Monday 13 January 2014

Recent Computer Scam of ‘Significant Risk’


Remain Vigilant & Ensure Virus
Protection & Firewalls are up-to-date
Vigilance is always required when looking after your IT systems. There are always new scams trying to infiltrate your systems and damage them, or even steal from you. 
We regularly have to repair systems which have been affected so we encourage everyone to make sure they have up-to-date protection, but users also have to play their part.

One simple piece of advice is to never open an email with an attachment unless you know exactly who it is from and are expecting it. Be particularly careful of .zip or .exe files. Opening these can unleash a piece of software called a Trojan. Named after the Trojan Horse of Greek mythology, a Trojan needs to be allowed in to your systems but once there it can wreak havoc. One classic access route is the user opening a zipped (.zip) or executable file (.exe). An email with an executable file often looks like it contains a software program so might appear to be offering you something useful.

A cunning trick used by some viruses and Trojans is to send itself to everyone on an infected computer’s contact list. So you might receive an email from someone you recognise and think it is genuine, but it could actually be a mechanism for spreading a Trojan. This is why the advice is to make sure you are expecting the file, rather than merely recognising the name. If in doubt, call the person and ask if they deliberately sent it to you or not, before you open it.

One recent example was ‘cryptolocker’, which was serious enough for the National Crime Agency to issue a ‘significant risk’ alert. Cryptolocker encrypts files on your computer, such as photographs, documents, databases, PowerPoint presentations – anything that might be useful to you – and then issues a ransom notice on your computer, giving you 72 hours to pay up. If you don’t, the encryption key will be deleted which means you will permanently lose access to the files. It’s fiendishly clever but also an absolute nightmare if you get trapped by it.

We’ve written several articles in the past about protection, such as Spam and Viruses, Remote Security and Secure Remote Working, but the key pieces of advice are:
  • Make sure you have a high-quality protection system in place with virus protection and firewalls. Speak to a reputable IT support company if you need assistance.
  • Keep your protection up-to-date. A good system will do this automatically in the background but you will need to periodically renew it to maintain your protection.
  • Keep an offsite back-up and perform it regularly. In the event of being held to ransom by cryptolocker, for example, you could dump the old computer and reload everything you have on it to a new one from your back-up. It needs to be offsite and remote though, as cryptolocker will seek out any drives connected to your computer, such as external hard drives or cloud solutions and also encrypt files found there.
  • Exercise sensible precaution as you would do in your own home. Would you let an unexpected visitor into your home without checking their credentials first? You should use the same principles when letting files and data into your computer systems.

No comments:

Post a Comment