Last week, a local school district suffered a phishing attack distributed by email. In addition, ransomware was also being distributed to district users via email. Several machines were infected, including servers, as individuals clicked on email attachments that made no sense whatsoever. Other districts have faced similar challenges:
It’s…thrown a kink in the school district’s scheduled Partnership for Assessment of Readiness for College and Careers (PARCC) exams, which are “high-quality, computer-based K–12 assessments in Mathematics and English Language Arts/Literacy.” The crypto-ransomware “has affected the district’s entire operations from internal and external communications to its point-of-sale for school lunches. It also has prevented any students from taking the scheduled PARCC exams, which are entirely computerized.” Source: Network World
Here are some of the recommendations I offer districts and folks who encounter these issues:
You are the best anti-virus protection District computers have. Follow these 5 steps to protect yourself and others from unnecessary loss of data. Help others you work with follow these steps. You are facing an imminent virus threat from “ransomware.”
Earlier this year, you saw how emails were being used to spread a web site that sought to steal your GoogleApps login credentials. Over the last few days, staff opening ransomware–a form of software that infects your machine when you double-click on it and encrypts your files, then demands you pay them for decrypting them–included in email attachments have unwittingly spread the virus across the District.
Take these steps to safeguard your hard work in computer documents and files on your computer:
- Look before you click! Avoid clicking on email attachments that come from people you do not know. Email attachments with “exe,” “zip,” are suspicious. Also, do NOT go into your SPAM folder on GoogleMail and click on the email attachments. Those messages are marked as SPAM because they are unwanted, inappropriate, and/or may contain malware email attachments.
- Connect before opening. Even if you DO know someone sending you a file, ask yourself, “Was I expecting a file from this person?” If yes, call and connect with them…ask, “Did you send me this file?” If the answer is “No,” then delete it. If it’s important, they will reach out to you again.
- Avoid clicking on email attachments via your personal email on a work computer, especially if it is a Yahoo email account given the types of malware spreading ads that find themselves displayed on that service.
- Scan files before opening them. You can right-click a file, save it to your computer, then choose to virus-scan it before opening it. If you don’t know how, ask your campus technician or a tech-savvy person nearby.
- Backup your Data to GoogleDrive. If you plug-in your USB external hard drive or USB stick/pendrive and work from there, be aware that viruses spread via USB drives and ransomware will actually make your data unusable. Even worse, if you have cloud storage–like Dropbox or GoogleDrive Sync–(where your files are automatically backed up when you place them in a certain folder (e.g. Dropbox)), be aware that ransomware WILL encrypt those files and they will be auto-saved to your cloud storage provider. Better to turn those services off and manually back them up (i.e. go to the Dropbox or Drive web site, click on the upload button). Make backups of your computer’s documents/files/data to Google Drive rather than just saving them on a USB flash drive. Watch this video tutorial
Just a few moments ago, I received an email from Ramsey M. purporting to share some files with me via Dropbox, but…I hesitated and that made all the difference. Let’s go through the process together…
|When you examine the “Click here to view” link, I found a link to a non-Dropbox web site in the UK.
Knowing that Ramsey probably didn’t send this email, I opened up a fresh browser where I’m not logged into anything and tried the link: It didn’t work. Page Not Found error. That’s good! But if it had been a phishing scam, something like this would have popped up:
The goal of these sites is to steal your information! Don’t fall for it!
For Home Users who may be facing virus threats or fear they have been infected, use these tools. Note that this does not constitute a purchase recommendation since these tools are available for free, personal home use:
Everything posted on Miguel Guhlin’s blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure