Reading this email is probably the most important thing you can do for your company today.
Seriously.
We’ve previously sent emails outlining the dangers of opening email attachments, clicking on links in emails and transferring money on the basis of an email request. Well, it’s only Tuesday and already this week we have dealt with two separate cases of ransomware being let loose on unsuspecting companies and what looks like a fraudulent transfer of a significant amount of money.
As I’m sure you are already aware, ransomware encrypts all your (and your company’s) files into an unreadable and unusable format. Your company may be requested to pay a large amount of money to (maybe) receive the key to decrypt the files. Requests for bank transfers can appear to be sent by a person of authority at your company but in reality have been crafted by fraudsters.
For all our larger customers we incrementally backup data throughout the day. This means we are able to retrieve older versions of the affected files and limit the potential damage – if you aren’t sure you have this system in place or are interested in the details then please contact us.
What do ransomware and fraudulent bank transfers have in common? The malicious intent was delivered via email.
1. General precautions before opening an email attachment:
- Check who the sender is. If you don’t recognize the sender, don’t open the attachment.
- If you do recognize the sender but are not expecting a file, don’t open the attachment.
- If the file is anything other than a .pdf document, think very, very hard before opening the attachment. The default action for any email attachment is to NOT open it.
2. General precautions before clicking on a link in an email or website:
- Learn to hover your cursor over links in emails to make sure the address shown looks something like you’d expect – try this on one of the links in this post. You should see where the link actually goes displayed in the bottom left hand corner of your screen. If this doesn’t appear to relate to the company in the link then don’t click on it.
- Be very wary of clicking on links that arrive in email – be sure you trust the sender.
- Remember that the sender’s email account may have been compromised, so even if you trust the sender it still pays to be wary.
- Don’t click on links in forwarded emails.
- Don’t click on shortened links – you can’t tell where they’re taking you.
- If at all in doubt, open your browser and type in the link.
Always hover over links so you know where you are being taken.
3. General precautions for avoiding being manipulated into making a fraudulent payment by spear phishing:
- The email appears to be sent from a person and/or an email address you recognize within your company but, and here’s the clever part, under the skin (and invisible to you) the reply to address has been replaced with the fraudster’s own. This is known as spoofing.
- The email will ask you to make a payment or bank transfer on behalf of your colleague – make sure you contact this person by phone or by creating a new email to query the request. For obvious reasons you shouldn’t reply using the email requesting the transfer.
- The examples we have seen all have “Sent from my iPhone” at the bottom of the email – this may be to avoid having to fabricate an email signature (your company details at the bottom of the email).
- Be cautious about unexpected emails requesting urgent bank transfers.