Headlines in today’s news warn of ransomware emails actively infecting companies around the world. With the recent highly targeted attacks on companies such as FireEye and SolarWinds, and increased attacks on the Healthcare industry, all organizations are targets.
Every business should take these threats seriously. Engineers should ensure your supported systems are backed up, with software updates completed and anti-virus (AV) updated. Many of the companies we support put in additional layers of protection that further protect their networks, such as web or spam filtering, social awareness training, and managed detection and response solutions. While no cyber attack is 100 percent preventable, taking the necessary steps to protect your organization will decrease the likelihood of an attack.
These simple tactics may help you avoid falling victim to ransomware attacks.
13 simple rules to avoid ransomware emails
- Look at the sender’s email address – If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Contact the company using information provided on an account statement or navigate directly to their website to find accurate contact information. Do not use the information provided in the email. In addition, email spoofing is frequently used so it will look like the email is coming from a legitimate source. Be overly cautious with any email to your inbox that you are not expecting.
- Look at the email subject line – Does the subject line create a sense of urgency? These may be malicious. Trying to force an immediate response is likely an indicator. Always use control and caution when addressing an email of urgency. Best practice is to contact the sender in another form and confirm that they sent you the email. An urgent call to action is one of the most common means of preying on colleagues who only want to be helpful.
- Look at the body of the email – Is the message properly formatted? Be cautious of misspellings. Does the email have the company’s contact information and/or logo graphics that you’ve been accustomed to seeing if you’ve received mail from them before?
- Look for URL links in the message – Embedded links may be redirection links with the intent to take you to a malicious site. By hovering the mouse over the link, it will provide information about where the link is redirecting you. It’s better to type the URL in your browser than to trust the hyperlink. If you are unsure about the safety of the link,
contact the sender and verify that they sent you the link. However, do not use the contact information in the email to verify (it could be fake). Look the contact information up elsewhere and contact that sender. Always use caution when clicking an external link.
- Look at the email attachment – Are you expecting the attachment? Do you recognize the type of file? Attachments should always be treated with extreme caution. If you are uncertain of the legitimacy of an attachment, do not open it and contact your I.T. representative.
- Use Shift + Delete to delete emails believed to be malicious – This action will permanently delete the email and not just move it to your “deleted items” folder.
- Don’t reveal too much information – Do not reveal personal or financial information in an email, and do not respond to email solicitations that ask for this information. This includes following links sent to you in an email.
- When in doubt, throw it out – Links in emails, tweets, posts, and online advertisements are often how cybercriminals try to steal your personal information. Even if you know the source, if something looks suspicious, delete.
- Look for the HTTPS lock icon – Before sending sensitive information over the internet, check the security of the website. The HTTPS lock icon indicates the site is secure.
- Pay attention to the website’s URL – Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (.com versus .net, or .co versus .com, for example).
- Check that your antivirus is up to date – Check that your antivirus protection is active and up to date on your system. If you don’t know, ask your I.T. representative.
- Don’t access personal email on the corporate network – The defenses may not be in place to stop a virus or malicious email from executing through those channels.
- Request I.T. to add external email warning message – If your organization doesn’t have it already, engage with your I.T. department and ask that they add an external email warning message to any email originating outside of the company network. This can serve as an immediate flag to users, making them more cautious of the email and its contents.
Learn more ways to train everyone in your organization to recognize threats here.
Being diligent about verifying and checking email information can mean the difference between being safe and being hit with a cyberattack. While your security posture should be multi-faceted, email attacks are a large potential threat vector. Use the above tips to decrease the potential of an attack by ransomware emails.