Cyber Safety – Think before you click on outside links!

Stew Nelson Senior Risk Advisor

Stew Nelson
Senior Risk Advisor

Recently, this email arrived in my email box from the head of our IT Department:

——————————————————

SUBJECT: Warning! – Cryptolocker Virus

 I just received the following from one of our support vendors.   The short version is: don’t open attachments or links unless you’re sure they’re legitimate. If there’s any doubt, call the sender and make sure.

 It department

——————————————————

The message went on to describe how, after somehow inducing an unsuspecting employee to click on a link that installs the crook’s software on your network which then connects up with the felon’s , they take control of your network.  Once they have control of your network they alter your back up routines so that it looks like your data is being backed up every day but actually it not!  After a few weeks without back-ups, they encrypt all your data!  Once encrypted, the first person that tries to access the data then gets a message from the attackers that their data and back-ups are not available. Yikes!  Next up – A ransom message is received that demands a ransom for the encryption key to restore all their data.  If the ransom is not paid the data remains encrypted and may even be deleted from the network server.  Consequently, the business owner has no choice but to pay the ransom or lose all their data.  Not a very pretty prospect to say the least, all because someone unwittingly clicked on a link they believed was harmless and meant for them.

I know you are thinking, “I would never click on a link if I did not know who it was from!”  Well what if the crooks added some text to the message that said, “Take a look at the pictures from your son Bobbie’s last high school baseball game,” what would you do?  Think about it for a second. Would you click?  Now it gets a little harder to say, “I would never click on a link that I did not know who sent it. “ Well, the bad news is, that is what the organized crime folks are doing by using information from personal sources like you local newspaper, facebook or Linkedin to find something about your personal or work life to break the ice, and then they have you…and possibly your data.

So the real take away here is – Think before you click on outside links!  The bandits are getting smarter everyday and we have to stay smarter.   Pass the word.