STOP!! Before You Open That Attachment…Read This

There is an extremely malicious program that is spreading around the internet called “CryptoWall 2.0” that is affecting Windows computer users; home users as well as businesses and corporations. (It does not currently affect Mac computers, but cautions still apply to all computer users.)

CryptoWall 2.0 is the latest version of the malware, called ransomware, that you may have heard about earlier this year.

It attacks your computer and encrypts all of your files making them unreadable, then demands you pay a ransom in order to regain access. As it locks up your files (photos, music, documents…) it places an internet shortcut to a website inside each folder that launches when you try to open your files. It does all of the damage silently behind the scenes, encrypting all of your files before demanding the ransom, so you don’t have a chance to stop it until it has done its damage.

The earlier version, known as CryptoLocker, worked in the same way, but was able to be removed with removal tools and sometimes the files were able to be recovered without having to pay the ransom. Not so with the version that started attacking computers in October 2014. Your only options with CryptoWall 2.0 are paying the ransom (still no guarantees of your files being returned) or reformatting your hard drive and restoring your files from a clean backup.


How does CryptoWall 2.0 (Or any virus or malware) get into my computer?

It appears that there are two main ways for your computer to get infected; email attachments and advertisements on websites. 

This is the email that tricked us. You may receive one that looks like it is from the USPS, UPS, a bank, IRS – they come masked as anything and everything – DO NOT OPEN!!

Email Attachments: An email message with an attachment that appears to come from a recognized institution or friend, urging you to take action.

The email is trying to trick you into opening the attached file that has the malicious program inside and launches it invisibly in the background.

You think that the attachment doesn’t have anything in it and go about checking other emails or browsing the internet while the malware is busy encrypting your files. Next day or later, your computer starts to act strange and you may have forgotten that you opened that attachment.

Advertisements on Websites: You see an ad that looks interesting and click on it. Your browser is then redirected to a third-party page that execute programs searching for outdated browser plug-ins like Java, Flash Player, Adobe Reader or Silverlight. Once a vulnerability is discovered, CryptoWall 2.0 is then installed on your computer without you ever knowing it is happening.

 

Are your files and photos backed up?

The best way to make sure you can recover your precious photos and your important documents from an attack or device crash is to make regular backups to a removable storage device. External hard drives are very affordable and your computer has backup programs that make it easy to back up your data. Remember to disconnect the external storage device when the backup is complete to avoid the chance of your backup files being attacked and locked by CryptoWall 2.0 or any of the other copy-cat malicious viruses.

** Dropbox users – If you suspect you have inadvertently downloaded the malware onto your computer, immediately uninstall Dropbox (through Control Panel/Remove Programs) and access your files through the Dropbox website only. Crypto will encrypt your files on your computer and when Dropbox syncs it will sync your encrypted files.


How can I protect my computer – what precautions can I take?

1. DO NOT open any attachments that you are not expecting to receive.

It may appear to be from a friend, the bank, post office or other companies or government agency. If you are not expecting something, call the person or company and ask if they sent you something and what it is. Most times you will find that they did not send the email at all.

2. DO NOT click on any links in emails that you weren’t expecting, even if they came from a friend.

If they look like they are from your bank, PayPal, UPS or the Post Office, and especially if they are in your Junk/Spam folder. These are called “phishing” emails and they are trying to gain access to your private information. Don’t click – call them or go to the website directly and log in from there (www.paypal.com, www.yourbank.com, etc.).

3. DO keep your Anti-virus and Anti-Malware programs and definitions up to date and run scans frequently.

4. DO keep all software installed on your computer updated, especially your web browsers (Chrome, Firefox, Internet Explorer) and their plug-ins.

When there is an update it is most often to update a security vulnerability. The criminals that create the malicious programs and viruses are always updating their programs to attack at those insecure places.

 

What Can You Do Right Now?

 

  1. BACKUP your important files and photos – Buy a removable storage device right away if you don’t already have one. 
  2. RUN a complete scan of your computer using your Antivirus Program (I use AVG Free).
  3. RUN a complete scan of your computer using an AntiMalware Program (I use MalwareBytes).

 

 

It is my intention that this post equips you with the information you need to protect your computer data from a nasty attack. No need to be afraid of being online – information gives you the power to control your experience and keep your valuable information and photos safe.

I stress the importance of being extremely cautious of what you click on when reading email or advertisements online. It takes less than a second to open your files and photos up to some very damaging programs that can be very costly in time and money to repair.

 

Pam – PC Tutor Naples

 

Have you been tempted to open one of these files?

Leave your questions or concerns in the comments below. I will be happy to research answers for you.