The Biggest Ransomware Attack Ever

The Biggest Ransomware Attack Ever

On Friday, July 2nd, an affiliate of the REvil gang (Russian-linked) infected millions of victims in at least 17 countries via the US IT software company Kayesa. Our cybersecurity team has learned that the company’s software was used to slip into victims’ systems, which they’re now holding hostage.

 

The hackers have demanded $70 million in cryptocurrency to end what is now the biggest ransomware attack on record. The attack was specifically timed for the 4th of July holiday weekend when most office workers would be out of office. As reported in The Washington Post, most of the 1,500 victimized organizations were public agencies and small businesses.

 

The ransomware attack “has temporarily shutdown hundreds of Sweden’s Coop grocery stores because the cash registers locked up. The full scope of the attack probably won’t be known for quite some time.” The Associated Press noted that “due to the potential scale of this incident, the FBI and CISA may be unable to respond to each victim individually.”

 

Unfortunately this is not REvil’s first attack. Last month, timed with the Memorial Day weekend, the group extorted $11 million from meat supplier JBS after forcing it to shut down all of its manufacturing facilities.

 

Please contact us 24/7/365 at 888.966.4827 (GUARD) if you have any concerns or suspect identity theft. Additionally, you can email [email protected]. Day or night, we’ve got your back and will always be open for you.

 

Photo by Bermix Studio on Unsplash

The Quick Rise of Phishing Scams – Do Not Click!

The Quick Rise of Phishing Scams – Do Not Click!

Many of us have been experiencing much more free time on our hands, which is great if you enjoy the sport of fishing, have a pile of books to read or Netflix shows to catch up on. Unless you are on the front line, life, as we know it during this pandemic, has forced the majority of us to slow down.

 

Our ‘new normal’ environment is a breeding ground for scammers to take advantage of you and your identity. Last month we wrote several blogs that specifically discussed the various types of coronavirus scams we had been witnessing. Check out Coronavirus Scams Are on the Rise, And More Coronavirus Scams, and Working From Home Cybersecurity Tips if interested in a quick refresher course or two.

 

Over the last two weeks we have seen a 70% increase in email phishing scams during this pandemic, which has undoubtedly touched every facet of our lives. These phishing scams may come across as emails and/or posts promoting coronavirus awareness. These messages will often offer prevention tips on how to stay well, what the symptoms of the virus may include and what to do in case you or a family member feel ill. Some are even creating fake “cases” of COVID-19 in your neighborhood so you feel more inclined to help out. They also may be asking you to donate to victims, offering advice on unproven treatments, or contain malicious email attachments. Don’t fall for any of it … but, in case you do, we suggest that you read our blog from October 2019 Accidentally Clicked on a Phishing Link – Now What?.

 

Today our advice is very simple: If you are not 100% certain of the origin of the email and/or link that you are being asked to click on … DO NOT CLICK. If for some reason you accidentally do click, there are some imperative steps to take to alleviate harm to you and/or the network you may be connected with:

 

– Try not to panic. This happens to everyone. Antivirus and anti-malware will come into play and you will need to have a full system scan. But first …

 

– End the session immediately by turning off Wi-Fi, unplugging from an ethernet cable or completely shutting down all of your devices.

 

– Initiate a back up of your files. Since you won’t be connected to the internet at this point, you won’t be able to accomplish this to the cloud. Having an external drive, DVD or thumb drive are always nice to have on hand during times like these.

 

– Change your login/password to email account(s) and enable two-factor authentication if this hasn’t already occurred.

 

– If you are employed by a company or organization, reference your manual and let your network administrator know of the potential issue.

 

– After all is said and done, check your antivirus/anti-malware software and run a full scan.

 

Being informed of what steps you may need to take before a slip up happens can help ease the potential damage (and your stress level) if it does. Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 1.888.966.GUARD (4827) and [email protected].

