• Cybersecurity

Ransomware: Spot the Signs + How to Fight It

Jon Erdmann Headshot

Jon Erdmann

Chief Information Technology Officer 

Computer and files with lock

What Is It?

Ransomware is a form of malware created and programmed to encrypt files on a device.

The fraudster will then turn around and demand ransom in exchange for decryption. They will threaten to release the information by selling or leaking it if they are not paid. The problem is, while they may ‘promise’ they will decrypt the information and won't leak anything if they're paid, there is no guarantee.

How Can You Prevent It?

  • Keep your software updated.
  • Enable strong spam filters.
  • Turn off options to automatically download attachments.
  • Watch for email red flags.
  • Never click on links or open attachments that you are not expecting, regardless of who the sender is.

How to Spot Email Red Flags

  • Sender Name
    • Were you expecting an email from them?
    • Is their name spelled correctly?
  • Email Address
    • Do they typically email you from this email address?
    • Does it match your records?
  • Context + Tone of Email
    • Is there a sense of urgency or threat?
    • What are they asking you to do?
    • Are there spelling and/or grammar errors?
  • What's Attached or Linked?
    • Were you expecting them to send you an attachment or link?
    • When you hover over the link, does the URL match where they say it's going?
    • Does the file name make sense?

Example of a fraud email

What to Do When It Happens

  • Ransomware attacks can be distressing and overwhelming. It's crucial to act quickly and strategically to mitigate damage, recover data, and prevent further incidents. Here’s a detailed guide on how to respond effectively:

    1. Disconnect Affected Devices

    As soon as you detect a ransomware attack, immediately disconnect any compromised devices from the internet or your network. This includes disabling Wi-Fi and Ethernet connections to prevent the malware from spreading to other devices. If the infected device is connected to shared drives, external storage devices, or cloud services, disconnect these as well to contain the infection. Take the time to power down non-essential devices that could also be at risk of exposure.

    2. Seek Professional Help

    Do not attempt to resolve the attack on your own. Contact a reputable cybersecurity expert or firm for immediate assistance. These professionals are experienced in dealing with ransomware and can:

    • Assess the severity of the attack.
    • Determine whether data recovery is possible without paying the ransom.
    • Secure your systems to prevent reinfection.
    • Provide a detailed incident report to assist in ongoing investigations.

    Additionally, notify local law enforcement or cybersecurity-focused agencies. Reporting the attack can contribute to larger efforts to track and dismantle ransomware operations.

    3. Contact VISIONBank Immediately

    If the ransomware attack involves accounts or sensitive data related to VISIONBank, reach out to us as soon as possible using a device that has not been compromised. By informing us promptly, we can:

    • Freeze or monitor your accounts to prevent fraudulent activity.
    • Offer guidance on securing your financial information.
    • Assist in restoring access to your accounts or resetting login credentials, if necessary.

    Additional Tips for Handling a Ransomware Attack

    • Document Everything: Keep a record of what happened, including any error messages or ransom demands. This information will be helpful for professionals working to resolve the issue.
    • Avoid Paying the Ransom: Paying the ransom is discouraged as it does not guarantee data recovery and may encourage further attacks.
    • Revisit Security Practices: Use this incident as an opportunity to review and strengthen your cybersecurity measures. Implement regular backups, update software, and educate your team about phishing and other common attack vectors.

    By taking immediate and informed action, you can reduce the impact of a ransomware attack and safeguard your systems and data against future threats.