Phishing scams are scary. Let's just look at the numbers alone. From January to September in 2015 an approximate 1.3 million people fell victim to these types of scams, costing them more money than you can imagine.
On top of that, the number of ransomware victims increased by a shocking 550 percent in less than a year, from 131,000 in 2015 to 718,000 in 2016.
So when phishing scams are combined with ransomware, it gets even scarier. And that's exactly what the new the CryptFile2 ransomware campaign is.
This new type of scam is targeting government agency employees by sending them hundreds of thousands of malicious emails for cheap flights in the hope of getting recipients to click, download a document and thereby infect their computer.
Here's an example of one of the emails going around. We've circled the obvious red flags so you know what to keep an eye out for:
You'll notice that the recipient is "firstname.lastname@example.org," the link to download a document, and the way the prices are listed. These are the immediate red flags you should be able to spot, in case you get an email like this.
Remember not to click on anything. If you click and download the attached document, malicious macros will be enabled. You'll see that the malicious document looks like this:
Once the macros are enabled, it's game over. From there, ransomware is installed on the computer and hackers will demand a payment via bitcoin to get your files back.
What to do with ransomware
It's now clear that ransomware is becoming hackers' go-to choice. Whether you're aiming to protect yourself, your family or even your business, you need a solid plan of action. That's why it's critical that you follow these steps.
1. Stop ransomware at a distance: Your best option to defeat ransomware is to keep it off your computers in the first place. Keeping your operating system and web browser up to date is critical. Security holes in these areas can let hackers bypass your security software to slip files onto your system. Learn how to install the latest updates for Windows, and how to make your web browser hacker-proof.
2. Stop ransomware before it runs: If you end up with hidden ransomware in your inbox that doesn't mean that the game is over. In fact, there's a simple way you can stop the ransomware before it starts. Don't click anything that looks suspicious.
3. Have solid online security protection: This is a no-brainer. If you use the internet, then you need to have solid internet protection.
What to do with phishing
What to look for:
- The "From" address. If the email address is from any type of address that looks like "email@example.com" or anything similar, delete the email immediately.
- Grammar. No matter how much it gets proofread, any company is going to occasionally send out an email with a spelling or grammar error. Fine. But phishing emails often contain glaring and obvious mistakes that you can catch without being a copy editor. Awkward phrases, missing punctuation and wrong capitalization are just a few places to start.
- Formatting. Are the paragraphs in the body of the email formatted correctly? Are some random words in bold? Are there extra spaces? Are there images included that don't make sense?
- In-body links. Remember that NOT ONE legitimate company will provide links for security issues. If there's a problem, the company will ask you to head directly to the company's website and enter your information there, rather than provide you a link to follow. You can also hover your mouse over the link to see where it really directs you. You'll discover that these links actually infect your computer with dangerous malware - all with just one click. As a rule of thumb, don't click any links if you think the email is suspicious.
- Non-corporate phrases. When was the last time you received an email from a major corporation that ended with "God bless you"? Remember, this isn't an email from your aunt. It's supposed to be from a multibillion-dollar international company that isn't going to risk offending anyone. Also, make sure there's a sign off, as scam emails have often just ended.
Rules of thumb:
- Don't download unsolicited email attachments, especially from unknown sources.
- Don't click on links in suspicious emails.
- Don't trust "official" emails from companies you don't do business with.
- Take a second to look at any "official" emails before you follow any instructions.