Scam Alert: Malware and Ransomware

What are malware and ransomware attacks?

Malware — short for "malicious software" — is any type of software created to disrupt or damage a device's operation, gather sensitive information, or give someone access to your computer. Cybersecurity terms you may have heard before, like viruses, spyware, and ransomware, are all different types of malware.

Ransomware is a specific type of malware that aims to gain access to a victim's files so the hacker can lock and encrypt them before demanding a ransom from the file owner in exchange for unlocking the file. The National Cyber Security Alliance's StaySafeOnline2 initiative calls ransomware "the 'digital kidnapping' of valuable data — from personal photos and memories to client information, financial records, and intellectual property."

When the kidnapped files contain personal files, this threat is scary enough, but when you're working from home, your company's files could also be at risk, making ransomware an even more daunting — and costly — menace.

How does malware get on my computer?

Cybercriminals sneak malware onto people's devices in a variety of ways,3 including exploiting software vulnerabilities (weak spots in the code that hackers have found a way to exploit) and tricking people into downloading malware themselves. Hackers also hide malware in fake computer programs and mobile apps and then post them online, hoping to lure people into downloading them.

Another malware delivery method is phishing, which occurs when someone sends fraudulent emails in an attempt to access your personal information by clicking a link or downloading a file.

According to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), phishing is one common way ransomware is delivered. Another is through drive-by downloads.4 A drive-by download is malware that automatically downloads without your consent — and often without your knowledge. In this case, it's not a file that is infected, but the website itself. The website may have been built by a hacker for this purpose or it could be a legitimate website that a cybercriminal has hacked into and compromised. Either way, simply visiting the site is enough to trigger a download of malware such as ransomware.

Why are people who work from home more at risk?

Remote workers tend to have fewer cybersecurity protections and protocols compared to those working in an office under the careful eye of their IT department. For example, many home WiFi networks rely on routers set up by residents with little or no cybersecurity knowledge and may expose users to malware attacks.

Plus, when working from home, people are more likely to blend their personal and professional work on the same device. This can make them less careful about the links they click on or files they download compared to what they might do on a work device in the office.

What can people do to protect themselves?

Awareness and a few easy precautions can go a long way toward making your devices more secure when working from home. Here are a few tips for protecting yourself against malware, including ransomware:

• Back up your data regularly and store your backups separately from your computer, such as in an external hard drive. Keep your external hard drive disconnected from your computer when you're not actively backing it up.
• Update your operating software and browsers regularly. Software updates help to protect you from the newest types of ransomware attacks.
• Install reputable antivirus software and keep it updated. These can intercept suspicious downloads and also flag web pages that may be compromised.
• Avoid clicking links directly from emails, even when they look official. Small changes in a URL can take you to a malicious site. Type trusted website addresses into your browser instead.
• Open email attachments website downloads with extreme caution, particularly if they are compressed or ZIP files. Only download files from trusted senders or reputable websites. And if you get an unexpected file from a trusted sender and it lacks appropriate context, double-check with them to be sure the file is really from them. Sometimes a hacker can gain access to their email, and then entice you to open a malicious file because you generally trust the email address from which it came.
• Treat flash drives, external hard drives, and anything else you plug into your computer's USB port with the same suspicion as email attachments. Malware can live on these devices as well.
• Only download mobile apps or computer programs from reputable sources. When choosing among apps, opt for those that have been around for some time and have plenty of positive user reviews.
• Be extra suspicious of emails and websites during major events like natural disasters, epidemics and health scares, economic concerns, political elections, and holidays. According to CISA, increased phishing attempts often increase5 on those occasions.

What if I become a victim of a ransomware attack?