Phishing email has been the top hacking method by ransomware bad actors for many years. According to Datto, a global cybersecurity firm, their survey has shown that more than 67% of their Managed Service Providers (MSP) reported their customers were infected and attacked by ransomware via phishing email.
Phising emails’ objective is simple. They try their best to trick the email recipients into opening the attachment or clicking on the URL link to a fake website by disguising as important business emails or from the banks and the authorities. Once the ransomware has taken control over your system, it can start causing trouble to your system and encrypting all your data and send you ransom note for payment in exchange for your own data.
Lately, the pandemic of the coronavirus worldwide has got attention of everybody, and the ransomware bad actors are also taking advantage of the trend and started crafting coronovirus prevention email disguising as World Health Organization (WHO) to fool those who receive such emails into opening the attachment or following the URL link.
If you are receiving one, please don’t panic. Best is not to download anything as you can always find the information in WHO’s website. The following link is the advice by WHO if you did receive email allegedly from WHO.
Many bad actors have been registering coronavirus-related domains which will be used for phishing scams such as stealing your bank account username and password via a fake donation website or download malware while doing so.
How to keep your system and data safe from such attack?
First of all, the easiest way is to upgrade any of your existing Windows 7 or 8 to version 10. Windows 10 comes with Windows Defender, which is Microsoft Anti-Virus and it is as good as any AntiVirus in the market. Keep your browser updated to the latest version. Obviously, educating or providing training to your email users will definitely help reduce the chances of your server and network from getting phishing and ransomware attack.
Lastly, and most importantly is to keep your data safe. This doesn’t mean you need just a few copies of backup. More importantly is how you keep these backup copies safe from the reach of ransomware. The only way to make sure they are safe from the radar of ransomware is to make sure these backups are offline, meaning wherever to store your backup copies, these storage mediums (external hard disk / NAS / standalone PCs/Cloud) cannot be connected to your Server once you have performed the backup.
For more information about Offline Backup please check out the video at the following link: