Tag Archives: Ransomware

New FTC Website Helps Small Businesses Avoid Scams and Cyber Attacks

Attacks can be especially devastating to small businesses; FTC provides information on how businesses can protect themselvesftc

At the direction of Acting Chairman Maureen Ohlhausen, the Federal Trade Commission (FTC) has launched a new website – ftc.gov/SmallBusiness – with articles, videos, and other information aimed at helping small business owners avoid scams and protect their computers and networks from cyberattacks and other threats.

“Small businesses are critical to our economic strength, building America’s future, and helping the United States compete in today’s global marketplace,” Acting Chairman Ohlhausen said. “This innovative new website is a one-stop shop where small businesses can find information to protect themselves from scammers and hackers, as well as resources they can use if they are hit with a cyberattack.”

According to the U.S. Small Business Administration (SBA), there are more than 28 million small businesses nationwide, employing nearly 57 million people. Scammers frequently target small businesses with deceptive tactics designed to get them to pay for supplies they didn’t order, donate to fake charities or trick them into giving access to their network or downloading malware that can corrupt their business’s computers.

Cyberattacks can be particularly devastating to small businesses, and many of them lack the resources that larger companies have to devote to cybersecurity. Symantec Corp.’s 2016 Internet Security Threat Report indicates the percentage of spear-phishing attacks targeting small business rose dramatically from 18 percent to 43 percent between 2011 and 2015.

The FTC’s new web page offers specific information to help small businesses protect their networks and their customer data. This includes a new Small Business Computer Security Basics guide, which shares computer security basics to help companies protect their files and devices, train employees to think twice before sharing the business’s account information, and keep their wireless network protected, as well as how to respond to a data breach. It also has information on other cyber threats such as ransomware and phishing schemes targeting small businesses. The FTC is continuing to work with the SBA on additional ways to help small businesses.

If you or your business have questions or concerns regarding fraud, computer law, privacy, or cybersecurity law matters, including assistance with policies, prevention or recovery from a ransomware attack and cybersecurity insurance or insurance claims, contact attorney Jeffrey A. Franklin at Prince Law Offices.

Advertisements

Leave a comment

Filed under Business Law, Communications Law, Computer Law, Consumer Advocacy, News & Events

FTC Offers Advice on How to Avoid and Respond to Ransomware Attacks

ftc

Following its recent workshop on Ransomware – malicious software that denies access to computer files until the victim pays a ransom – the Federal Trade Commission (FTC) is offering tips on how consumers and businesses can protect devices and respond to ransomware.

The FTC offers How to defend against ransomware to help consumers. Businesses can find guidance in Ransomware – A closer look and the accompanying video, Defend against Ransomware.

If you or your business have questions or concerns regarding fraud, computer law, privacy, or cybersecurity law matters, including assistance with prevention or recovery from a ransomware attack and cybersecurity insurance or insurance claims, contact attorney Jeffrey A. Franklin at Prince Law Offices.

 

 

Leave a comment

Filed under Business Law, Computer Law, Consumer Advocacy

New Locky Ransomware Phishing Attack: Credit Card Suspended And Suspicious Money Movements

Ransomware is an increasing plague.  We have seen that it can disproportionately impact individuals and small businesses which may be least prepared to protect themselves or respond to ransomware computer attacks.  Yesterday, Graham Cluley described the latest spam email flood trying to hold your computer files ransom for your hard-earned money.
locky

Please be extremely cautious of unsolicited emails, especially with ZIP type attachments.  It’s one of the favorite methods used by cyber-criminals to trick unsuspecting computer users into opening dangerous attachments or clicking on a link to a malicious webpage.

In the last few days there have been a spate of spam attacks duping unwary internet users into clicking on an attachment that will lead to their Windows PC being infected with the notorious Locky ransomware.

For instance, you might have seen messages like the following appearing in your inbox, claiming that there have been “suspicious movements” of funds out of your bank account.

suspicious-movement-email

Attached to the email is a ZIP file containing a malicious .JS (Javascript) file, that if opened downloads a version of the Locky ransomware from a remote server from one of several different URLs, saved in a temporary folder under the name “GyFsMGsLUNA.dll”.

The malware is executed without any requirement for further user interaction. No further clicking is needed.  Some antivirus products detect the malicious Javascript as Trojan.JS.Downloader.GXW.

Similar attacks have been spammed out claiming that your credit card has temporarily been suspended.

account-suspended

Alternatively, you might have received emails posing as notifications that you have a parcel waiting for you at your local mail office.

parcel-email

This final example also leads to the Locky ransomware.

In all cases, the criminals can (and frequently do) change the names and contact details used in the emails meaning that you cannot always rely on them looking the same.  In these examples, the file attachments were all ZIP file attachments.  Criminals frequently use ZIP file attachments to hide the true purpose of the attachment.

Tips to avoid these problems include keeping your operating system up to date, keeping up-to-date security software on your computers and email servers, creating regular off-line backups, and conducting user awareness training to teach employees to be wary of dangerous file types and unsolicited emails.

We know that criminals are making money from online extortion – and ransomware is one of their favorite methods.

If you or your business have questions or concerns regarding fraud, computer law, privacy, or cybersecurity law matters, including assistance with prevention or recovery from a ransomware attack and cybersecurity insurance or insurance claims, contact attorney Jeffrey A. Franklin at Prince Law Offices.

Leave a comment

Filed under Business Law, Communications Law, Computer Law, Consumer Advocacy

Consumer Alert: Bad Advertisements may Infect Your Computer

Consumer Alert: Bad ads may Infect Your Computer – You need to understand something about poisoned ads on websites which might infect your computer. Here is the situation in a nutshell: Advertisers do not sell their ads to websites one at a time. Websites that want to make money sell their advertising space to an ad network. Advertisers sign contracts with that ad network which then displays the ads on the participating websites. The ad network sits in the middle between the advertisers and the websites and manages the traffic and the payments.

There is the problem. Cybercriminals fool the ad network into thinking they are a legitimate advertiser, but the ads which are displayed on major websites are poisoned. If you browse to a page with a poisoned ad on it, that is enough to run the risk your PC will be encrypted with ransomware, which may cost $500 or more to get your files back if you don’t have a good recent backup.

So here are a few things you can do about this. First, disable Adobe Flash on your computer – or at least set the Adobe Flash plug-in to “click-to-play” mode – which blocks the automatic infections. Second, keep up-to-date with all security patches and install them as soon as they come out. Third, download and install Ad Blocker plug-ins for your browser, these prevent the ads from being displayed in your browser to start with. These ad blockers are getting very popular, hundreds of millions of people use them.

In a computer network, you could do two things:

  1. Get rid of Flash all together, we see this happen a lot, or
  2. Deploy ad blockers using group policy, here is a forum post at the AdBlock Plus site where it is explained how this can be done. I use Adblock Plus in Chrome and Internet Explorer. Link:
    https://adblockplus.org/forum/viewtopic.php?t=29880

Concerns about cybersecurity or recovering from a ransomware or other cyber attack?  Contact attorney Jeffrey A. Franklin.

Leave a comment

Filed under Business Law, Consumer Advocacy, News & Events