It is used in a few things from internet games to applications and browsers, but it has some really bad security flaws. Howtogeek.com gives some detailed instructions with images on how to uninstall or disable Java.
- If you must have Java, get an ad blocker. Not just a pop-up blocker, this blocks the ads on websites from being visible or for running in the background while you browse. It’s safer than letting the ads on a page load, and it keeps web pages running fast.
- You no longer NEED Adobe Reader installed on your computer. Most modern browsers can display PDFs without third party plugins. Browsers such as Chrome, Firefox, Safari and MS Edge can do this with ease. If you require reader for your desktop, disable it in your browser.
For detailed information on malware and virus trends, please see the Internet Security Threat Report by Symantic, a company specializing in cyber security. You can sign up to get the report at this link.