Page 77 - Cyber Warnings
P. 77
Updates
Install all Windows updates. Microsoft delivers updates for Windows every month. The majority
of these updates are security tweaks that safeguard your system from recently
discovered vulnerabilities.
Because ransomware Trojans are often installed by means of exploit kits that take advantage
of Windows vulnerabilities, in the event Windows informs you about new updates, you must
install them immediately.
The same as with Windows vulnerabilities, exploit kits target security holes and zero days in
widely installed software like Adobe, Java, etc. That means it is critical to always
keep these applications up-to-date too.
SPAM filters
By far the leading delivery method for ransomware is SPAM messages that impersonate bills,
invoices, shipping notices, resumes, etc. Outlook, Gmail, Yahoo are going to block a great
number of SPAM messages, however if you do not have service that utilizes strong SPAM
filters, then these kinds of emails can sneak in.
Show file extensions
Windows will not display the file extensions by default. This helps ransomware
authors to fool users to think that malware files are not executables but their old and familiar
PDF or Word documents.
Victims click on such files thinking them to include text or other data, in fact, they merely launch
an application that installs the virus.
So, do turn on the Windows feature that shows all file extensions. It will be much harder
for hackers to trick you into running their executables.
Dangerous email attachments
You should not click on email attachments without verifying that someone else really sent it.
Every time ransomware is sent out with SPAM, the downloader or virus itself is added as an
attachment. When you get any attachment, you should either confirm with the person who sent
it or at least use VirusTotal and scan it for viruses.
If you open an unknown attachment by mistake and notice a prompt to enable content or
macros, never do it, this will allow criminals to install the ransomware.
77 Cyber Warnings E-Magazine February 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
