WannaCry Ransomware

***Alert*** Global Ransomware Attack
On Friday, May 12th a global cyber-attack exploiting hacking tools believed to have been developed by the NSA, has infected tens of thousands of computers in nearly 100 countries, disrupting Britain’s healthcare system and FedEx.

The attack comes in the form of a malicious email with attachments falsely appearing to contain invoices, job offers and security warnings. Once open, the malicious email encrypts data – the attackers demand ransom payments of $300 – $600 in the form of Bitcoin to restore access.

To protect its customers from the largest ransomware attack to date, Microsoft has taken an unusual step and has released an emergency security patch for all its versions of Windows – including unsupported versions XP, Vista, Windows 8, Server 2003 and 2008 Editions.

For our managed IT and AV services customers, other than being diligent and careful about the emails you open, no further action is needed – we have been following the issue closely, checking and verifying systems all weekend.

Below are a few useful tips courtesy of Return Path to help you determine the validity of an email that may be a phishing attempt. As always, if you have any questions or concerns, please do not hesitate to contact us.

  • Don’t trust the display name
    A favorite phishing tactic among cyber-criminals is to spoof the display name of an email. Check the email address in the header ‘from’ field – if it looks suspicious, don’t open the email.
  • Look but don’t click
    Hover your mouse over any links embedded in the body of the email. If the link address looks weird, don’t click on it.
  • Check for spelling mistakes
    Brands are serious about email. Legitimate messages usually do not have major spelling or grammatical errors. Read your emails carefully and report anything that seems suspicious.
  • Analyze the salutation
    Is the email addressed to a vague “Valued Customer?” If so, watch out – legitimate businesses will often use a personal salutation with your first and last name.
  • Don’t give up personal information
    Legitimate banks and most other companies will never ask for personal credentials via email. Don’t give them up.
  • Beware of urgent or threatening language in the subject line
    Invoking a sense of urgency or fear is a common phishing tactic. Beware of subject lines that claim your “account has been suspended” or your account had an “unauthorized login attempt.”
  • Review the signature
    Lack of details about the signer or how you can contact a company strongly suggests a phish. Legitimate businesses always provide contact details.
  • Don’t click on attachments
    Including malicious attachments that contain viruses and malware is a common phishing tactic. Malware can damage files on your computer, steal your passwords or spy on you without your knowledge. Don’t open any email attachments you weren’t expecting.
  • Don’t believe everything you see
    Phishers are extremely good at what they do. Just because an email has convincing brand logos, language, and a seemingly valid email address, does not mean that it’s legitimate. Be skeptical when it comes to your email messages – if it looks even remotely suspicious, don’t open it.

1 Return Path: https://blog.returnpath.com/10-tips-on-how-to-identify-a-phishing-or-spoofing-email-v2/