Protect Your Business from Spam and Malware
by Eric Jackson
The average technology consumer is usually at risk – through no fault of their own – of falling prey to spam and malware. This is largely due to misinformation or lack of education. To better prepare your staff for threats in the realm of technology, it is important that they are taught properly.
Jimmy Kimmel is a Cyber-Terrorist
Ok, maybe not Jimmy Kimmel himself, but his name and many others certainly attract a fair amount of digital trouble. Who among us hasn’t searched for information on a famous actor or musician, only to find a plethora of sketchy looking websites filled with spammy ads and very little useful information?
The problem here is that you (or anyone on your network) can easily introduce malware into your network via a malicious website. Yes, antivirus software is great and necessary. Unfortunately, cyber-criminals don’t rest, they simply invent new ways to steal from you.
Type of Malware
The average technology consumer uses the word virus to describe the majority of what can be wrong with a computer. However, a virus is a very specific type of problem and has many cousin problems that go by different names. Malware is the broad category of any software or code that is developed or used for compromising or harming information assets without the owner’s informed consent. Malware is short for “malicious software” and has many different types.
This is usually a blanket term to describe computer troubles, but viruses have specific functions. Like their living counterparts, they infect your system and take control over some or all functions. Viruses can destroy data or steal things like credit card information, passwords, and more. Viruses can also relay spam email or coordinate attacks like DDoS.
Like the name suggests, this type of malware “spies” or monitors your movements online, sending information to a central location so that you can be targeted. Spyware can be nearly impossible to remove and can slow down your computer to a useless state through program downloads.
Ransomware hits multiple pain points: data and your wallet. Ransomware is a type of malware that is downloaded on a computer and encrypts, or blocks access to, valuable data or programs until a “ransom” is paid. This is extra debilitating because 1.) Ransoms are exchanged in Bitcoin (online currency), keeping the hacker untraceable and 2.) There is no guarantee that the hacker will make good on the decryption code after the exchange is made.
Ransomware Use Increased
This approach to cybercrime has exploded in popularity, increasing by 752 percent and netting distributors $1 billion just in 2016.
These infections overwhelmingly came from spam emails, assuming that these numbers match the proportions that Trend Micro managed to prevent. 79 percent of the ransomware attacks that Trend Micro detected came in via spam emails, while 20 percent originated from an untrustworthy web page.
Ransomware is also increasingly spread out to different types of targets, striking not only enterprises, but also educational institutions, healthcare providers, government offices, and the typical SMB.
CryptoWall first appeared in the wild around 2014: since then, cybercriminals have updated and iterated on it several times to make it even harder to detect and remove.
CryptoWall is a particularly nasty form of ransomware. It does much more than just encrypt your files and prompt you to pay for the key: it tries to hide inside the OS and adds itself to the Startup folder. Worse still, CryptoWall deletes volume shadow copies of your files – making it difficult (or in some cases impossible) to restore your data. And while it’s there, it’ll try to get your passwords and Bitcoin wallets for good measure.
CryptoWall 3.0 is by far the most lucrative version so far. It uses strong RSA-2048 encryption to lock your files and try to get you to pay the ransom.
CryptoWall v4 introduced a new feature to encrypt both the files and the filenames, meaning that you can’t simply look at the filename to check (and restore) if you have a backup. The ransom notes got a lot sassier as well, just to pour salt on the wound of your encrypted data.
CryptoWall v5.1 is the latest version based on the HiddenTear malware. It uses a different AES-256 encryption, which doesn’t follow with the previous versions. It’s possible that the developers used the CryptoWall name, but not any of the original code.
A worm is a virus that replicates itself over a network. They can arrive through email and send a copy to others in your address book disguised as a message from you. Worms are used to deliver viruses, or the worm itself can be a virus, so the terms are nearly interchangeable. They are sneaky and difficult to manage.
Remember the Trojan Horse from Greek mythology class? This type of Trojan gets its name from the same deceptive tactics. Trojans will masquerade as a legitimate program – and may even have legitimate program functions – but beware, there are ulterior motives. Once “inside” your computer, Trojans can delete data, compromise security, relay spam, and do extensive damage to your computer and information.
