An irritating “pop-up” or a seriously bad infection?

We have come across numerous infections on Windows computers recently which are hoax warnings about nasty things happening on your computer. They are generally of the form “you have x,y or z infection on your computer. Pay £xxx to install our software to fix your problem”. In reality the only infection is the one telling you that you have an infection! Over recent months we have seen infections which are much worse and need to be taken very seriously.

Essentially this nastier type of infection creates then warns about a very real and potentially damaging problem. One variant is known as “Cryptolocker” and informs the user that all (user data) files have been encrypted and cannot be accessed without an encryption key. This key will be deleted in x hours (initially 72) unless the key is paid for at a price of around 300 euros. The sting with this infection is that it is not just a threat, you will find your files aren’t accessible and this will include files you have “write” access to on a server as well as your local desktop or laptop. We have heard of cases where the ransom was paid and file access restored but there is no guarantee. These aren’t nice people and who is to say you won’t find the same stunt pulled a few weeks later?

Good security software is one layer of protection you must have but it is essential to have a good, business-grade backup system in place too. Without a backup of your files you could find you lose everything. In examples we have seen, the damage was limited to Microsoft Office files and PDFs. This is one of those times you find out how good your backup mechanism is. We strongly recommend you are backing up everything that you need, including several generations of files, not just one.

Just to reiterate, you only need one user with access to all your company documents on a server to catch this infection and you have potentially lost everything. It’s that serious.

How might you catch this type of infection? We have seen it come in as an email attachment, allegedly from a UK bank. The email seems to look genuine except it has a very short message in it. The attachment is a ZIP file that appears to contain a Word or PDF document. Most people will realise it’s a fake, but if you are in a hurry and it appears to be from your own bank there is a risk of taking a quick peek at the attachment, so be really careful.

If ever you’re worried, call the experts! Get in touch with Pronetic today and let us assess your online security needs.

Comments are closed.