What is Phishing?

First I will explain what Phishing is; Phishing is a way of fraudulently acquiring sensitive information, such as credit card, bank account, login details or any other piece of personally identifiable information by tricking users with official-looking email messages. They appear to have come from legitimate sources by the sender (thief) using official looking logos, company addresses, names and visual links in a hope that the recipient (you) opens the attachment or click on the rogue link to start the criminal activity (hack, infection by Trojan or malware).

What to Look Out For?

Here are a few clues on what to look out for when spotting a Phishing email.

1. Check where the email came from, examine the senders email address. It might have come from a public email address (i.e. xxx@outlook.com or xxx@yahoo.co.uk).
2. Look at bogus attachments, if it has a PDF, Zip or Word document attached doesn’t make it real or legitimate.
3. PANIC!, if an email has created a sense of impending doom if you don’t act TODAY! then be suspicious.
4. Links that sound correct can very easily be faked. This link for example should take you to our website www.rlscomputers.co.uk, when it actual takes you to the BBC website. If you are unsure NEVER click on a link and always visit the website site directly yourself.
5. Grammer is a major clue to Phishing email attacks, sometimes the dialect is a very obvious tell but can be over looked.

What Does a Phishing Email look Like?

I have collected some examples over time, so some of these are old but still lethal (some details have been masked for security reasons).

What Can I Do To Stop it?

You can’t stop all of it, but you can avoid a nasty outcome and reduce it down considerably by following these guidelines.

• Never send sensitive account information (PIN codes, passwords, account reminder phrases or mothers maiden name) in an e-mail message.
• Never go to a sensitive site through an e-mail link; always type the site name in your browser (such as www.paypal.com)
• Never open attachments from a untrusted or unknown source (this includes PDF and Zip files)
• Never share your passwords with anyone.
• If your bank requires verification, do it over the phone or in person.
• Verify any person who contacts you unsolicited, claiming to be customer support from a company (if they have to ask who you are, then they don’t know who you are)
• Always report fraud to the company that the thief is portraying to be or represent.
• SPAM / Junk block the Phishing emails, then delete them.
• Make sure you empty your SPAM or Junk folders and email bin frequently (I do it daily)!

Seek technical advice on this if you are not sure.

Contact
RLS Computer Services – IT Support
01553 776937
Email support@rlscomputers.co.uk

You can report scams to:

Citizens Advice Consumer Helpline 03454 04 05 06 or www.adviceguide.org

Action Fraud (UK’s National Fraud Office) 0300 123 2040 or www.actionfraud.police.uk

National Cyber Security Centre https://www.ncsc.gov.uk/guidance/phishing

Although this is a very clever scam, the malware is typically unsuccessful in actually locking computer files if the ransomware is caught and dealt with promptly by a professional. Unfortunately, all that has changed with a new piece of ransomware that is so severe it has been described as “game changing” within the IT industry.

Today I received a report that a client was infected with a piece of ransomeware called “Cryptolocker” that will first hijack your PC and at the same time begin to encrypt your most popular file types, like Word, Excel, jpg’s, PDF, etc. so you cannot open them. The process is executed in stealth mode and once the process is complete the screen is then hijacked with the following message.

The major twist is that unless you pay the ransom (normally around $300) there is no way to decrypt the files and THEY WILL BE LOST FOREVER.

How to catch it

Cryptolocker is spread through malicious hyperlinks shared via social media and spam emails, like fake UPS tracking and TAX refund notification emails. Once the attachment or link is opened, the computer becomes infected immediately, and the virus begins the encryption process.

Prevention Checklist

• Use a professional, quality antivirus software program (Like from Panda Security) and keep it updated daily and malware free.
• Keeping your operating system up-to-date with the latest patches. You should check if any updates exist for your system.
• For on-going protection, ensure that you are running effective and up-to-date security software and don’t turn off any obvious security measures (e.g. Firewalls)
• Make sure you keep back-up copies of important/precious files (documents/pictures etc.) which would be very hard or impossible to reproduce if they are lost
• Never open attachments or links in emails you don’t recognise or links in shared social networks.
• Scanning all files downloaded online – and only downloading files from trusted sources.
• After following the above steps you feel there is still a problem or if you are not sure what to do, seek further expert advice. Doing nothing could very easily cause you problems later!

What to do if I get infected?

If you are infected STOP don’t do anything more. Turn off your PC and contact us IMMEDIATELY and don’t be tempted to switch it on again until it is sorted.

Is there any way of getting my files back?

Sorry NO, unless you pay the ransom or you have a clean data backup stored in an offsite facility.

I will echo the advice of our Cybercrime Forensics Specialist Group:-

Seek advice on this if you are not sure – the worst thing to do is to do nothing.

Contact
RLS Computer Services – IT Support
0844 334 2020
Email support@rlscomputers.co.uk
or Like Us on Facebook