We have all heard many stories about the capabilities of ransomware and the damage it causes when you are attacked so in this blog, I just want to give you a bit of a refresher and maybe a few things to look out for and keep in mind because sometimes it looks friendly and it is not.

Ransom malware, or ransomware, is a type of software designed to block access to your computer system and personal files and is followed by a demand for a ransom payment in order to regain access to what belongs to you. While the majority of people might think “a virus locked my computer,” ransomware would in general be classified as a different form of malware than a virus, much more serious.

So how do you get ransomware? Here are some of the popular ways that a player will use to gain access. I use “player “because to them it is a game and they just want to win. The player will use a type of spam, where they will send an email with a malicious attachment to as many people as possible, then they wait to see who opens the attachment and “clicks into a trap,”. Malicious spam is an uninvited email that they use to deliver malware. The email might include rigged attachments, such as PDFs or Word documents. It might also contain links to malicious websites.

Another popular infection method is Malicious Advertising, which is the use of online advertising to distribute malware with little to no user interaction required. While you are browsing the web, even a recognized site, the player can redirect the user to criminal servers even when you don’t click on any ads. These servers will start to record details about the user’s computers and their locations and then select the best malware suited to send to them.

Malicious Advertising often uses an infected element that loads another HTML element inside of a web page known as an iframe, or a disguised webpage element, to do its work. What happens is the iframe redirects to a landing page, and malicious code attacks the system from the landing page via an exploit tool. This will all happen and you won’t even know it.

A more targeted means of a ransomware attack is spear phishing. What is spear phishing, it is when the player sends emails to employees of a particular company pretending to be the CEO or head of HR and requests the employees to download the new policy and terms &conditions documents or even ask them to take a moment and complete some attached survey for internal usage.  This is a method targeted toward high-level decision-makers in an organization.

There is even a Mobile ransomware where it displays a message that the device has been locked due to some type of illegal activity. The message will read that the phone will be unlocked after you have paid the fee. Mobile ransomware arrives via malicious apps and requires that you boot the phone up in a safe mode and delete the infected app in order to retrieve access to your mobile device.

It is critical to be prepared before you get attacked with ransomware a couple of key steps to take are:

• Install security software before you get hit with ransomware.
• Back up your important data (files, documents, photos, videos, etc.)
• Educate your employees to make sure they are very, knowledgeable and put in place procedures, etc. to follow.

If you are interested in learning more about how to protect from Ransomware today, our Mibusoft Team is her to help – contact us.