However, if attacked and if you\u2019re quick to shut down your computer (even pull the power cord out if need be) then you may be able to avoid issues even if the ransomware\u00a0encrytion\u00a0process has started. \u00a0 \u00a0<\/strong>\u00a0<\/h3>\n![\"\"](\"http:\/\/www.acctweb.com.au\/images\/ransomware.jpg\")
<\/p>\n
\u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0 \u00a0<\/p>\n
To most of us an e-mail, with an attachment or a link, that\u2019s supposedly from a credible source such as the Australian Federal Police (AFP), ATO or Australia Post (a popular faux-sender because of the levels of online shopping) appears like something that should be opened. \u00a0 Unfortunately, too many think this and every day more computers are being taken-over and people extorted (see Symantec\u2019s example below). \u00a0Be very careful. \u00a0
\n\u00a0
\nA test: <\/strong>If something seems important but comes from a source that seems wrong (the AFP notifying you of a traffic fine) then just delete the e-mail immediately. \u00a0 However, this is being made more difficult as some organisations are increasingly using e-mails to send documents as a way to cut mailing costs, and most don\u2019t advise of this change. \u00a0At the moment, scam e-mails claiming to come from Australia Post are being clicked on way too often. \u00a0If unsure you can always check the \u2018sender\u2019s\u2019 website (the AFP site, for example, mentions the e-mail scam that relates to them) or give them a call.\u00a0
\n\u00a0
\nIf you are hit then there is little time to act but you have a chance if you\u2019re quick. \u00a0Also if you\u2019re on a network and the other computers have shared files and folders then they too will be infected instantly. \u00a0All such computers need action taken immediately as well. \u00a0Tip: \u00a0Ensure what's \u2018shared\u2019 between computers is minimised as much as possible.
\n\u00a0
\nFirstly<\/strong>, your security software should react immediately when it detects the fact you\u2019ve just unleashed some malware and display a pop up message. \u00a0Often these displays are quick so be vigilant, and if you can set them to display for longer, then do so.\u00a0
\n\u00a0
\nSecondly, if there is ANY indication of Malware\/Ransomware THEN SHUT YOUR COMPUTER DOWN IMMEDITELY.<\/strong> \u00a0Ransomware needs a bit of time to encrypt\/lock files, etc and only shutting your computer down will stop it. \u00a0Ransomware is usually an executable file so when restarting your computer, in most cases, it should not restart the malware itself. \u00a0
\n\u00a0
\nFinally<\/strong>, scan the computer using your security software such as Microsoft Security Essentials or Norton. But equally important is to run specialist malware software as well. \u00a0If you don\u2019t have such software then a good option is Malwarebytes Anti-Malware software. \u00a0Go to their site, install the free software (you can upgrade later if you want) and scan again. \u00a0When done and all malware is removed then re-boot your computer again. \u00a0With any luck you will be able to continue.
\n\u00a0
\nPreventive maintenance:\u00a0<\/strong>
\n1. \u00a0 \u00a0 \u00a0Make sure your security software is always up to date, this usually happens automatically.
\n2. \u00a0 \u00a0 \u00a0Updated system and application software helps also. \u00a0 \u00a0
\n3. \u00a0 \u00a0 \u00a0Scan regularly.
\n4. \u00a0 \u00a0 \u00a0Back-up your data regularly, even if only your personal files, to an external\/cloud drive or a flash drive.
\n\u00a0
\nIt\u2019s not uncommon to receive 3-4 Ransomware e-mails a day, so be careful. \u00a0Ransomware can also be downloaded by visiting malicious or compromised websites, so be careful there too.
\n\u00a0
\nA bit of history:<\/strong>
\n\u00a0
\nRansomware first emerged in Russia and Eastern Europe in 2009 and is largely run by professional cybergangs. \u00a0
\n\u00a0
\nAn example of why criminals do this sort of thing as investigated and documented by Symantec: \u00a0
\n\u00a0
\n$33,600 in one day!!
\n\u00a0
\nSymantec experts analysed how criminals monetise the scheme. \u00a0In the month-long period the experts studied one specific attack in more detail and 2.9 per cent of compromised users paid out. This may seem like a small percentage, but it pays off for the criminals:
\n\u00a0
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0During the month 68,000 computers were infected: the equivalent of 5,700 every day.
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0Ransomware typically charges between US$60 to US$200 to unlock the computer.
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0On a single day, 2.9 per cent or 168 users paid the ransomware, permitting the criminals to potentially earn US$33,600; which means the criminals can make up to $394,000 in one month. \u00a0There are many types of Ransomware.
\n\u00a0
\nNB: \u00a0Be careful of this also: \u00a0Another version of Malware is FAKEAV. \u00a0Instead of capturing the infected system or encrypting files, FAKEAV coax users into purchasing their bogus anti-malware software by showing fake anti-malware scanning results.\u00a0\u00a0<\/strong><\/p>\nBeware! \u00a0Beware! \u00a0Beware! \u00a0
\n\u00a0<\/h3>\n
Peter Graham<\/p>\n
AcctWeb \/ PlannerWeb<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"\u00a0<\/p>\n
In our role as a domain hosting company we see much of the dark side of the Internet including hacking, viruses and server attacks. \u00a0Of these,\u00a0Ransomware\u00a0is one of the worst and most insidious.<\/em><\/p>\n","protected":false},"author":1,"featured_media":896,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895"}],"collection":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/comments?post=895"}],"version-history":[{"count":1,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895\/revisions"}],"predecessor-version":[{"id":897,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895\/revisions\/897"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/media\/896"}],"wp:attachment":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/media?parent=895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/categories?post=895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/tags?post=895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
<\/p>\n\n\u00a0
\nA test: <\/strong>If something seems important but comes from a source that seems wrong (the AFP notifying you of a traffic fine) then just delete the e-mail immediately. \u00a0 However, this is being made more difficult as some organisations are increasingly using e-mails to send documents as a way to cut mailing costs, and most don\u2019t advise of this change. \u00a0At the moment, scam e-mails claiming to come from Australia Post are being clicked on way too often. \u00a0If unsure you can always check the \u2018sender\u2019s\u2019 website (the AFP site, for example, mentions the e-mail scam that relates to them) or give them a call.\u00a0
\n\u00a0
\nIf you are hit then there is little time to act but you have a chance if you\u2019re quick. \u00a0Also if you\u2019re on a network and the other computers have shared files and folders then they too will be infected instantly. \u00a0All such computers need action taken immediately as well. \u00a0Tip: \u00a0Ensure what's \u2018shared\u2019 between computers is minimised as much as possible.
\n\u00a0
\nFirstly<\/strong>, your security software should react immediately when it detects the fact you\u2019ve just unleashed some malware and display a pop up message. \u00a0Often these displays are quick so be vigilant, and if you can set them to display for longer, then do so.\u00a0
\n\u00a0
\nSecondly, if there is ANY indication of Malware\/Ransomware THEN SHUT YOUR COMPUTER DOWN IMMEDITELY.<\/strong> \u00a0Ransomware needs a bit of time to encrypt\/lock files, etc and only shutting your computer down will stop it. \u00a0Ransomware is usually an executable file so when restarting your computer, in most cases, it should not restart the malware itself. \u00a0
\n\u00a0
\nFinally<\/strong>, scan the computer using your security software such as Microsoft Security Essentials or Norton. But equally important is to run specialist malware software as well. \u00a0If you don\u2019t have such software then a good option is Malwarebytes Anti-Malware software. \u00a0Go to their site, install the free software (you can upgrade later if you want) and scan again. \u00a0When done and all malware is removed then re-boot your computer again. \u00a0With any luck you will be able to continue.
\n\u00a0
\nPreventive maintenance:\u00a0<\/strong>
\n1. \u00a0 \u00a0 \u00a0Make sure your security software is always up to date, this usually happens automatically.
\n2. \u00a0 \u00a0 \u00a0Updated system and application software helps also. \u00a0 \u00a0
\n3. \u00a0 \u00a0 \u00a0Scan regularly.
\n4. \u00a0 \u00a0 \u00a0Back-up your data regularly, even if only your personal files, to an external\/cloud drive or a flash drive.
\n\u00a0
\nIt\u2019s not uncommon to receive 3-4 Ransomware e-mails a day, so be careful. \u00a0Ransomware can also be downloaded by visiting malicious or compromised websites, so be careful there too.
\n\u00a0
\nA bit of history:<\/strong>
\n\u00a0
\nRansomware first emerged in Russia and Eastern Europe in 2009 and is largely run by professional cybergangs. \u00a0
\n\u00a0
\nAn example of why criminals do this sort of thing as investigated and documented by Symantec: \u00a0
\n\u00a0
\n$33,600 in one day!!
\n\u00a0
\nSymantec experts analysed how criminals monetise the scheme. \u00a0In the month-long period the experts studied one specific attack in more detail and 2.9 per cent of compromised users paid out. This may seem like a small percentage, but it pays off for the criminals:
\n\u00a0
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0During the month 68,000 computers were infected: the equivalent of 5,700 every day.
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0Ransomware typically charges between US$60 to US$200 to unlock the computer.
\n\u2022 \u00a0 \u00a0 \u00a0 \u00a0On a single day, 2.9 per cent or 168 users paid the ransomware, permitting the criminals to potentially earn US$33,600; which means the criminals can make up to $394,000 in one month. \u00a0There are many types of Ransomware.
\n\u00a0
\nNB: \u00a0Be careful of this also: \u00a0Another version of Malware is FAKEAV. \u00a0Instead of capturing the infected system or encrypting files, FAKEAV coax users into purchasing their bogus anti-malware software by showing fake anti-malware scanning results.\u00a0\u00a0<\/strong><\/p>\n
Beware! \u00a0Beware! \u00a0Beware! \u00a0
\n\u00a0<\/h3>\n
Peter Graham<\/p>\n
AcctWeb \/ PlannerWeb<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":" \u00a0<\/p>\n In our role as a domain hosting company we see much of the dark side of the Internet including hacking, viruses and server attacks. \u00a0Of these,\u00a0Ransomware\u00a0is one of the worst and most insidious.<\/em><\/p>\n","protected":false},"author":1,"featured_media":896,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895"}],"collection":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/comments?post=895"}],"version-history":[{"count":1,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895\/revisions"}],"predecessor-version":[{"id":897,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/posts\/895\/revisions\/897"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/media\/896"}],"wp:attachment":[{"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/media?parent=895"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/categories?post=895"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/actinvest.com.au\/index.php\/wp-json\/wp\/v2\/tags?post=895"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}