Phishing is more of a method than actual software download, nevertheless, scams are fallen for every single day. Phishing involves an application, link, or website that impersonates a trustworthy source to garner information. Do not fall for these scams. THE IRS WILL NOT EMAIL OR CALL YOU.
How to Detect Possible Phishing Emails
- Identify who sent it. Don’t be fooled by the display name, dig down to the actual email address. This is the #1 tactic among cybercriminals. Legitimate companies send emails through a server based out of their company website. If you see a long string of numbers as the sender before the @ or a free email service before the .com you should question the legitimacy of the email. In the end, check the sender’s email address and if the domain name looks suspicious – don’t open it.
- Hover, don’t click. Most emails have links, but before you click – hover. When you hover your mouse over the link the full web address will pop up. Again, if it looks odd do not click.
- Check for spelling. Cybercriminals weren’t English majors. Are there rampant grammatical and spelling errors? Don’t give these emails the time of day.
- Too personal? If an email asks for any of your personal information, immediately flag it as spam. All institutions you have relationships with have all of the information they need on hand and will never ask for your personal information through email.
- Too urgent? Beware of emails that give you a sense of urgency, like “account suspended”, “unauthorized login attempt” or “times running out”. This is a phishing tactic. Do not fall for it.
How to Prevent Malware
Make sure your data is backed up every day. Keystone does that for companies that can’t afford the time and money it takes to be held hostage.
Install all your computer and server updates. There are many…or you could just tell us to do it and we’ll manage all that mindless computer business and make sure your firewall is up-to-date. Want to literally see what’s going on in the world of hackers? Check this out…you’ve been warned.
You should be doing content filtering. If you want to keep all your employees off People.com and on the work you’re paying them to do, it’s a bargain. If you’re not doing it, you’re giving them free reign to read People.com (we cannot recommend this) and inevitably surf onto some trashy, malware-infested website. That story ends with you giving your credit card number to some Russian hacker who – in comparison – makes Super Creepy Rob Lowe look like the kind of guy you’d like to hang with. But this isn’t about cable or DirecTV…it’s about protecting your business.
Too Late… I Think I Have a Malware Infection
Diagnosing a malware infection can be a little like going to WebMD for the common cold. You have a stuffy nose; the website says you could be dying. So this is your disclaimer: just because one of these things is relevant to your system does NOT mean that your computer is about to be pushing up daisies. Stay calm, cool, and collected and call an IT professional.
These are some things that you should look out for and be aware of.
Slow Computer- The most common symptom of malware infection. If your system is taking ages to start up or your data bandwidth is achingly slow, you could potentially have an infection. If you’ve ruled out other possibilities (damaged hardware, lack of hard drive space, and the like), then you should investigate potential malware problems.
Blue Screen of Death (BSOD)- Your computer crashing regularly is either typically a sign of a system problem or a malware infection. To check what has caused your most recent BSOD, go to Control Panel> System and Security> Administrative Tools> Event Viewer and select Windows Logs. The recorded crashes will be marked with an “error”. For troubleshooting, contact your IT people.
Closing Programs- Occasionally programs will close or open without warning. This is hard to determine though, as some programs behave this way OR may not be compatible with your hardware. Check these things off the list before assuming you have a malware infection.
Pop-ups, unwanted programs, toolbars- It’s 2018 and most people should know better. However, if you click on a suspicious link, install free applications, or answer random survey questions for site access, you are pretty much inviting a virus. If you get a pop-up, do NOT click on the pop-up page. Exit out of the window and use an anti-malware tool pronto.
Spam from “You”- We’ve all seen it. Those posts on Twitter, Facebook, through email, that are seemingly coming from your friend but say they’ve found Ray-Bans on sale for $9.99. This is spam. You could potentially be a victim of spyware, caused by *ahem* weak passwords or forgetting to log out of an account.
At Keystone, we work on blocking spam and malware before they can do any damage, but we’re more than willing to help if you’ve already been infected. Once businesses become a Keystone client, we work with you to provide education on spam and malware and how you can be better prepared when it comes to protecting your business.