Knowing How Ransomware Works Can Help You Avoid Being A Victim
In a ransomware attack, an unsuspecting user clicks on a seemingly safe link in an email or downloads an emailed attachment that appears to be a bill or other official document.
Instead, the link leads to a dangerous website, or the attachment installs a malicious software program (malware) onto the computer system that encrypts the data and holds it at ransom. The user is then stuck without access to their data, and faced with paying the attacker a huge sum.
And it all begins with a seemingly harmless email – find out how to spot a threat like this in our latest video:
Check The Right Fields: If you’re unsure about an email, check the details on the email itself – specifically the “mailed-by” and “signed-by,” both of which should match the domain of the sender’s address.
Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it leads. While it may look harmless, the actual URL may show otherwise, so always look, and rarely click.
Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
Specificity: Another point to consider is how vague the email is. Whereas legitimate senders will likely have your information already (such as your first name) and will use it in the salutation, scammers will often employ vaguer terminology, such as “Valued Customer” – this allows them to use the same email for multiple targets in a mass attack.
Urgent and Threatening: If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
Attachments: Phishers will often try to get you to open an attachment, so if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.
In the end, the key to phishing methodology is that it doesn’t rely on digital security vulnerabilities or cutting edge hacking technology; phishing targets the user, who, without the right training, will always be a security risk, regardless of the IT measures set in place.
Like this article? Check out the following blogs to learn more: