Thank you for clicking that link!

“Thanks” is what cyber-criminals might say right after they get your ransom payment to unlock your systems and files from a ransomware attack. In this BlogBytes, we will look at the most common approach taken by cyber-attackers to infect systems.  We will also discuss how you can defend against this costly cyber-warfare by taking precautions and using LTO technology.

You’ve got mail

As noted in a CSO article, 92 percent of malware is delivered by email. Cyber-criminals are relentless and will embed a friendly looking link or seemingly innocent file into an email, just begging for the user to click it. The links and files may be disguised to look like a familiar item that you have worked with before. This is known as phishing.

As an example, a phishing email may falsely claim that a user’s account is going to be put on hold or canceled unless the user takes immediate action by clicking the embedded link and providing credit card, password or other personal information. Once that account information is provided, the cyber-criminal has the financial and personal data to cause costly havoc.  Or, the link/file may launch malware that can be used to hold files and systems hostage in the form of ransomware until the user pays up! What are some cyber-tricks used to entice recipients to click that dangerous link? Read on to learn more.

Don’t take the bait

There are several elements used in phishing emails to get the user to play along. Don’t do it – don’t take the bait!  Phishing.org lists elements to be wary of, including:

Hyperlinks – watch out for links that are not what they appear to be.  A popular website name could contain a small spelling mistake leading you to think it is friendly when in fact it’s not. For instance, Bank of America’s website could be incorrectly spelt as such “www.bankofarnerica.com” ‘. Clicking on that link could then enact malicious activity. Top tip: Hover over a link if you are unsure to show the real URL and where it will lead.

Attachments – If you see an attachment in an email that you were not expecting or if it looks suspicious, don’t click on it! It can contain ransomware or other malware that can infect your computer and potentially spread to other company files and systems.  When in doubt consult your IT security personnel.

Unusual sender – check the sender id carefully; if the sender is a stranger or anything seems out of the ordinary, unexpected, or suspicious – don’t trust that email!

What else can you do?

Encrypt online files at your prime location and in the cloud. In addition, keep a set of critical files offline so that malicious code cannot reach them.

LTO technology  offers offline data protection. When a tape cartridge is removed from the tape drive, the files on the tape are no longer accessible to systems. Therefore, malware and hackers cannot get to them. Protected offline files can be used to restore infected files and minimize the damage caused by ransomware and other viruses.  In addition, LTO technology provides built-in data encryption to further protect critical information.

Closing remarks – be cautious and always aware. Analyze emails for suspicious senders, links and attachments. When in doubt, leave it out and secure your files by using LTO technology for offline data protection against ransomware and malware.