Please give us a few moments whilst we get your account ready.
Looks tempting? Follow the link and enter your details to find out more… Is one possible way that you could be enticed to follow a bad link to a malicious website. Unfortunately, malware is only one of many ways that hackers and cyber criminals can attempt to pry your cash from you but it is a threat to be wary of.
Spam filters and mailbox rules can only catch so much and with email based attacks growing in number and in quality, it could be easy to get caught out. I recently received one of these malicious emails, from “Apple” and on the face of it I was convinced.
The email contained my Apple ID (personal identifier) although this was the same as the email address that had received the mail, it could be enough to start convincing of its legitimacy, and had I not been paying attention could have easily been enough for me to follow a malicious link.
It also had correct contact and address information for Apple HQ in California and a high-resolution logo, these were minor details but as part of the wider picture, they’re convincing. Finally, there was what looked like a valid invoice for a transaction I had supposedly made through the app store.
So where does the scam begin?
As with any real invoice, there was a summary of the “purchase” and a link to follow if I had not purchased this, where in a normal situation I would be able to claim back my money and the situation would be resolved.
However, having not recognised the name of the App I had supposedly purchased I decided to check the email address that the mail had come from. Not an Apple address. Not anything of the sort in fact, as I was greeted by a series of numbers and letters from a domain that couldn’t have been anything but untrustworthy.
At this point, I flagged the email as junk and then made sure I deleted all traces of it from my junk mail. Had I followed any of the links on the page though, one of two things could have occurred.
The first situation, sees me following a link through to a convincing looking Apple landing page. On this page, I am asked for my Apple ID and password to begin the process of refunding my “purchase”. By now my secure information has been freely handed over and the cyber-criminals behind this could access my account, make purchases of their own and even see my bank account details.
But why would they stop there?
If at this point I am still convinced, unaware that the site is in fact not Apple, what is to stop me from entering my bank details to ensure my money is returned safely only to later find that there is fraudulent activity on my bank account.
The second situation, similarly I follow a link through to a website which again looks convincing, a customer service page with some helpful links and information. Automatic downloads enabled or the wrong link clicked and before I know what has happened my screen has gone dark.
In the background, a malicious download has occurred and my computer is infected with Ransomware, my files, photos and work are all encrypted. Fortunately for me though the thoughtful cyber-criminals have given me a way to get my data back, a payment of up to £8,000.
Malicious emails are only one way that a cyber-criminal could attempt to lure you into the trap and it is unlikely the email I received was a solo effort. Once they’ve perfected their template they can mass mail from untraceable email addresses to their heart’s content, or pockets more likely with Ransomware predicted at having been a $1billion pit-fall in 2016.
This email was sent to a personal email account and was isolated, however large scale ransomware attacks won’t stop after one machine. Had this scam targeted a business, a school or a hospital, storage servers, applications, PCs and laptops could all have been infected causing chaos.
With threats evolving and changing form at an increasing speed, traditional methods of protection such as anti-virus and filtering are still important but need to complemented. Best practice for all users, as individuals and at an organisational level, should see data being backed up to a secure off-site location.
A simple three step guide to data protection –
Having a secure, off-site copy of backup data gives the peace of mind in knowing that should a disaster strike, whether it’s a natural or accidental disaster or a cyber disaster, all data can be recovered.
Although having an off-site backup won’t be able to stop an attack such as malicious emails, virus attacks or ransomware, it will help limit the effects of an attack of this kind.
On-site backups are a suitable way of protecting data, so long as the data is encrypted and is stored securely in an off-site location after the backups are taken. Unencrypted backups can pose security threats if backup media is lost or misplaced and keeping backups on-site opens up the threat of all data being lost in a disaster.
When it comes to ransomware attacks, network attached backups are at risk; If ransomware strikes it will encrypt everything.
March 31st will celebrate World Backup Day; an initiative set up to raise awareness of the importance of backing up data, whether at a personal or organisational level. With almost 20 years’ experience in managing and protecting data, Redstor are proud supporters of the initiative and the benefits of having secure backups.
The recent ransomware attack on Kaseya, a cloud-based IT and security management provider services company that supplies tech-management tools to customers worldwide, has the potential to be the most serious cyber-criminal incident this year.Continue reading