Ransomware emails: How to identify

November 12, 2018

 

 
Ransomware emails: How to identify and steer clear of them
 
Ransomware attacks have suddenly become more prevalent. Each year sees more of them. Hospitals, NPOs, shipping giants, etc., have all been victims of ransomware attacks. Your business could be too! Did you know that emails are one of the most common gateways for ransomware to get into your systems? In this blog, we tell you how you can stay safe by following a few tips.
 
If you think something is amiss, it probably is
Does that email seem unfamiliar? As though you weren’t meant to get it, or it doesn’t quite sound like your colleague wrote it? Perhaps it’s not. Malicious email senders often try to mask actual email IDs with something similar. For example: An email you believe to have come from billing@yourvendor.com might actually be from billing@yourvemdor.com. So take a good look at the email ID if you spot something ‘phishy’.
 
Attachments and form fills
Does the email contain an attachment that you are being asked to save to your computer? Or an executable file that you are asked to run? Perhaps you are asked to submit your personal details at an authentic looking website. Before you do any of these, check the authenticity of the email and the message. Were you supposed to receive it? Were you expecting an attachment? You might even want to call the sender and confirm if you are unsure.
 
The message seems to instill fear or a sense of urgency
Often, malicious email messages urge you to take immediate action. You may be asked to log onto your ‘banking website’ ASAP to prevent your bank account from being frozen, or enter your ITR details onto a webpage to avoid being fined by the IRS. Real messages from your bank or the IRS will never force or hurry you to do something.
 
Other things you can do
 
Regular data backups
Conduct regular data backups so that in the eventuality of a ransomware attack, you don’t lose your data. Cybercriminals having access to your data is bad enough–it damages your brand and business reputation and can even attract lawsuits from parties whose personal information has been compromised, but, not being able to retrieve all that data in the aftermath of an attack is even worse. Regular backups help you in that regard, plus when you have a pretty recent data backup you are not reduced to the state of helplessness where you HAVE to pay the ransom to retrieve your data.
 
Install an anti-malware tool
Last, but not least, invest in anti-malware tools that can detect malware attacks and alert you before you fall prey to them. Such tools scan emails, links and attachments and alert you if they are found suspicious.
 
No matter how big or small a business you are, ransomware attack is a reality and applies to you. It is better to be prepared than having to cough up huge sums of money to free up your data later and even then there’s no guarantee your data will be restored by the cybercriminal.