Working from Home Cybersecurity Tips

Working from Home Cybersecurity Tips

Coronavirus has forced millions of Americans to work remotely from their homes. Although working from home helps with social (physical) distancing by preventing the spread of COVID-19, there are many new challenges that have come with teleworking. For example, many states have closed schools for weeks, and for some, the entire rest of the school year. Parents may be juggling work while their children are learning remotely. You may find yourself becoming an expert with practicing mindfulness along with new software and conferencing programs, such as Zoom and GoToMeetings (or if you aren’t, your children blessedly are).

 

As we are being forced to slow down the pace of everyday life, we recognize that a lot of good can come out of this time. But, on the other side of the coin, there is the growing opportunity for cybercriminals to trick us into forking over passwords during this learning transitional period. Reuters reported last week that “some researchers have found hackers masquerading as the U.S. Centers for Disease Control and Prevention in a bid to break into emails or swindle users out of bitcoin, while others have spotted hackers using a malicious virus-themed app to hijack Android phones.” Our blogs last week provided some details on these new scams.

 

The Federal Trade Commission (FTC) has some tips to help protect your devices and personal information while working from home:

Start with cybersecurity basics. Keep your security software up-to-date. Use passwords on all your devices and apps. Make sure the passwords are long, strong and unique. The FTC suggests using at least 12 characters that are a mix of numbers, symbols and capital and lowercase letters.

Secure your home network by starting with your router. Turn on encryption (WPA2 or WPA3), which scrambles information sent over your network so outsiders can’t read it. If no WPA2 or WPA3 options are available with your current router, considering replacing your router altogether.

Keep an eye on your laptop and make sure it is password-protected, locked when you aren’t using it and secure. We suggest that it is never unattended, such as out in plain sight in a vehicle. Even if your doors are locked, windows can easily be broken.

Securely store your physical files. Strong physical security is an important part of cybersecurity. If you don’t have a file cabinet at home that is lockable, consider using a locked room. Read this blog by the FTC to learn more tips about physical security.

Dispose of sensitive data securely. Invest in a shredder if you don’t already have one. Throwing paperwork you no longer need in the garbage or recycling bin can be a treasure for a pirate especially if it includes personal information about customers, vendors or employees.

Follow your employer’s security practices. Since your home is now an extension of your office, make sure that you understand the protocols that your employer has implemented.

 

Be smart. Be vigilant. Be strong. Please don’t hesitate to reach out if you need help. We are available 24/7/365 for you and your family members at 888,966.GUARD (4827) and [email protected].

.

And More Coronavirus Scams …

And More Coronavirus Scams …

We are monitoring updates surrounding the coronavirus (COVID-19) pandemic around the clock. This environment is a breeding ground for scams to take advantage of you and your identity. Rest assured that we are here to help and will communicate with you every step of the way.

 

The following is the latest information that we know of regarding coronavirus scams:

 

– The Federal Trade Commission (FTC) sent warning letters to seven sellers of scam coronavirus treatments. The FTC reported that “So far all of the companies have made big changes to their advertising to remove unsupported claims.” That is good news. But, scammers never take a break.

 

– Anyone can set up an e-commerce site and claim they have in-demand products. Be on the lookout for online ads that tout cleaning, household and health/medical supplies. Just because they have a website and you pay money doesn’t mean that you will receive any goods in return. The FTC suggests that you check out any seller by searching online for the person or company name, phone number and email address along with keywords such as “review,” “complaint” or “scam.”

 

– Anyone can also set up a fake charity to take advantage of a major health crisis. These scammers take advantage of your generosity and have names that are extremely close to the names of real charities. The FTC remarked that “Money lost to bogus charities means less donations to help those in need.” We suggest that you visit http://www.ftc.gov/charity to help you research charities. Also, if/when you do give, pay safely by credit card and never by gift card or wire transfer.

 

– As well, anyone can pretend to be someone you know. “Scammers use fake emails or texts to get you to share valuable personal information – like account numbers, Social Security numbers, or your login IDs and passwords.” If you accidentally click on a link, they can get access to your computer, network and/or install ransomware and other programs on your equipment that can lock you out. Please protect your smart phone and computer by keeping your software up to date and using multi-factor authentication. Backing up your data on a regular basis is also recommended.

