With the recent massive ransomware global attacks (www.goo.gl/5wZSDF) it makes you stop and ask the question: “Is that Really You?” How do you know who is actually making the request, asking for money, sending you a link to update your information or asking to reset your password?
Before we dive into this topic, I’d like to thank our Team for putting a plan of action to assist our clients over the weekend to protect them to keep their businesses up and running. The AlphaKORians ROCK!
Ransomware is where your computer systems are hijacked and you are locked out. You have to pay thousands of dollars to unlock your data. Back-up, check and test your back-ups on a regular basis. Call AlphaKOR for help before doing anything else if you are hijacked.
The advice we have been giving all along is to be extremely suspicious of all e-mails received, particularly those that ask you to open attached documents or click on Web links. For Web links, right-click on it to check what address comes up. You may find it is actually another site.
Let’s use a bank as a scenario to consider. First off, no bank will send you an e-mail asking you to reset your password or advise you of a breach on your account, your debit/credit card. The banks, like many organizations, will call you when such an incident may occur. Is it really them calling? (a topic for another day).
For argument sake, we believe the e-mail with the breach and the link to update your bank information is legitimate, now what? Don’t click on the link. Let me repeat that: Don’t click on the link. Go to your Bank secured login website, enter your credentials and see for yourself all is in good working order. Important not to click on the link or cut and paste into your browser. Type in the website address in a new browser just to be safe.
The other occurrence we see is Identity Theft or Spoofing of an e-mail account. We have worked with some organizations that thought they were dealing with an owner, manager, co-worker or trusted person when in fact it was a complete stranger posing as the trusted person. How is this possible?
When you hit Reply, check out the e-mail address you are replying to. It was sent by “Frank Abbruzzese” a person you know and trust, however, when you hit reply, it may show something like this:
Frank Abbruzzese (firstname.lastname@example.org). Don’t laugh! This is actually happening, albeit, not so obvious as my alias to get my point across. If you still feel this is a legitimate address for this person, maybe it’s their personal e-mail account, you can start a new e-mail and send it to them to say I received an e-mail asking to wire you money or you can call the person.
This is common when people are travelling and a message is sent something to the effect “I’ve run into some trouble on this trip while on vacation and need $10 000 wired to my personal bank account.”
Yes, this is actually happening. We have assisted some who did this unfortunately with even higher amounts of money. During our investigation, we ask a lot of questions. Most of the time the person who wired the money replied with they thought it was a strange request, no the person does not normally ask for money but they are an owner so it was sent to their bank account. When we drill down, we find out it was an alias e-mail account and the money was sent offshore. That money is long gone and you are not going to get it back.
My words of advice: slow down, read what you are being requested to do, look at what the link actually shows, right-click it and see if it makes sense or not. If it does not make sense, question it, do not proceed, check who you are replying to by reading the full name as illustrated above.
If it sounds too good to be true, it just may not be true. If it sounds fishy or not the norm, question it. Take other actions instead of clicking links and replying without taking a closer look.