One More Reason NOT To Pay Ransomware Demands

The latest hacking trend goes hand in hand with ransomware.  It’s called ranscam.  Find out what it is and how to avoid becoming the next victim…

Ranscam is fairly self-explanatory.  It worms its way into your computer, and sends you a ransom demand similar to ransomware.  One major difference, however, is that they don’t encrypt your files.  They just delete them.  Of course you are not told that.  The demand made to “get your files back” is unknown, but researchers found payments of just under $300 made to a wallet address.

Cisco Talos research team believes this trend is going to die out quickly due to the negative reputation it withholds.  They also reported these attacks are not as sophisticated as well known ransomware variants such as the Crypto series.  The sole purpose of these attacks is to simply make a quick buck.

This triggers a few questions.  How do you know if you have ransomware or ranscam?  You don’t.  How can you be certain you will get your files back after the payment demands are met?  You can’t.  The reality is, you’re paying a criminal, who I would guess is not the most honest and trustworthy person, or they probably wouldn’t be a criminal.  They don’t care about your files, family pictures, videos, etc.  They care about money.  Once they get that, the rest doesn’t matter.

Every time you send a hacker money in an attempt to get your files back, whether it’s a ransom demand from ransomware or ranscam, you are gambling.  Nothing ensures you will get your files back, and sending the criminal money only fuels the fire for them to continue their attacks.

If you find yourself the victim of a ransomware attack, we urge you to follow these five steps:

  1. Do not pay the ransom – If you do, you’re just giving the hackers a reason to keep hacking.  Use your back up files to restore your systems.  Again, don’t pay!!
  2. Inform the FBI – By informing the FBI they can investigate to potentially bring legal action against the hacker.  All cyber criminal activity should be reported to the federal IC3 agency.  You can file a complaint with them here.
  3. Notify your current security software company – You also MUST inform your security software company.  If they didn’t know they missed a malicious attack, they cannot stop it in the future.  Also, many anti-virus software companies share their blacklist, or the list of known bad files.  So by sharing it with your software company, they then share it with others; saving thousands of people from falling victim to the same attack that just got you.
  4. Educate yourselves and your employees – Many times we attend one training, or listen to one webinar and consider ourselves educated on the matter.  This cannot be further from the truth.  Continued education on current cyber security threats is imperative.  We recommend our friends at KnowBe4 for both personal and enterprise training on cyber security.  As always, all PC Matic home security subscribers are offered a free cyber security training through KnowBe4 as well.
  5. Reevaluate your security software protection – If your security software failed you, perhaps you should look for an alternative security option.  The United States Computer Emergency Readiness Team (US-CERT) strongly advises using a whitelist security technology.  For personal uses, PC Matic home protection offers superior protection with advanced whitelisting technology.  For enterprise use, there is Tech Sentry, which offers advanced security protection with proprietary whitelisting technology.

 

(Visited 33 times, 1 visits today)

Leave a Reply

Your email address will not be published. Required fields are marked *