6 ransomware attacks you need to watch out for
It doesn’t matter if you’re working on a home computer with lots of sensitive documents and family photos, or if you’re a small business owner with years of client files and tax records. You’re likely storing more data than you realize.
Cybercriminals know you value your files, so they threaten you with ransomware. The most common way to fall victim is through phishing attacks from malicious links or corrupt documents. If you don’t pay, there goes all your data. Worse, you can pay and the criminal could delete it anyway.
You don’t have to be a victim. Back up your files and keep them safe in a cloud service. We recommend using our sponsor, IDrive. Get 90% off 5TB of cloud backup at IDrive.com when you use promo code Kim at checkout.
Nasty ransomware attacks making the rounds
Ransomware strains can cripple tons of systems all over the globe — it just depends on how successful the distribution campaign is behind the strain.
Emsisoft recently published a report detailing global ransomware stats for Q2 and Q3 of 2019. The report is based on data submitted to the company between April 1 and September 30. It includes more than 230,000 submissions.
Even though you hear more about ransomware attacks on governments and businesses, the most prevalent ransomware targets home users, especially those who use pirated software from torrent sites. Here is a list of the six most commonly reported ransomware strains of 2019, according to Emsisoft:
1. STOP (DJVU)
STOP, aka DJVU, was the most commonly reported ransomware strain during Q2 and Q3. It actually accounted for 56% of all submissions.
This ransomware variant targets home users and is mostly distributed through torrent sites. It hides in applications like key generators that are used to activate paid software for free.
2. Dharma
Dharma was the second most common strain of ransomware during the time period in question. It’s been around since 2016, but saw a spike in activity in recent months.
This variant typically targets businesses and has impacted a number of organizations, including a hospital in Texas. The ransomware encrypted hospital records and files that contained critical patient records like names, Social Security numbers and credit card information.
3. Phobos
Phobos is similar to the Dharma strain and was first reported earlier this year. It primarily targets businesses and public organizations. In July of 2019, a Wyoming school district lost access to data after being hit with Phobos.
The ransomware variant entered the school district’s system through a brute force attack on an outside port. Officials with the school district ended up paying nearly $40,000 worth of Bitcoin to recover the encrypted files.
4. GlobeImposter 2.0
In June of 2019, an Auburn Food Bank was hit with GlobeImposter 2.0. Nearly all of the food banks’ computers were encrypted by the ransomware.
The food bank’s director chose not to pay the ransom. Instead, they opted to wipe the affected systems and rebuild their network. It wound up costing about $8,000 in recovery costs. The unfortunate truth is they could have saved all that time and money if they’d had a backup in an off-site cloud service, like IDrive.
5. Sodinokibi
Sodinokibi, aka REvil, was first spotted in April of 2019. This is what’s known as ransomware-as-a-service and relies on affiliates to distribute and market the ransomware.
Its specialty is using advanced techniques that help it avoid being detected by security software. Sodinokibi attacks were primarily in Asia, but have recently spread to European organizations and could end up attacking victims around the globe.
6. GandCrab
GandCrab is another ransomware-as-a-service variant. Like Sodinokibi, GandCrab was constantly updated by the criminals behind it to keep it from being detected by antivirus software.
Once installed, GandCrab locks Windows files using RSA encryption and it displays a ransom note demanding payment for the “GandCrab Decryptor” needed for unlocking the files.
Ways to protect against phishing scams and ransomware
Since phishing scams are the most common way for your device to be infected with ransomware, it’s important you know how to stay protected from them.
Here are a few suggestions to avoid falling victim to phishing attacks:
- Be cautious with links – If you get an email or notification you find suspicious, don’t click on its links. It’s better to type the website’s address directly into a browser. Before you ever click on a link, hover over it with your mouse to see where it’s going to take you. If the destination isn’t what the link claims, do not click on it.
- Watch for typos – Phishing scams are notorious for having typos. If you receive an email or notification from a reputable company, it should not contain typos; however, scammers are getting better at tricking people and are making phishing emails look more realistic than ever, so be cautious — even if you don’t spot mistakes.
- Use multi-level authentication – When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question, before you log into any sensitive accounts.
No one is perfect. No matter how vigilant you are in trying to avoid phishing scams, there is still a chance you could fall for one, resulting in an infected device. That’s why you need to stay a step ahead. The best way to outsmart a ransomware scammer is to have your critical files backed up before they’re compromised.
IDrive helps protect you from scammers and hackers in major ways, while also being a great data storage system for your computer and other devices. Keep scammers away from your data and get IDrive today. Get 90% off 5TB of cloud backup at IDrive.com when you use promo code Kim at checkout.
Tags: cloud backup, cybercriminals, hackers, security