Police warn of 'ransom' spam targeting UK users

Tens of millions of UK internet users could be at risk from "ransom" email spam seemingly sent from financial institutions.

Read the full story here: http://www.bbc.co.uk/news/technology-24964426

The email has an attachment that looks legitimate but is malware that encrypts computer files.
If the attachment is opened, a displayed countdown timer demands a ransom to decrypt the files.
Small to medium businesses seem to be the target and the National Crime Agency says there is significant risk.

Lee Miles, deputy head of the National Cyber Crime Unit, says: "The NCA are actively pursuing organised crime groups committing this type of crime. We are working in co-operation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public."

The malware installs a piece of "ransomware" called Cryptolocker on computers running the Windows operating system. The ransom demands that the user pay two Bitcoins, a virtual currency, that would be worth £536 to release the decryption key.

Reports suggest that people who have paid the ransom have not had their files decrypted and it has been impossible to restore encrypted files.
  
The NCA said it would never endorse the payment of a ransom to criminals and warns that there is no guarantee that the people behind the demand would honour the payments.

An NCCU investigation is seeking to identify the source of the email addresses used.
Computer users are being warned not to click on any suspicious attachments, to have updated antivirus software and to regularly back up files. If a computer is infected the advice is to disconnect it from the network and seek professional help to clean the device.

The NCA said that anyone infected with this malware should report it via actionfraud.police.uk.

For more information on how better to protect your business or customers please contact the IT Support Experts at Click Networks on 0141 530 9116 or visit our website: www.clicknetworks.co.uk for more information on how to clean an infected device of harmful malware.

Precautions against CyptoLocker and other malware attacks!

What can you do to prevent cybercriminals locking all your personal files and demanding money to free them?

 

A few sensible precautions will help minimise the chances of a CrytoLocker attack. So what are our top tips?

• Back up your files. If you use an external hard drive, don't leave it connected to your PC unless you are backing up. Alternatively, pay for an online back-up service – but bear in mind you may still be vulnerable if your backed-up files are mapped as a network drive. Check with your provider if you are unsure.

• Create files in the Cloud and upload photos to online accounts like Flickr or Picasa.

• Switch to a spam- and virus-filtered email service. Google Mail, for example, does not allow you to receive or send executable files (that can install viruses) as email attachments, even if they are hidden in zip files. (It also does not allow you to send them).

• Don't go to online porn sites, which are often the source of malware downloads. Take care when clicking on adverts; never open Twitter links and attachments from people you don't know or trust.

• Make sure your operating system is up-to-date with the latest security.

• Install the latest versions of your internet browsers and update add-ons such as Java and Adobe Flash.

• Get reputable anti-virus software and ensure you update it frequently.

• On Windows 7, double-check that you have set up System Restore points or, if you are using Windows 8, configure it to keep the "file history".

• Act quickly. If you do accidentally download a dodgy attachment, bear in mind it is likely to take some time for the encryption to take place. If you immediately download and run an anti-virus programme, such as the free anti-virus toolkit available from Sophos, it could destroy the CryptoLocker before all your files have been encrypted – however, you will permanently lose affected files.

• Encrypt the files you particularly want to keep private, such as documents containing your passwords or personal information, to prevent criminals from reading what's in them. Read this useful "Ask Jack" post on the Guardian technology blog to find out more about encrypting your files.

For more information on Malware attacks or anything you have read in this article please contact the IT Support Experts at Click Networks. Vist our website: www.clicknetworks.co.uk or call us on 0141 530 9116 

Internet Security: Fact and Myth

Myth #1: Viruses and other malicious software (“malware”) only affect computers and laptops.
Reality: Mobile malware, which affects smartphones, tablets and other mobile devices, increased by 58% last year. This malware can steal information such as phone numbers and email addresses (32% of the time), or use the phone’s GPS to track the user (19% of the time).

Myth #2: I can’t get a virus or be attacked on popular social networking sites.
Reality: Many well-known social networks, including several of the newest ones, are prime targets for scammers, with 56 per cent of social media attacks involving fake gift cards and survey scams.

Myth #3: Apple products aren’t susceptible to viruses and online attacks.
Reality: While hackers still primarily target PCs, more than 600,000 Mac computers were infected by one attack   last April; just one example that no operating system is safe from online threats.

Myth #4: Free antivirus software on my computer provides complete protection.
Reality: “Ransomware” (where cybercriminals lock you out of your computer unless you pay their “ransom”), is one example of the trend toward increasingly vicious malware, which is known for being harder to undo, more aggressive and more professional than other malware. This malware requires protection beyond what basic, free antivirus software can offer.

Myth #5: It’s easy to tell if a site is fake -- typos or foreign characters are dead giveaways.
Reality: Many spoofed sites today look exactly like the websites of legitimate brands, down to the smallest details. Additionally, the number of fake sites that imitated social networks more than doubled in 2012.

Myth #6: My computer won’t get infected since I don’t visit risky sites.
Reality: 61% of malicious sites are actually legitimate websites that have been compromised and infected with malicious code. Business, technology and shopping websites were among the top five types of sites hosting infections.

Myth #7: I’ll know right away if my computer is infected.
Reality: Cybercriminals today rely on stealth – the longer they’re on your machine undetected, the more damage they can do. Your computer could even be part of a “botnet” – a network of remotely-controlled computers that send spam emails or participate in widespread attacks – and you might not even know it.

Luckily there are still a few things you can do if you're guilty of falling for some (or indeed all) of these Internet security myths. We recommend:

• Stick to trusted websites when possible. When purchasing items online, check for security marks on the site before entering in your payment details.
   
• Limit your sensitive transactions when using public Wi-Fi networks or use a Virtual Private Network (“VPN”). Wi-Fi networks can allow other people to more easily snoop on your activity.

Common-sense should also dictate the following:

• Use complex and unique passwords for each site, including upper and lowercase letters, numbers and symbols.
  
• Never click on links or open attachments from people you don’t know. Also, if you receive a strange message from a friend, take a moment to verify it – it’s possible their email or social networking account was hacked.

 Read the full article here: http://tech.uk.msn.com/features/internet-security-myths-debunked 

For more information on anything you have read here or any IT Support queries please contact us on 0141 530 9116 or email us at info@clicknetworks.co.uk. To learn more about us please visit our website: http://www.clicknetworks.co.uk