Ransom ware has to be the highest risk associated to any personal or business computer data in this decade. It is simple in its method and sinister in its attack.

How’s it work?

It arrives as an email with an attachment, once opened it runs a program then proceeds to encrypt all data files on the computer or located networks. The encryption is so high it would take too long to crack by force.

Who gets these emails?

Even we get ransom ware emails, they are generally emails directed to you and relate to everyday services like delivery of goods or service providers like Telstra, they are now so well constructed that a quick glance its easy to miss the hidden dangers within.

What to look for:

    • Simple approach: Ransom ware are primarily emails with attachments. If its not expected it should be assumed its possible ransom ware.
      • If its expected? that is your expecting a delivery of goods, or you have a Telstra account and so might get emails from these service providers about your goods and services. When these providers contact you they don’t send attachments. They will always want you to login to their websites if more action from you is required. If its from them and has an attachment delete it.
      • If not expected delete it.
      • If you delete the good one they will normally contact you in a different method next time.
    • Complex approach: Ransom ware is all about hiding their true nature, they want you to believe they are someone they are not.
      • The key to a Ransom ware email is in its attachment,so checking out the email and who its from is harmless, but don’t click links within the email or touch the attachment. If you mouse over email addresses and links of respective service provider you often will see the hidden address or URL is not from that provider. Eg Australia Post delivery email might have an address like emailname@australiapost.somethingelse.cc , URL’s will have similar unusual addresses.
        • If unsure reply to the email this will generally get no response which will confirm the nature.  You can just delete it once you see the strange addresses.
      • Also often the subject is already been flagged somewhere on Google as Ransom ware so you can Google “(subject of email) is this ransom ware?”

All the best.

Adam Griffiths