Don’t Pay the Ransom: Ransomware Awareness Part 1 — Identification
A guide on how to prevent and fight ransomware for non-technical people
A serious threat
There’s no question that ransomware is one of the worst types of malware that businesses and organizations can face. In the past few months, a number of businesses and government agencies have been targeted. These attacks have caused a lot of damage to their reputations as well as the loss of data, which has raised some concerns among cybersecurity experts and authorities alike. And the less you know about it, the more open you are to being victimized.
What is Ransomware
Ransomware is a type of malicious software or cyberattack that threatens to block access to a user’s files or systems unless a ransom is paid. It works by encrypting files on an infected device and demanding payment to obtain the decryption key.
A better description
If the explanation above was confusing for you, let me rephrase it. Cybercriminals have made a type of bad software called ransomware that is meant to keep people from accessing their own files. When this software is put on a victim’s device without their knowledge or permission, it limits access to important data, which can be very annoying and even harmful. People, companies, and organizations are all at serious risk from ransomware, which has become a common threat in the digital world. How do these cybercriminals do it? They locked your files and made sure that only they could open them.
Before:
After:
Notice that I used “cybercriminal” when describing these hackers because, when it comes to cybersecurity, a “hacker” doesn’t necessarily mean a criminal. Hacking is not fundamentally a crime but a tool to exploit vulnerabilities in the system or networks or to bypass security. If a person does it to help identify weaknesses in the system and improve overall security, it’s called ethical hacking. But a “cybercriminal” is a hacker who uses their skills for unlawful things. These people take advantage of weak spots in computer systems, networks, or software to do illegal things like steal private information.
Identifying the attack
The scariest thing about this is that all it takes is one click to get affected. Dealing with and fixing problems often requires a lot of time and money.
If you don’t know much about hacking, it’s easy to picture hackers using powerful supercomputers to get into any device in the world without permission. Or, you might imagine them figuring out difficult virtual puzzles to gain access. This is how hacking scenes are shown in movies, but in reality, it’s very different.
While it is possible for cybercriminals to remotely access devices, the way it is portrayed in movies is often misleading and not true. Hollywood often exaggerates and sensationalizes hacking scenes to make them more exciting, which can lead to false ideas about how hackers really work and what they can do. Hacking is actually a very complicated and time-consuming action that requires a lot of skills, knowledge, and careful planning.
For someone to be able to remotely access a device, that device must have already received and installed the malware using some trickery in the form of phishing or malicious advertising.
That’s it; all they did was trickery.
Trick their victim into clicking a button, a link, or downloading a file containing the malware.
Phishing has emerged as a common and highly successful method, not only for ransomware attacks but also for hacking in general. People are tricked into giving away private information using this deceitful method. This can lead to many types of cybercrime, including illegal access to online accounts, bank account theft, data breaches, and malware infections. In this article, we will focus our discussion solely on the topic of malware and ransomware infections.
Malicious advertisements, also known as malvertising, are another way to be infected with malware. But this wasn’t as effective as phishing because it’s easy to stop or block. I’ll talk about it in Part 2.
Examples of phishing in the past:
“Congratulation! You have won a brand new car. Click the link to claim your price.”
“You have been selected as one of the customers to be given a 50% discount. Please fill out the form provided in the attachment.”
“There’s no way I would fall for that.” That’s likely what you thought when you read the case above. That’s because these emails are becoming more and more well known these days.
But phishing had evolved too. Cybercriminals began adding fake logos and coming up with more creative ways to send messages. Because of this, it’s getting harder to tell the difference between real and fake.
A sample phishing email:
Another sample phishing email:
But fear not; there is a way to spot the fakes. Just pay attention to these facts.
Unexpected emails
The only time it is safe for you to click a link from an email is when an email is expected. This is when you sign up for an account that needs your email address to be verified or your password to be changed.
If you received a random email from a company or an advertisement you’re interested in, contact the company directly or visit their website to confirm. But do not click on the link in the email, no matter how believable it looks.
Companies knows your name
When a business sends you an update or notice, they will always include your name. Remember when you registered or subscribed to a website or an online subscription? You were required to fill out a form, right? And one of those required fields is your full name. In other words, the company has your name and will always call you by name.
If you look at the example above, you’ll see that each of those emails addresses the email recipient as a customer or valued customer. That’s because cybercriminals don’t really know where they send their attacks. They used a list of emails to spam.
“Wait, how did they get my email?”
Let’s face it, emails aren’t that complicated to guess. I mean, no one really uses an email like aUb1&+(zQv8@gmail.com, and if you do, no one will take your email seriously because emails are often expected to be personal things.
Who knows, one of these emails could be real and active for some reason: peterparker@gmail.com, peter_parker21@gmail.com, or pparker132@gmail.com. Now imagine a list of thousands or even millions of emails; you get the idea.
For businesses or agencies, on the other hand, you might need to be more careful because a general email might not work for them. There is a branch of phishing called “Spear Phishing” and “Whaling” where it doesn’t require a list of random emails to spam; all they need is the company’s public email address or the CEO’s personal email address.
The defense against spear phishing and whaling will be explained in Part 2.
Every attachment is a suspect
Never assumed the attached file is clean.
The attached file doesn’t have to be an executable file (.exe,.msi,.app,.bat,.vbs) for the malware to be in it. Malware could be in any file, from zipped files like ZIP or RAR to office files like DOC, DOCX, PDF, ODT, XLSX, and more.
Even images file or a video file may contain malwares.
A link can be deceiving
Do not trust any links provided in the email. It may lead to a different website than the one you expected.
https://www.google.com (https://www.google.com)
The one on the left will be displayed, but the one inside the parenthesis () will not, and it’s the actual address of the link. Since it wouldn’t be shown, cybercriminals used that to their advantage.
Example:
https://www.amazon.com/account-update (http://malicious-website.com)
Not just emails
Not all phishing attacks are emails; they can be SMS or voice calls.
Thank you for taking the time to read my first article. I would greatly appreciate your feedback. Your input will help me improve my writing skills and create better content in the future.
Part 2 will be about preventing ransomware infections.
