Think before you click…
or your computer could lock you out…
All users of Windows should know about ransomware.
Ransomware is everywhere these days. So it’s becoming harder and harder to hide from it. Cyber-criminals are beginning to abandon other more labor-intensive scams (like credit card theft or identity theft) in favor of ransomware, which returns huge financial rewards, with very little effort or risk.
In the past, identity theft, credit card theft and fraud, and bank account fraud accounted for over 90% of financial losses incurred by individuals. But these kinds of thefts & scams are labor intensive. The cyber-criminal has to trick individuals into giving up passwords, bank account numbers, credit card numbers, or all of these. Then the cyber-criminal has to act – either draining bank accounts, charging goods to a credit card or using the passwords obtained by phishing to access other financial accounts of the victim. The chances of being caught are significant.
With ransomware, all the cyber criminal has to do is send out millions of phishing emails, get a small percentage of the recipients to click a link and download their ransomware. Once the victims install the ransomware, all their personal files are immediately and irrevocably encrypted and the only way to get access to those files back again is to pay the ransom.
Ransoms are generally paid using cyber currency (usually Bitcoin) and range from $200 to $8000. The victim has a choice: lose access to all their personal files or pay the ransom. All the criminal has to do is sit back and wait for the ransom money to flow into their account. Hopefully, the decryption key is sent to the victim once the ransom is paid. Importantly, the chances of these type of cyber criminals being caught are less than with other forms of cyber theft and fraud.
According to Cybercrimes Watch, over 75 million phishing emails are sent every day – and a whopping 93% of those now contain links to automatically downloadable ransomware. According to the FBI, the ransomware business now generates over $2.3 billion dollars for criminals annually. And that could be just the tip of the iceberg as it includes only the 17,000+ reported cases.
The future is scarier
In the near future, we’re almost certainly going to see ransomware using AI (artificial intelligence) which will make the situation even more frightening.
Business Insider began an article with the following paragraph:
Imagine you’ve got a meeting with a client, and shortly before you leave, they send you over a confirmation and a map with directions to where you’re planning to meet. It all looks normal — but the entire message was actually written by a piece of smart malware mimicking the client’s email mannerisms, with a virus attached to the map.
It sounds pretty far out — and it is, for now. But that’s the direction that Dave Palmer, director of technology at cybersecurity firm Darktrace, thinks the arms race between hackers and security firms is heading.
As artificial intelligence becomes more and more sophisticated, …it will inevitably find its way into malware….
Malware will learn to mimic people you know
It’s already possible to teach AI software to mimic writing styles — whether that’s ‘clickbait’ viral news articles or editorial columns from The Guardian. In the future, malware will be able to look through your correspondence, learn how you communicate, and then mimic you in order to infect other targets…”
So, how can you avoid being a victim of ransomware?
The same old advice we’ve been giving you for years still applies.
- THINK BEFORE YOU CLICK a link in an email.
- Never open an attachment to an email unless you know what it is, who sent it, and you were expecting it.
- If an email looks suspicious, delete it. Don’t take chances. If it appears to be from a friend, but you’re not sure, call the friend to confirm the transmission. If you are suspicious about an email from a business and it’s one that appears to require action on your part, contact the business. NEVER randomly click links if you’re not confident about the source of the email. Email headers and return addresses can be easily forged. THINK BEFORE YOU CLICK.
- Banks, credit card companies, and financial institutions never send emails requesting that you click a link to verify your account or your password – or to tell you your account has been compromised and you need to log in to change it. NEVER. NEVER. NEVER. If you get an email from your bank, credit card companies, or other financial institutions, phone the company. It is very unlikely that the financial institution has sent the email. THINK BEFORE YOU CLICK.
Antivirus software does not guarantee defense against ransomware. You should search the Internet for reputable anti ransomware programs such as WinPatrol AntiRansomeware, Hitman Pro Alert, Zemana Anti-malware and McAfee 2017.
Be careful out there…and always THINK BEFORE YOU CLICK.
Thanks to Robert W. for the suggestion of this topic.