Mark Pribish

Consumers Are Now Being Targeted By Ransomware

By Mark Pribish
Vice President and ID Theft Practice Leader

I just read two great articles from (IN)SECURE Magazine titled "38% of consumers affected by Ransomware pay up" and "Ransomware spiked 752% in new families" sponsored by Help Net Security, an independent website, focusing on information security.

The first article highlights how "consumers are increasingly being targeted with ransomware, and many of them are paying up," according to Trustlook.

What I was surprised to learn and according to (IN)SECURE Magazine is that "ransomware has gone from a relatively exclusive category of malware utility to a mainstream destructive tool used in wave after wave of phishing attacks against individuals and companies alike."

The fact that individual consumers are being targeted should be a wakeup call for all of us to increase our education and awareness of ransomware in general and current trends in particular.

"Ransomware is now so widespread that it cost businesses a total of $1 billion in 2016. In addition, ransomware has been identified by the U.S. Department of Justice as the 'biggest cyber threat' of 2017."

(IN)SECURE Magazine also stated, that "while it’s true that attackers may have more to gain from large organizations, experts say they see consumers, with their lack of sophistication in security, as lower-hanging fruit. Because consumers usually have fewer information security resources than large organizations, breaches are far easier to achieve and are more likely to have a meaningful impact, and thus are more likely to result in a payment."

(IN)SECURE Magazine reports Trustlook found (https://www.trustlook.com/) "that this lack of awareness and apathy is resulting in insufficient action taken to protect devices and data. 48% of consumers are not worried about becoming a victim of a ransomware attack, and only 7% of non-impacted consumers say they would pay the ransom if they were hacked."

(IN)SECURE Magazine summarized as follows:

Study highlights:

  • 17% of consumers have been infected with ransomware
  • 38% of affected consumers paid the ransom
  • $100-$500 was the dollar range of ransomware payouts by consumers
  • 45% of consumers have not heard of ransomware
  • 23% of consumers do not backup the files on their computer or mobile device

In addition, (IN)SECURE solicited advice from Trustlook for those trying to avoid becoming a victim of ransomware: "'Backup your data to multiple devices, and to at least one device that is not connected to a network,' says Allan Zhang, CEO of Trustlook. 'Also, be cautious of emails by checking the sender’s email address before clicking any link.' he continued."


To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at www.idtheftedu.com.


BBB Warning: Update Your Software to Help Prevent Ransomware

A major ransomware attack was unleashed worldwide on Friday, infecting at least 75,000 computers in 99 countries, according to preliminary reports. The ransomware locked computers and networks using file encryption software, and demanded payment by Bitcoin (a non-traceable crypto-currency) to release the data.

The attack typically enters through a phishing email and then spreads to other machines on the same network by exploiting a vulnerability in Microsoft Windows. Although Microsoft discovered the vulnerability and released a patch in March, many computer users do not regularly update their operating systems and may have missed the critical repair.

Better Business Bureau joins with the National Cyber Security Alliance in suggesting the following cyber hygiene defenses:

  • Don’t click on links from unfamiliar sources. Even if you think you know the sender, be cautious about clicking on email links. When in doubt, delete it. Be especially wary of messages requiring you to act quickly, asking for personal information, or threatening you in any way.
  • Keep clean machines: Prevent infections by updating critical software as soon as patches or new operating system versions are available. This includes mobile and other internet-connected devices.
  • Use strong authentication, requiring more than a username and password to access accounts, especially critical networks, to prevent access through stolen or hacked credentials. Check out Lock down your login or more information.
  • Conduct regular backups of systems: Systems can be restored in cases of ransomware and having current backup of all data speeds the recovery process.
  • Make better passwords: In cases where passwords are still used, require long, strong and unique passwords to better harden accounts against intrusions.

Businesses need to take special precautions when it comes to protecting their customers’ information. One of the BBB Standards for Trust is:

  • Safeguard Privacy: Protect any data collected against mishandling and fraud, collect personal information only as needed, and respect the preferences of consumers regarding the use of their information.

One of the ways businesses can safeguard privacy is by taking BBB’s "Five Steps to Better Business Cybersecurity" (bbb.org/cybersecurity).

For More Information:

Consumers can learn more about avoiding scams and fraud at article.

Courtesy of the Better Business Bureau - for more information visit http://www.bbb.org/phoenix/news-events/

To find out more about other scams, check out BBB Scam Stopper (bbb.org/scamstopper). To report a scam, go to BBB Scam Tracker (bbb.org/scamtracker).

If you believe your identity has been stolen, call 866.SMART68 today.