Phishing Attacks Now Have Ransomware Payloads

BY:

Jul 5, 2016

Do you back up everything each hour when your system is busy, and at least once a day, if it is not? Do you disconnect your backup devices from your system when they are not actually backing up? You may have answered the first question affirmatively. However, if you answered the second, “No, I always keep my backup devices running,” you could be vulnerable to a phishing attack.

ransomware

Yes, your firewalls are secure, and Kaspersky or some other top antivirus software is watching your back. But you have another exposure that can open your front door to attacks.

Here’s how phishing works: Your employee (or maybe your own child) receives this friendly looking (albeit bogus) email from someone they know or some organization they consider benign. The email has text to the effect “Wow! We really loved this picture of (insert entertainer’s name) at the last concert. Open the attachment (or click this innocent looking link) and see if you agree!”

Whether the email has an attachment or link, two alternative bad things can happen:

1. The disguised .jpg attachment

Everyone knows that a .jpg image is harmless, right? Wrong. Say the title of the image attachment is titled concert.jpg. What scammers actually do is bank on the fact that most computers hide extensions.

The actual file extension is either .exe or .zip. So the file’s name is concert.jpg.zip. The zip (or .exe) gets hidden, but click on it and it goes to work. The work can be anything from spraying hostile code to inserting bots that take over your computer and also after your contact list to propagate outward.

2. The little link that could do damage

Click on that link lure and you’ll be taken to a hostile site. The site is waiting to download the equivalent of digital landmines into your system. Or it could be a connection to the Darknet where this guy with a Russian-sounding name is waiting to kidnap your system through the pernicious ransomware attack.

And now, the double ransomware whammy…

Ransomware is not a new threat, having been around for several years. But as potential victims have grown wary of malware, and spam email is increasingly shunted to the junk box, crooks have adapted. Email phishing attachments might go beyond the social and look like an authentic invoice or electronic fax.

According to the FBI, ransomware attacks “are not only proliferating, they’re becoming more sophisticated.” Where they were once just delivered through spam emails, now unwary web surfers can trip over legitimate websites with malicious programming, which takes advantage of unprotected end-user portals.

The ransomware, once introduced, encrypts files on local drives, including anything else hooked up to the system–including backup systems and devices.

A semi-final word about backing up

If, despite all your precautions, a phishing attack is successful and you see that scary ransomware message on your computer monitor, you’ll have but two options: 1) pay the ransom, or 2) restore your system from an uninfected backup source.

Paying the ransom brings no guarantee that whoever is holding your system for ransom will send the decryption code. They might, but they are just as likely to further infect your system with additional malware. However, if you followed the advice to run frequent backups on devices only connected to your system during the backup operation, you can recover. You will only lose data entered or changed after the last backup.

Finally, the importance of a business continuity plan

Nothing will cripple your business like shutting down access to your financial and other proprietary data. The lost revenues and extra expenses can cut deeply into a business’s bottom line, and business disruption insurance won’t cover the intangibles like loss of customer confidence. So a well-designed backup protocol is just one element of an agile business continuity plan.

In the meantime, beware of bogus emails bearing dangerous attachments and links. Even if you know the originator, you can’t be sure they are not sending you a bomb disguised as a smooch.

{company} is the trusted choice when it comes to staying ahead of the latest information on security threats, technology tips, tricks, and news. Contact us at {phone} or send us an email at {email} for more information.

Related Blogs

  • On a blue background are the letters AI in white. Superimposed over this is a robotic face wrapped with a connectivity symbol. A word bubble says can I help you." alt="">
    How AI Chatbots are Changing the Call Center Game

    With Amazon Lex Chatbots and Contact Lens, you can create tomorrow’s customer experience today. Key Takeaways: AI chatbots are revolutionizing not just call centers, but the way customer service is...

    Learn More
  • Six office workers sit at computers on opposite sides of a table in a brightly lit office." alt="">
    4 Challenges of Managing WorkSpaces at Scale and How to Solve Them

    A skills gap in IT staff and rising employee costs make managed services the right choice Key Takeaways: Research says it takes a minimum of 10 dedicated full-time IT staff members to manage DaaS...

    Learn More
  • The customer call center in an AI world." alt="">
    How Artificial Intelligence Is Reinventing the Call Center

    Today’s most important AI call center trends – is your call center ready for them?  Key Takeaways:  Learn how to improve customer service operations using automation while still providing...

    Learn More