Protect yourself from malware by looking for out-of-context e-mails
10/10/2013 7:02 AM
08/08/2014 10:19 AM
As Halloween approaches, it’s only fitting that there be a frightful threat to terrorize your network security and data.
Recently I received a call from a client: “Paul, we can’t access some critical files. How soon can you be here?”
Arriving on site, we began our search and rescue mission, ultimately tracing the problem back to a seemingly innocent zip file containing the offending malware, known by a variety of names but most commonly: CryptoLocker.
Instead of trying to spread itself throughout your network, CryptoLocker simply finds the important files – Word documents, Excel spreadsheets, even photos – and encrypts them and locks you out. Then a pop-up window offers to unencrypt your files for a fee, somewhere around $300. That’s it. Just blackmail. Once CryptoLocker has struck, there’s no reasonable way to clean your files. Your only choice is to restore them from a backup, which hopefully you have but that’s a subject for another column.
How does CryptoLocker infiltrate your network? It comes in an attachment to an e-mail message, most recently in a “zip” file attached to an e-mail claiming to be from the Better Business Bureau. But next time we see it, the e-mail could appear to be from the IRS, a bank, or even from Fedex.
How do you protect yourself?
Never. Never. Never open an attachment in an e-mail if you’re not expecting it, regardless of the sender. Instead, develop a healthy skepticism about the e-mail in your inbox. This means paying attention to context.
What is context? I’m talking about the circumstances surrounding each e-mail, when something just doesn’t seem right. Do you know the sender? Is the subject line iffy? What time was the e-mail sent? If it’s from the IRS, ask yourself, “Why would the IRS be sending me a zip file?” It won’t always be the IRS and it won’t always be a zip file. Paying attention to context can help you protect your data from the constant stream of viruses, spyware and other rogue software that the IT world calls malware.
As an example, my brother and I exchange e-mails frequently, but what if I receive an e-mail from him with just a link to a video?
That’s outside of the normal context of our typical exchanges. At this point I should do one of two things, delete the message, or check with him to see if he really sent it. I should NOT open it. This also applies to browsing the Internet. If I go to the Web page for ESPN to check on the score from the Chiefs game and I get a message that my computer wants to download a piece of software, that’s also “out of context.” I’ll quickly shut down my browser window and might even reboot my computer and run a virus scan.
So how do you protect your data from CryptoLocker and other attacks? There are two must-haves, and the first is up-to-date antivirus software. If your business has IT support, antivirus protection should be provided. If you plan to run the antivirus software yourself, recognize there’s a lot of phony antivirus downloads to be found on the Internet so I recommend buying something off the shelf at your local electronics or office supply store, or buying it online from a reputable vendor.
Second thing you can do: Make sure your applications are up to date.
Virus creators spend their days and nights poking at software, looking for holes and other vulnerabilities they can use to spread a virus. Software manufacturers are constantly releasing updates that patch those holes, and that why it’s critical to update your applications. Again, this is something that may be covered in your IT support contract if you have one. If not, we like a tool called Ninite, from www.ninite.com, that allows you to update all of your applications with one package.
Sometimes, none of these solutions work. So always back up your data. I like to recommend a two plus one backup strategy. Everything that’s important to you should be kept in two places and an additional one that’s off-site. For example, critical client information may be stored on your computer, an external hard drive, and a DVD in the safe deposit box. That way, if your antivirus software lets you down or your otherwise fall prey to malware, you still have a copy of thee things most important to your business.
With these steps you might find that you’ll be better off in the long run, and so will your data.