 

– Surprisingly robocalls “pitching everything from scam coronavirus treatments to work-at-home schemes” are still in full force. Do not answer unless the call shows up as a contact in your phone. Let voicemail filter your messages. For more information on robocalls, visit https://www.consumer.ftc.gov/articles/0259-robocalls.

 

We understand that all of this is indeed nerve-wracking. One of the great things about our business is that we are always working in the moment … situations such as the coronavirus do not rattle our operations and team members. Not only do we have a team at a centralized location, but we have also always worked remotely. We will continue to be available for you 24 hours a day, 7 days a week, 365 days a year. We hope that this gives you some peace of mind knowing that we are on top of this crisis and will continue to communicate any dangerous scams related to the outbreak as soon as possible.

 

As always, please contact us immediately if you have any concerns at 888.966.GUARD (4827) or [email protected].

 

 

Accidentally Clicked on a Phishing Link – Now What

Accidentally Clicked on a Phishing Link – Now What

You know that searing flush-faced feeling when you pretty much know you made a mistake with a slip of the finger? Sometimes it’s sending a text too soon or responding to an email without editing your response. Other times it’s when you click on something you likely shouldn’t have … and then the “uh oh” escapes … and then the big sigh.

 

When we multitask, whether it is at work or at home, we do tend to slip up at times and open something that we shouldn’t. Then enters adware, malware, ransonmare, spyware, and whatever-else-is-next-ware into our lives.

 

Oops! Now what?

 

There are some imperative steps to take to alleviate harm to you and/or the network you may be connected with:

– Try not to panic. This happens to everyone. Antivirus and anti-malware will come into play and you will need to have a full system scan. But first …

– End the session immediately by turning off Wi-Fi, unplugging from an ethernet cable or completely shutting down all of your devices.

– Initiate a back up of your files. Since you won’t be connected to the internet at this point, you won’t be able to accomplish this to the cloud. Having an external drive, DVD or thumb drive are always nice to have on hand during times like these.

– Change your login/password to email account(s) and enable two-factor authentication if this hasn’t already occurred.

– If you are employed by a company or organization, reference your manual and let your network administrator know of the potential issue.

– After all is said and done, check your antivirus/anti-malware software and run a full scan.

 

Being informed of what steps you may need to take before a slip up happens can help ease the potential damage (and your stress level) if it does. As always, if you need help or have any concerns, we are available 24/7/365 for you.

Flying This Summer? How to Prevent Juice Jacking

Flying This Summer? How to Prevent Juice Jacking

Vacations are indeed wonderful. Traveling to a new destination or to a familiar favorite locale is a treasured experience with memories that can last a lifetime. On the other hand, traveling on business might not be as fun, but it is a must for many. Going from point A to point B can be stressful at times. Weather, flight delays, overbooked flights, long layovers or not having enough time between flights causing you to miss your next connection … you name it, it can happen. Next thing you know, your device battery is getting low. So, what do you do? Is it safe to recharge at a public charging station? Not always.

 

Juice jacking is a type of cyber attack and typically involves public USBs. Public charging stations, such as those found in airports, train stations, hotel lobbies, and even your rental car, can make your personal data very vulnerable and open your device up to malware.

 

As reported in Forbes, a growing number of nation-state hackers have been training their sights on travelers. New research from IBM, in the 2019 IBM X-Force Threat Intelligence Index, reveals that the transportation industry has become a priority target for cybercriminals as the second-most attacked industry — up from tenth in 2017. Since January 2018, 566 million records from the travel and transportation industry have been leaked or compromised in publicly reported breaches.”

 

What steps can you take to prevent juice jacking from happening to you?

– Don’t leave home without a fully charged battery.

– Carry a charging cord with you so you can use a wall socket instead of a public USB.

– Purchase an external battery pack.

– Turn off your phone to save your battery when feasible.

– Learn how to optimize your device’s battery settings.