Sent: 29-10-2013 13:50:06
In this issue:
Return to full article list
HomeFree weekly newsletterSelf Managed Super Fund ArticlesContact usLogin
Ransomware - be careful
It is a typical day at work. You download all your email and delete the obvious spam messages that were not filtered out. Out of those that remain one catches your eye as it invites you to claim many millions from your long lost Nigerian relative by simply completing the attached documents. In a moment of weakness you click on the attached file.
Nothing seems to happen and you go back to work. After a few minutes you notice that your computer is a little sluggish. Maybe it doesn't like Monday's either?
After lunch you get back to your desk to find a message on your monitor. You have been locked out of your computer because pirated software has been found on your hard drive and all your documents have been encrypted completely denying you access. Ouch! You knew you shouldn't have downloaded "The Walking Dead" series at work but who would have expected this?
After spilling your coffee and frantically trying to reboot your computer, to no avail, you read on. Below this message are instructions on how to buy a Ukash voucher number to enter and unlock your machine, all for the bargain price of $150.
After forking over your hard earned as instructed you get your computer back and a valuable lesson to boot. Don't open unknown attachments!
Welcome to the world of ransomware.
Whilst ransomware is not a new threat to navigate whilst using the Internet, it is an evolving one.
Ransomware is insidiously simple. Once you have been infected with the virus laden Trojan which typically hides itself on a host website or in a file attachment, the ransomware begins it task. It usually encrypts the contents of personal folders on the infected computer.
When it is complete it alerts the user to what it has done and provides instructions on how to pay to remove the encryption.
If you have a backup of your data then you can get yourself up and running again from that once the virus itself is removed.
Without a backup, you may be able to find an online tool to remove the problem and regain your computer and data.
Without a backup and if you are unfortunate enough to be the victim of a true encryption ransomware attack, then you have little choice other than to pay the fee demanded. Once you have paid the ransom, the virus then reverses the process and you have your data back.
A Northern Territory-based small business, was hit by ransomware that encrypted the company's data and threatened to destroy it unless the business paid them $3000. They paid the money, however, if they had kept regular backups they might not have had to.
Ransomware was very popular in Russia, however, its use has grown internationally. In June 2013, McAfee released data showing that it had collected over 250,000 unique samples of ransomware in the first quarter of 2013-more than double the number it had obtained in the first quarter of 2012
Ransomware will sometimes employ scare tactics to extort money from the infected user. The virus may, for example, display false warnings supposedly from the police or a company claiming that you have violated a law by having illegal content on your computer.
Ransom payments are often requested by wire transfer, premium rate SMS services, or online payment voucher systems like Ukash.
How do you avoid it?
To avoid ransomware you should practice all the normal principles of safe Internet usage.
- Make sure your virus software is up to date and active.
- Ensure you have a firewall operational.
- Ensure you have backups of your personal data.
- Most importantly in this case you should not open attachments on emails that have not come from a trusted source.
Remember, prevention in this case is far better and cheaper than the cure.
This email is general in nature only and does not constitute or convey specific or professional advice. Legislation changes may occur quickly. Formal advice should be sought before acting in any of the areas discussed. Be aware that the information in these articles may become innaccurate with time. Responsibility is disclaimed for any inaccuracies, errors or omissions. Particular investments are neither invited nor recommended and hence this publication is not "financial product advice" as defined in Section 766B of the above legislation. All expressions of opinion by contributors are published on the basis that they are not to be regarded as expressing the official opinion of any other person or entity unless expressly stated. No responsibility for the accuracy of the opinions or information contained in the contributor's articles is accepted by any other person or entity. Copyright: This publication is copyright. If you wish to reproduce this article you require a license, which can be purchased here, to do so.