URGENT – virus RANSOMWARE info
I just received, in the same day, 3 emails purporting to be from Amazon. The subject said that my package had been shipped. That’s strange; I’m not expecting anything from them. Of course it was a virus; and an especially nasty variant. Ransomware encrypts the contents of your hard drive and demands payment for the password to unlock the drive. If this hits you – you only have two options. Pay it ransom and “hope” they send you the password – and not ask for more money. Or, just wipe the drive and rebuild your system from “nothing”. Depending on the specific variant, the encryption can be done using either the AES 128-bit or RSA 2048-bit encryption algorithms – which are extremely difficult to break. Put in other words, unless you have the computing power of the CIA, you can’t break the code.
Regular readers know that I have been a computer person all my life, really. My personal PC has many layers of defenses. Think of a castle: high walls, archers on the ramparts, a moat, alligators in the moat, you get the idea. Well, my system has 9 layers of defenses, and those emails were not caught till layer 7. They should have never been forwarded by my Internet Service Provider – but they were. You, yes YOU need to learn how to protect yourself – or – eventually pay the consequences. I have discussed PC protection in prior blogs and will not rehash, but rather present some new material.
With the assumption that you have a decent anti-virus program, AND it automatically keeps itself current by downloading updates – at least daily; AND you have a backup methodology – read on. Wow, that was a long sentence even for me; but those two are the most important things you can do.
Next, you need to understand that some types of attachments can be nasty. Most of the time, there might be exceptions; good old .doc files are safe, as are .txt – most of the time. Some types are poison, the very commonly sent .js or java script is the classic virus spreader. The one that attacked me was .docm that little M at the end is really, really, nasty. It stands for document with a Macro (executable code that can do ** anything ** to your computer) – just by opening it with your word processing program. Now that’s really sneaky. The little “built in” macro does not actually scramble your computer, it needs help. So, it contacts the “mother ship” and downloads the real ransomware – slick, efficient, and deadly.
To protect yourself – DO NOT BE CURIOUS. Just delete the email, I’m good with computers, I know enough to not open emails that are unexpected – NEVER. Next, make sure your PC is set to show you the file extension. When you look at the attachment does it say ClosingDocs or ClosingDocs.PDF? Learn how to configure your PC to show the “file type” – and change it to show the complete file name. Be aware that some will have, to fool you, multiple “file type” such as ClosingDocs.pdf.js – if you are not configured to see the complete file name it will appear without the final extension of .js – make sure to do this. You should not ever “hide” the file extension – there is NO good reason – it’s commonly the default to make the files look “simpler” to the casual user. Check to see if your word processor supports prohibiting some “file types” – if so configure it to either not allow .js .docm (and many others, find out which) – or to at the very least to ask you “are you sure you want to open this type of file”.
Malware that simply destroys your computer is certainly still being created by sick puppies. This up and coming threat of ransomware is growing – they can, and do receive money from their victims. When you pay, usually via money wire to an offshore location – they may or may not “honor” their commitment. Again: anti-virus up to date, regular backups, file extensions displayed, and never click a link or open an email unless you are very, very sure what it is; and/or where you are going. You probably do thousands of clicks a month – it only takes one DUMB one to literally put you in a world of grief. Don’t be curious!
You might also like:
Apps that Notaries have never heard of
http://blog.123notary.com/?p=16311
