Category Archives: SPAM

Ransomware CryptoLocker

CryptoLocker

Ransomware is a type of malicious software designed to block access to your computer system or files until a sum of money is paid. This type of malware typically targets individuals.  We are starting to see more business computers targeted.

The current greatest ransomware threat continues to be Cryptolocker. Cryptolocker started appearing in late September 2013. Once the system is infected, the malware encrypts most or all the users data files, making the files inaccessible.  The ransom ranges from $300.00 to $3000.00 US dollars. There is currently no way to decrypt the files as the encryption key is randomly generated.

It is important to note CryptoLocker will encrypt any data files it finds on your system.  This includes files on your physical hard drive, attached USB drives and even cloud connected storage.  This means data on a mapped DropBox drive could also become encrypted.

I have an online backup. Is my data protected?

Having an online backup does NOT guarantee your data is protected.  While having an online backup can HELP to restore unencrypted files, it does not protect you from CryptoLocker.  In fact, once CryptoLocker has encrypted the file, it has changed.  This may cause your online backup to backup the now changed and encrypted file.

Should I pay the ransom?

Only you can make the decision to pay the ransom. Paying the ransom DOES NOT guarantee the files will be decrypted. Paying the ransom can lead to other problems, like credit card fraud and identify theft. We DO NOT recommend ever paying the ransom.  We recommend prevention and using best practices to avoid getting the infection.

Reports indicate some who have paid the ransom never get their files decrypted.  Others have reported their files were decrypted, but it took several hours to days for the process to reverse itself.

Where does CryptoLocker come from?

CryptoLocker can be installed from simply browsing to an infected website.  However, it is frequently delivered via spam email as a compressed archive (.zip) file or via an executable file (.exe). Emails may appear to come from a person or business you know.  Faked emails appearing to come from UPS or FedEx have also been reported as points of distribution for CryptoLocker.

Signs your system may be infected with CryptoLocker

1. The system has started running unbearably slow.  This is due to the processor resources needed to encrypt all of your files.

Some steps you can take to help protect yourself.

Remembering no anti-virus/anti-malware can provide 100% protection, here are some things you can do to help ensure you don’t get infected.

  1. Have a decent and up-to-date antivirus program running.
  2. Get the latest operating system updates
  3. Have your computer firewall running
  4. Limit user privileges
  5. Have an online backup of your files.
  6. Have a complete and current offline and unconnected backup of all your data files.

More information about CryptoLocker:

AirMail

Disposable Email Address

Have you ever wanted to get some FREE information from a website only to find they want your name, email address, mothers maiden name and phone number before giving it to you?  A disposable can be very useful in getting the information you want without giving out our real email address.

Disposable email addresses are valuable if you want to avoid receiving SPAM.  One free service we recommend is AirMail.  AirMail is located at www.getairmail.com.  You can obtain a disposable email address in about 5 seconds.  It shouldn’t be used for any real business.  It should never be used for more then a few minutes and there is no security.  To be very clear, the use of a disposable email address should be used for legitimate purposes where you want to protect your actual email address from ending up on some company’s SPAM list.

About.com provides a list of other Disposable Email Address Services > Here!

Don’t SPAM

So you received an email from a trusted friend.  The email subject reads “This has been verified on Snoops.com!”  First, before you hit the forward button…hit the delete button.  Most of these emails start from the very folks who make malware and virus software.  99% of these are scare tactics.

You should also be very careful when searching the Internet for information about viruses. Doing so will often lead your computer to the path of infection. There are reputable locations to learn about current virus threats, but we don’t consider Snoops to be among them. If you absolutely must do some research, we recommend some of the sites below.

Learn more about the latest email and virus hoax information at SOPHOS

  1. Microsoft Malware Protection Center
  2. Symantec Security Response Team
  3. Wikipedia for a List of Known Viruses