Is that really a Windows update you are about to click on? Or ransomware in disguise? As first documented by Fortinet FortiGuard Labs and followed up by Trend Micro, new ransomware is currently on the rise and disguising itself as fake Windows updates and Word installers as part of a malvertising campaign. Also, multiple variants of this ransomware have been discovered.
Here’s what we know so far and what you can do to protect yourself.
What does this new ransomware do?
The ransomware, which is called Big Head, infects devices and encrypts the device’s files by displaying a fake Windows update alert on the victim’s computer. Three encrypted executable files are deployed in the attack – one for propagating the malware, one for facilitating communications via Telegram, and one for encrypting the files and displaying the fake Windows update.
What can I do to protect myself from this ransomware?
Ransomware criminals will try to get you to pay money to them to get your files back. However, paying the ransom does not guarantee that you will regain access to anything a criminal takes from you and will only permit them to do it more.
Your best bet is to prevent an attacker from gaining access to your files altogether so that you don’t have to try to fight to get them back. Here are some of my tips for avoiding having your files stolen in a ransomware attack.
Avoid sketchy-looking emails
If you receive an email from an address you do not recognize, don’t open it. If you open it by mistake, avoid clicking any links or opening any attachments within the email. This is a classic method that cybercriminals use to try to trick you into thinking that the message is from someone important.
Back up your files on an external hard drive
I highly advise you to create backups of your information on an external hard drive and store it securely in a safe location. This process involves regularly making backup copies and then disconnecting the external drive from your computer for added safety. You should store the disconnected drive in a secure place like a fireproof safe or a safety deposit box. By keeping the drive unplugged when not in use, you significantly minimize the risk of unauthorized access to your data by hackers.
To learn more about the great devices you can use to back up your important files, visit Cyberguy.com/BackUpDevices
Kurt’s key takeaways
Attacks like these are scary, especially when the attacker is disguising themselves as a legitimate company like Microsoft. This is why you have to be extremely careful before you click on any links or open any attachments that are sent to you out of the blue. Make sure you follow my tips, and don’t be so quick to judge everything that you see right away.
Why do you think the U.S. has been a major target of this ransomware? What more should authorities be doing to stop it? Let us know by writing us at Cyberguy.com/ContactFor more of my security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Copyright 2023 CyberGuy.com. All rights reserved.