Ransomware: How you can help prevent an infection

Ransomware: the word on everyone’s lips right now. If you haven’t been hit, you no doubt will be on-edge until the perceived threat disappears. Unfortunately, the widespread infection of Wannacry has only highlighted how easily ransomware can be spread, and how fatal it can be to organisations. So, beyond security software and keeping your systems up-to-date, how can you ensure that your environment is safe? Employee education is the best and most reliable way to prevent malware; there will always be a new virus that will slip through even the tightest of network security, but if users are vigilant and aware, the odds of an infection are low. So what can your users look out for?

1. Emails from a genuine business or organisation such as Apple, Google, UPS, Amazon, high street banks, or HMRC that may or may not appear slightly “off”. Check the logos, the sender email address (not just the sender name), the colours, fonts, and spelling in the email. Do they seem legitimate? Are they asking you to click a link or download an attachment? If so, verify the link before you click by hovering over it with your mouse and check that the address is correct. If you’re not expecting an email or attachment from them or it is different to anything you have received previously, play it safe and don’t open it. Visit the site directly rather than clicking any links within the email.

2. Be wary of emails that are telling you that you have a tax refund, asking you to view a link or photo because it’s humorous, asking you to reset your password, or telling you to pay or view an invoice. Unless you are specifically expecting an email like this (i.e., you have just requested a password reset), double check the links and if in doubt, don’t open it.

3. Never run an attachment directly from an email if you’re unsure of its origins; save it to your desktop first.

4. Finally, at all times your use your common sense and discretion. Start with the assumption that the mail is malicious and work your way to confirming it is safe by visually validating the sender and links before clicking anything.

Although the main point of infection with Wannacry was through email, webpages can also be used to coax users into clicking on links or images in pop-up windows. Consider turning on pop-up and ad blockers for your organisation.

Ensure that all of your users are aware of the threat and are extra-vigilant at the moment especially, and exercise extreme caution when opening emails and browsing the web. Again, while we are all focused on the rampant spread of Wannacry right now, enforcing best practices amongst your users will help keep you safe, regardless of the threat “du jour.”

For more guidance on protecting against ransomware attacks, contact our cyber security experts.