27 Sep 2013

Security Alert: Protect yourself from the CryptoLocker Ransom Virus

0 Comment

Security Alert: Protect yourself from the CryptoLocker Ransom Virus

3 Ways to Guard against Malware

The BMS Hardware Support team would like to alert all clients about Cryptolocker – a newly released notorious ransom virus created by cyber criminals. This virus is able to lock target computers, encrypt all your files and ask for a ransom in order to allow you to access your files again.

How does a computer become infected by Cryptolocker

Currently, CryptoLocker may infect a computer and connected network drives in one of 3 ways:

  • This infection was originally spread when users click on malicious links or open attachments (.exe or .zip) in emails that pretend to be customer support related issues from FedEx, Wells Fargo, or other seemingly “reputable” sources.
  • When a user visits websites that have been hacked using a computer that is not updated with the latest security patches for Windows, their web browser (Internet Explorer, Chrome, Firefox, etc…), Flash, or Java.
  • Through Trojans that pretend to be programs required to view online videos. These are typically encountered through adult sites.

What happens when a computer becomes infected with Cryptolocker

Once the infection is active on a computer, it will scan the drives (local & network) and encrypt all the files. Once all data files have been encrypted, a screen titled CryptoLocker that contains a ransom note (with a countdown timer) on how to decrypt your files will display on the screen. In order to obtain your unique decryption key to access your files, you are asked to pay the criminals. Failure to obtain the decryption key within the allotted time will delete all files on the infected computer and any connected network drives.

What you can do to protect your data

BMS recommends that you follow these steps to protect yourself from becoming the next victim of the Cryptolocker ransom virus:

  1. Set yourself a weekly reminder to install any available system updates and security patches for Windows, web browsers, Flash and Java on a regular basis. New security threats are exposed each day and these software companies provide the patches on a regular basis to ensure that any loopholes used by virus creators are closed.
  2. Don’t download attachments in emails you weren’t expecting. When you receive an email, ask yourself why you are receiving the email before you go any further. Check the email address. Does the domain (part after the @ symbol) match what you expect it to be? If not, that’s a big red flag! Do not download the attachment! You already know to stay away from .exe files but scammers have gotten very sophisticated about how they send viruses so they now also use .zip files where the file automatically uncompresses when you download it and then runs the executable virus file inside – before you even have a chance to react!
  3. Be careful about what links you click on in emails and on websites. Many times, links are masked inside a word or phrase; hover your mouse over the linked phrase to reveal the URL. If the URL isn’t for a website that you are expecting, don’t click on the link!

Should you have any questions or concerns about protecting your data, please contact the BMS Support Center at 800.634.7734 ext 6 and speak to one of our experienced hardware team members.