Ransomware, USB key found, WiFi network trapped, clickable link, infected attachments... Cyber crooks have no shortage of imagination when it comes to infecting your devices and stealing your information or blocking your access to it.
- Ransomware: increasingly widespread malicious computer programs (Jaff, Locky, Cryptolocker, TeslaCrypt, Wannacrypt), often contained in e-mail attachments. They allow the fraudster to encrypt the data stored on your device. You will be asked to pay a ransom in exchange for a key to decrypt it. Its variant, "extortionware", blocks an online services account and threatens to expose your personal data if you don't pay the ransom.
- False support services (tech-scams): your device informs you of an alleged virus infection. Your screen is completely blocked and you can't even leave the page. The information message prompts you to call the technicians for the software or operating system you are using. You dial the given support number and the fake technicians will ask you to install remote maintenance software. They now have access to all the data stored in your device, and can even take advantage of this to install additional malware. In addition, the fraudsters will charge you for "maintenance contracts", and can steal the banking information you have entered for this purpose.
- False WiFi network: your phone will detect a free public network to connect to in a public space. When the name of the network is obviously worrying, it's easy to be suspicious. However, it is possible that these network names borrow the names of restaurant chains or bars to fool you more easily. Be vigilant, because once connected to these networks, it will be possible for scammers to steal your data or encrypt it for ransom.
- Trapped USB key: you find a USB key and decide to view its contents. Soon your computer starts installing malware on its own, and all your data is encrypted. Now you have to pay a fee to access your data.
- Trapped links: you receive an e-mail from an unknown sender. This email asks you to follow a link that will download a virus or ransomware onto your device.
- Malicious software: these are programs developed for the only purpose of harming the computer system.
How to avoid the fraud
- Save regularly your data to external supports to your devices (external hard drive).
- Protect your computer with antivirus software.
- Choose your passwords carefully: do not use too simple words and names, vary the characters... Change them regularly, do not save them in your browsers.
- Favor WiFi networks and secure connections.
- Never install a so-called mandatory update from a public WiFi. Avoid connecting to banking websites or making payments via a public WiFi.
- Do not connect an unknown USB flash drive to your device, do not open messages of questionable origin or form, do not click on any links, do not download any software, do not open attachements received via spam and others etc.
- Install only software from reliable sources. If you are offered software that is normally free of charge, be extra careful and prefer the official sites of these software if you wish to download them.
- Hover your mouse over the link to see in a dialog bow or at the bottom of the web page to which address you will be redirected. If the address is completely unrelated to what you are supposed to stumble upon, do not click!
- Identify files with suspicious extensions. If the file does not match what you are used to opening, do not click! example schooltrip.exe.
What to do once trapped?
- First try to force the closure of the page that blocks your entire system, via the task manager. Turn off the computer if it is completely blocked.
- If you are unable to do this, do not call the number displayed. If a number calls you and announces itself as a technician, do not believe it.
- Contact your system's actual helpdesk, the number of which can be found in the documentation provided with your purchase.
- Beware of natural persons around you: cybercriminals do not necessarily operate remotely! Disconnect from all devices after using them. Do not give your computer information or enter your login details in front of everyone.
Funded by the European Union. Views and opinions expressed are however those of the author(s) only and do not necessarily reflect those of the European Union or the European Innovation Council and Small and Medium-sized Enterprises Executive Agency (EISMEA). Neither the European Union nor the granting authority can be held responsible for them.