©Mark Ollig
An email from what appears to be a legitimate source
requests you to click the enclosed file attachment for more information.
Somewhat hesitantly, you click the attachment.
Once the attachment file opens and executes its
program, you sense something strange happening with your computer.
Your computer has just been infected with a malicious
ransomware virus.
Ransomware is a type of software which, after infecting
a computer, restricts the owner/user from accessing its files until a ransom is
paid to obtain the key required for unlocking the encrypted files.
The ransomware program then takes you to a webpage with
this ominous message appearing on your display screen:
“Your documents, photos, databases and other important
files have been encrypted with the strongest encryption and a unique key code
generated for this computer. This private decryption key is stored on a secret
Internet server, and nobody can decrypt your files until you pay the full
amount asked.”
Oh, it gets worse, folks.
“You only have 24 hours to submit payment. If you do
not send the money within the provided time, all your files will be permanently
crypted and no one will be able to recover them.”
At this point, you are presented with the list of all
your personal files from your computer the ransomware attackers are holding
hostage.
Lastly, you are instructed to click the dollar icon to
pay a ransom in the amount of hundreds – if not thousands of dollars (or
bitcoins) in order to get your personal files back.
You silently sit in your computer chair after reading
these messages and feel a sickening nauseousness in the pit of your stomach.
Understandably, some folks would “wanna cry,” which
happens to be one of the names for this particular ransomware software virus.
WannaCrypt Ransomware; also known as: WannaCry,
WanaCrypt0r, or Wcrypt is the source of a recent global computer, ransomware
cyber-attack.
It infected some 250,000 computing systems in over 150
countries.
WannaCry is an illegally obtained software program
originally kept by our country’s National Security Agency, and called
EternalBlue.
EternalBlue remotely invades and takes control of a
Microsoft Windows operating system.
The Department of Homeland Security has been involved
with monitoring and issuing warnings regarding the WannaCry ransomware virus,
and offers advice on its website: https://www.dhs.gov.
“We aim to secure the federal civilian networks,
cyberspace and critical infrastructure that are essential to our lives and
work,” reads a statement on The Department of Homeland Security website.
Perhaps the Department of Homeland Security needs to
have a meeting with the folks at the National Security Agency.
Being a victim of an email “phishing” scheme occurs
when what you believe to be an email from a reputable source, turns out to be
fraudulently sent by unscrupulous sources in order to obtain your private
information; such as credit card, social security, or bank account numbers.
Ransomware such as WannaCry can also be hidden as a
cleverly disguised email attachment.
Never click on hyperlinks or file attachments in an
email if you are unsure of the emails’ legitimacy.
Protect your email accounts by using secure passwords.
Avoid using common words, phrases, or personal information, and update your
passwords regularly.
If you are asked to provide personal information via
email, you can independently contact the company by phone to verify the
request.
Be cautious when seeing a “click here” link for
confirming information.
Everyone needs to be attentive when it comes to email
attachments and web links:
• Do you know who sent you the email? An unknown sender
or unfamiliar internet domain address could indicate a malicious email.
• Don’t be in a rush when opening email attachments
saying “time sensitive” or labeled “final notice statement.”
• Check the actual originating web link address name by
hovering your cursor over the link inside the email message before clicking it.
• Poor spelling and bad grammar in an email are
sometimes signs of a phishing attempt.
• Check for suspicious file attachments. Malicious
email attachments sometimes use randomly-named .pdf, .doc, .jpg, .txt, or .exe
file extensions.
• Be cautious of emails from unknown senders
instructing you to “click this link for turning off automatically downloaded
email attachments.”
If you question opening an email attachment or clicking
an enclosed link, do what I do . . .delete the entire email.
We also need to be careful with Instant Messages sent
to our smartdevices containing web links or attachments.
Windows XP, Windows 8, and Windows Server 2003 software
security patch: KB4012598, for the WannaCrypt/WannaCry ransomware program from
Microsoft is available here: http://preview.tinyurl.com/KB4012598.
Keep your computer’s Microsoft operating system (OS),
web browser, anti-virus, and other critical software up to date, and activate
your OS for auto-patching and auto-updates.
By observing email safety precautions and following
this sage advice, “consider the source,” we won’t WannaCry later.
Keep smiling by reading my Twitter messages at
@bitsandbytes.
(Above image royalty license-to-use paid for by Mark Ollig)
