You have likely heard of recent online security threats called Cryptolocker and Gameover Zeus, which have created havoc for millions recently. The FBI says that instances of both threats and malware like it are on the rise, and we at TekLinks have noticed an increasing number of incidents related to it. It can take hours or even days to remediate these threats and some cases result in data loss, so please take considerable caution to protect yourself, your users, and your data.
You may wonder why these malware infections in particular continue to be an issue – in essence, it is because the malware’s authors have been both nimble and persistent. There has been a concerted effort to pump out new variants, keeping ahead of changes in protection technology, and targeting different groups over time.
In order to combat such persistence it requires a combination of prevention practices from both technology and users. We highly encourage you to pass along the following information to your employees and users to help mitigate the risk of these threats.
The Risks
Your computer could become infected by malware, such as CryptoLocker or Zeus, when you inadvertently:
-Open a malicious attachment in an email.
-Click on a malicious link in an email, instant message, social networking site or other website.
-Visit a malicious website - often these are of a pornographic nature.
-Open infected files from web-based digital file delivery companies (for example Hightail, Box, and Dropbox).
-Open corrupt macros in application documents (word processing, spreadsheets etc).
-Connect malicious USB connected devices (e.g. memory sticks, external hard drives, MP3 players).
-Insert malicious CDs/DVDs into your computer.
Avoidance
-Do not reply to, or click on links contained in, unsolicited or spam emails from companies or individuals you do not recognize.
-This is worth repeating: Never click links in emails or download files from people you do not recognize. Computers are commonly infected with malware when a user downloads a malicious program (files ending in “.exe”). Most often these come via deceptive links or attachments in emails.
-Do not respond to emails asking for you to reset your password. Never click the links in these emails. Instead, go directly to the intended website to reset your password. Hackers often create fake emails from common institutions (banks, credit card companies, etc) to trick you into clicking the links.
-Visit only websites you know to be reputable.
-Ensure you have effective and updated antivirus/antispyware software and firewall running before you go online.
-Regularly back up all your data. Some malware can also infect your cloud-based storage.
For information on how TekLinks can help you avoid Cryptolocker and phishing attacks, email us at info@teklinks.com