Fake ransomware is costing businesses plenty.
As IT systems become more advanced, so too do the hackers that try to infiltrate them. Ransomware, the act of blocking access to files, or a whole computer/network until a ransom is paid, has grown extensively over the past few years. Now fake ransomware is having a financial cost to businesses as well.
According to a study by security firm Kaspersky, a business is attacked by ransomware worldwide every 40 seconds. There have been several high profile cases over the past few years, such as the Hollywood Presbyterian Medical Center which was held to ransom for $3.4, although they only paid $17,000 in the end.
Businesses are rightly concerned, and they should be. Ignoring such threats is what allows them to take a hold. But this wariness can be detrimental.
Enter “fake ransomware”.
An email designed to scare you into thinking you have been compromised, and pay up, when in actual fact you haven’t been hacked at all. The scariest thing is that this fake ransomware can sound extremely convincing. Due to the extensive number of high profile data leaks and hacks the world over, hackers have access to millions and millions of emails and potentially old passwords.
Some of these fake ransomware emails will include some or all of an old password, not all.
By threatening that they have found a “chink” in your armor, it’s easy to get dragged into the lie, but this doesn’t mean your system has been compromised.
it’s important to remember that these ransomware claims are often sent in bulk, to hundreds of thousands of recipients, in the hope that one bites. Some are so broad that they might claim they have “compromising intimate content”, which means nothing if you have no intimate content to hide!
So what do these scam emails look like?
- They may appear to be sent from your email – masking the original source
- They may claim to have intercepted a password you entered on a website
- They may threaten to pass the hack onto your friends/family/contacts
- They may claim to have infiltrated your webcam/camera
- They may claim to have installed a Trojan on your computer which they used to spy on you
- They will almost always ask for payment via Bitcoin or some other cryptocurrency
Crucially they might claim to block your device if payment is not received within their specified timeframe, for example 2 days. If you have any doubts, wait and see chances are your device won’t be blocked at all, and it’s just a mass mailshot.
What to do?
If they don’t give you a password you used, there’s no evidence they compromised it. But it’s still good practice to change it.
If they have given part or all of a password you once used, ensure you change your password anywhere you may have used it.
Article written by Robinson Technology Solutions, an IT support & IT security contractor serving Orange, CT and the rest of New Haven County in the USA. If you’re a business in this area and need IT support, reach out 888-608-0044