Do you WannaCry

Do you WannaCry?

WannaCry Ransomware

Just the other day I wrote an article about the Top 5 Excuses why businesses do not have a cybersecurity program in place. In that article I mentioned the WannaCry ransomware worm that grew to a worldwide threat in record time.

Guess what?

It’s back. WannaCry aka WannaCrypt 2.0, is back and it is reported to have infected over 75.000 users in Europe on Saturday. That number grew to more than 200,000 by Sunday.

“Wannacry is by no means the biggest threat ever, but my nature (using recent windows vulnerabilities) it targets organizations who set low priorities for IT security, such as hospitals. Historically, only a small percentage of victims pay up. The majority of the damages are in lost productivity or even lost revenue due to customers facing processes breaking.”
WannaCry: What You Need to Know www.securelink.net

Are You a Target

The primary targets are the low hanging fruit businesses. Those who put low priority on securing their systems. At first the criminals were asking a mere $300 to unlock your files. They seem to be upping the ante’ as time passes.  There have been 3 bitcoin accounts identified to be connected with this attack. The criminals had collected in excess of $35,000 by Sunday. I am sure that number has increased dramatically since.

How Big is Your Bankroll?

How much lost revenue can you afford to lose because your customer facing systems are locked down. Your employees, their families and your own family can also be easily affected. What will it cost then? If you do pay their ransom do you really believe you are free from the grips of the perpetrators? It seems to me they will own you forever. Well, at least until a fix is released, maybe.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Amazon Prime points scam

Scammers try everything like posing as Amazon Prime. With a subject line of ‘Your Amzon-Prime bucks  are expiring’ scammers attempt to elicit a response from unwary people. Once inside you find  they employ urgency to get and use your bucks before its too late.  All designed to get you to click on their link.

The link contains a script that will infect your system with malware. The malware may lay dormant for a long time and you will not even know its there. One day in the future you will be made aware that there is a problem with your device. By that time it is too late. The damage has been done. The malware may have gathered all of your personal info and sent it along to the scammer.

Then its, Congratulations! Your system has been hacked and your Identity has been stolen!

That is why it is so important to be ever vigilant when you are online. Emails and nefarious sites lurk in every corner of the web.

Learn how you can teach your employees to avoid phishing and other scams. This not only helps protect your company but your employee and their family as well from possible scams that can lead to Identity Theft or serious security breaches. Contact us HERE

Password Security

We have all heard password security says we should change our passwords regularly. We also should not ‘reuse’ passwords on different sites. This is sound advice but how many people really follow it. The numbers are shocking. Surveys taken consistently show that over 90% of people know they should not reuse passwords between sites but up to 83% still do.

A survey by Cyclonis confirms these numbers stating “an astounding 83.15% of respondents said they use the same password for multiple sites. …a small but shocking amount of users, 2.20%, said they use the same password for every single website.” You can read the full article at Cyclonis. They also have a nifty tool you can use to see how well you may or may not be doing regarding your password strength and reuse habits.

Businesses need to pay special attention to their password policies. According to an article on Security Boulevard almost 50% of people say there is no difference between the passwords they use at home and those they use at work.

Following a few simple rules can keep your personal information secure.

    • Longer passwords are better. Make sure they are over 8 characters minimum
    • Use Numbers, Special characters and Upper and lower case letters.
    • Replace letters with numbers or special characters. i.e. 3 for E, 5 for S, ! for i
    • Change your passwords regularly.

If you need a bit more encouragement think about it this way. First, if you reuse passwords or even just add a letter or number at the end it does not take any time to crack those passwords. You have to remember time is on the bad guys side. They can just sit back and let their computer do the work, even if it takes their password cracker days to crack.

If they get your email password they have access to all of your emails that have not been deleted. So that probably includes links to your bank, school, work, your kids school and other activities as well as possible purchases you have made.

Once they have the right information you are owned! The majority of people discover identity theft within 3 months but up to 15% of people don’t find out for more than 3 years. The cost to fix everything is tremendous. Not only financial burdens that can escalate to the millions and bankruptcy, there is also emotional stress. In addition you can count on missing days from work and possibly even lawsuits. Your credit will likely suffer as well and is something that you will be paying for for several years after you get everything straightened out.

Most of these problems can be solved or avoided by using a Security Awareness Program that includes a Password policy that can be easily implemented.

Safeguard your business with a Security Awareness Program that will help protect your business and show your employees how they can protect their families too. Contact us HERE

You have a payment in process…

Email Phishing Scams

Below is an email that is just phishy..
FYI As usual, I have disabled URL’s

subject: $41,361.35 sitting in our payment queue

Hey there,

You have a payment in process and will be credited to your account soon…

Amount: $15,102.80

VERIFY PAYMENT NOW <http://pt5.abellacarl.trade/btrevc>

If this email was sent to you by mistake, please ignore it.

Good luck,

Alfie Bentley
Snap Cash Support

This is among the type of spam/scam emails which may catch the unsuspecting person by surprise. Regardless of whether or not it brings a person to a site that downloads any malware, it certainly has the potential to get you put onto another mailing list that may not be so benign.

Among the ‘suspicious’ items in this email is that the unsubscribe link is very far down the page that is full of blank space. It also has a supposed “Report Abuse” link that has the same url as the unsubscribe link as shown below.

Unsubscribe
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>  from this newsletter instantly.

Report Abuse
<http://www.lettermelater.com/unsubscribe.php?mid=1111111&email=********.***>

I suggest simply marking this email as junk/spam and if need be block the senders address.