Malware and viruses are commonly transmitted via Email. Ransomware is a type of malware that cybercriminals use to extort money from their victims. This type of malware activates when a user clicks on a link or opens a suspicious email attachment (usually a “.zip” file), triggering the ransomware program to install on a user’s computer.
The most common CryptoLocker variant encrypts most types of files available to users, including “.doc,” “.xl,” and “.exe” and once a user is connected to network shares can encrypt server files also. The attackers then demand that the users/company pay a ransom (usually between $200 and $3000 in Bitcoins) in exchange for the decryption keys to their files.
Whilst Enclave have many defences to prevent infection deployed on your network, no defence is 100% failsafe so USER AWARENESS AND VIGILANCE is of paramount importance.
Here are some examples to look out for:
Microsoft Office files (Word, Excel, Power Point etc.) with Macros should be treated with particular care. Never enable a Macro in Microsoft Office file that has been received via email unless you are sure you know where it comes from.
Compressed files such as Zip (.zip) or WinRAR (.rar) are common ways of disguising malicious attachments and evading security systems especially files that have been compressed several times. Once the attachments are extracted malware can be activated. Never open compressed attachments unless you are certain of the contents or origin.
Executable (.exe) files that are transmitted by email are a blatant security risk. Enclave block these before they enter your network but be aware never to open an exe file ever!
Phishing is a form of fraud in which the attacker tries to learn information such as account information or pass instructions to colleagues by masquerading as a reputable entity or person in an email.
Malicious email senders may often try and mimic genuine companies that might legitimately be trying to contact you. These emails can often be very elaborate and their graphics and logos can be very accurate. Companies such as DHL, FedEx, well knows banks (Bank of Ireland and AIB) and technology companies (Apple, Microsoft and HP) are commonly used.
It is likely that emails that are out of character or unexpected from a known friend or commonly used contact or colleague have had their email address “spoofed”
Emails from unexpected or unknown senders should always be treated with extra vigilance. We have seen incidents of emails containing malware pretending to be to applying for a jobs with CV’s attached.
The key is to make sure to check the email domain name of the sender is the correct domain for the company or organisation the email is purporting to be from, if you are suspicious.
So golden rules are
If you receive a suspicious email delete immediately or call the Enclave support desk.
If you get a McAfee virus alert, unplug your PC from the network (remove network cable), shut down your PC and call your support desk.