If you haven’t heard much about ransomware and malicious viruses lately, well, you may not be paying close enough attention. In November, a county government in Indiana paid $21,000 to cybercriminals after its systems were infected by a version of the Crypto virus that’s plagued the Internet for years. In February, a Hollywood hospital forked over $17,000 in Bitcoins to regain control of its data. And just last week, a sheriff’s office in Arkansas coughed up $2,400 to unlock the systems encrypted by hackers.
Even more terrifying is a recent ransomware variant called Popcorn Time that uses a shocking new pyramid scheme-style system to increase infections: the software transforms victims into attackers by offering them a way to bypass paying ransom — if they willingly pass on the malicious link to their contacts and two or more of them install it and infect their own computers.
Reports have begun surfacing about a similarly nefarious virus delivered via fake DocuSign email requests. Users who click on the link assuming it’s a legitimate document they need to sign will have their email accounts immediately infected, with the virus then scanning every single contact in Microsoft Outlook to deliver the same infected email. Like Popcorn Time, the new DocuSign request looks like it’s coming from the infected user’s real account, tricking contacts into clicking on it and becoming infected themselves.
The virus then deletes those contacts and creates an Outlook rule to send all incoming emails to trash so that the infected sender will remain unaware that they have a problem. As of this week, common anti-virus programs have missed these fake DocuSign requests, and without a reliable data backup solution in place, the deleted contacts and calendars are not recoverable from within Microsoft Outlook.
Feeling frustrated about the widespread scourge of ransomware, malware, and computer viruses is justified. But it’s also smart to direct some of that energy toward proactive protection of your technology and critical business information. CMIT Solutions recommends the following tips to keep your systems and your data safe:
1) Don’t click on ANY link in ANY email without checking it first.
Most email programs let you preview a link by hovering over it with your cursor. If the domain name that appears has no connection to the sender of the email (say, something other than DocuSign.com in that DocuSign email request) or it shows up as an incomprehensible list of letters and numbers, it’s probably not safe to click. Any legitimate email from an organization will redirect you to a link with that company’s actual domain name in the URL address.
2) Don’t open ANY attachment from ANY sender you don’t recognize.
Hackers use a variety of delivery methods for malware and ransomware: PDFs, ZIP files, audio files that look like they’re voicemail messages, shipping or banking notifications… The bottom line is, if you aren’t expecting a specific attachment from a specific sender, NEVER open any file that arrives with an email you aren’t sure about.
3) If you don’t have reliable and regular data backups in place, stop what you’re doing and implement it today.
If you do get infected by ransomware, there are only two ways to regain access to your data: 1) by paying a ransom to a shadowy cybercriminal or 2) by retrieving your backed up information, wiping your infected system clean, and starting fresh with the critical data that was (hopefully) backed up that very same day.
At CMIT Solutions, we specialize in robust data backup and disaster recovery plans that can minimize the impact of ransomware, malware, and viruses. We also rely on multi-layered security solutions that go above and beyond the call of duty to keep you safe from rapidly changing cybersecurity threats. Don’t wait for a ransomware, malware, or computer virus disaster to strike before putting a data security plan in place. Contact CMIT Solutions and we’ll help you protect your business’s most valuable asset — its data.