Hospital paid $17,000 to Ransomware (How to Avoid It)

Just Don’t Click!

Phishing as it is known is the art of getting unsuspecting users to click on a link and either download a malicious piece of software or for them to divulge private information to the bad guys.

Even from your boss!

E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information. We have even seen a recent e-mail request appearing to be from a company’s CEO to the CFO requesting that all employee W-2’s be scanned and emailed back to a fake, spoofed e-mail address. These e-mail can appear to be legit, even including company logos and user signatures.  How do they do this you might ask?   Well go to any list broker and you will see your company tree,  match that up with some email addresses and voila! instant phishing scheme.

Protect Yourself

How can you protect yourself from these malicious scams? You may follow these five tips to protect yourself from falling victim to a phishing scheme.

  • Be skeptical of all emails
    1. Ask yourself: Who is this email from?  If the sender is someone you do not recognize, chances are this email is either some form of unsolicited spam or it is a phishing email.
    2. Slow down, take a breath and think about what you are doing.
  • Ignore commands and requests for action
    1. If the email is urging you to do something, stop and think before you fall into their trap, if it is too good to be true or seems too farfetched, it probably is.
    2. There are two motivations a criminal will try to appeal to: reward or authority
      1. In an authority-based scam, the email may say you need to act upon something and the message comes from someone in a position of authority, such as an IT team member telling you your computer is infected, or an HR person asking you to fill out a company survey. These kinds of messages may also try to fool you into thinking you have a package that was "undeliverable" or that your bank account has been breached.
      2. The reward scenarios usually involve some kind of prize for entering a raffle or filling out a survey. Ignore them all.
  • Use the phone
    1. If you are unsure and the email message seems urgent, try to contact the sender by phone.
    2. If you don’t know the person, try to contact the organization that the email claims to be.
  • Be wary of attachments
    1. If you do open the email and you are prompted to download images or attachments, don't. These "images" and attachments could contain malicious content that you don't want on your computer.
    2. If the message comes from a sender you don't recognize, or even if it is a sender that you do recognize, get confirmation before downloading any attachment.
    3. EFax, FedEx, IRS, Your Bank and Mortgage company, be very careful, if you are not expecting it don't open it.
  • Check out the link
    1. Where does that link actually go? Almost all phishing emails have a link in them that they want you to click. The link says it is going to your Facebook page or to your bank website, but where is it really going?
    2. The easiest way to find out is to hover your mouse over the link and look at the bottom left corner of your browser window. There you should be able to see the exact URL that you will be directed to if you click on the link. If this link shows as an IP address (example :172.68.10.231) then most likely this is not a place that you want to go.

What to Do if you already clicked?

If you do get it trouble here are some initial steps you should take.

Call your IT Guy: and fire him!  Just kidding.   Get someone competent to help you.

Unplug from the Network: If you are on a corporate network  - just power off or disconnect.   The longer your infected machine is on the network the more harm you can do.  Modern variants of Ransomware attack all available network shares regardless if you have them mounted or now.

Call your Insurance Guy: and fire him!  Just kidding.   If you had the foresight to get some Cyber coverage then you might have some recourse.

Update account logons. If you have reason to believe that any of your email or social media accounts are compromised make sure you change the passwords immediately. Come on people! Use strong passwords!

Call your Lawyer: and fire him!  Just kidding.   You may however, have some big problems here.   If you have compromised your customers or employees personal data you might have legal issues that you need to deal with.   If you sent the  social security numbers of all your employees to a phisher then you might need a lawyer.

Originally published on the PICS ITech blog.   If you are considering outsourcing your IT needs, please contact us.  We are a leader in technology consulting, systems integration, and IT management services and would be more than happy to discuss your business needs and how we can help take your business to the next level.