Yes, another attack came out today that combines all kinds of malware threats into one nightmare package. With the number of ransomware attacks increasing so drastically, many people feel helpless and are just waiting to get taken down. And yet there are really simple tricks to overcome most of these intrusions.
To understand why these tricks work, it is first important to know that a user has to install the malware in order for it to work. Much like a classical vampire, if you do not let the bad software into your home then you cannot be taken down. So hackers have to fool you into clicking on something that lets them in. They try to send you emails that look real (called phishing) or they fake your target website (called spoofing) and attempt to get you to click a link.
In fact, almost all major hacks that grab credit card and customer data are targeting information to be used to get you to download malware at some later date.
Now hackers are good, REALLY good, at masquerading their downloads but there are some things they just cannot overcome. The first, and quickest, of these options, is to look for that little security icon at the top of your screen for a secure site:
Sometimes, depending on the browser, this icon will say “Secure” but this is a good way to verify that the site you think you are going to is, in fact, protected. Click on the icon and check the site information and make sure the website is correct. Also, look at the URL – in this case, ours is https://bearsystems.wpengine.com – and make sure the URL looks correct. This latter step is not as good as hackers are great and making real looking URLs but it can’t hurt.
Hackers can actually change what you see and spoofing SSL certificates is a common tactic. One of the best ways to overcome a phishing attempt is to simply call the person or company from whom you received an email or link. If something feels just a little off, make a quick call (or text, slack, etc…). We call this “out-of-band” verification and it is incredibly hard for hackers to overcome. It really is that easy and takes just a little effort.
For things such as spoofing, the first option works well (as does a good malware software option such as Malware Bytes). Yes, hackers can hack your monitor and get you to see whatever they want – but that is more effort, more malware and you have to download it before it would ever work.
Sure you might be infected now but you might not and these simple tricks give you the power to keep yourself safer moving forward.