In an effort further enhance our company’s cyber defenses, we want to highlight a common cyber-attack that everyone should be aware of – ransomware.
Ransomware is increasingly being used by hackers to extort money from companies. Ransomware is a type of malicious software that takes over your computer and prevents you from accessing files until you pay a ransom.
Although we maintain controls to help protect our networks and computers from this type of attack, with the quickly changing attack scenarios we rely on you to be our first line of defense.
Here are some simple things you can do to help avoid a ransomware/malware attack:
Think Before You Click
The most common way ransomware enters corporate networks is through email. Often, scammers will include malicious links or attachments in emails that look harmless. To avoid this trap, please observe the following email best practices:
• Do not click on links or attachments from senders that you do not recognize. Be especially wary of .zip or other compressed or executable file types such as ‘.exe’.
• Do not provide sensitive personal information (like usernames and passwords) over email.
• Watch for email senders that use suspicious or misleading domain names. Examples include misspellings of your company’s domain, or of well-known domains: Office365@Microosoft.com (see the 2 “o”s in Microsoft), for example, would be a domain used by a scam.
• If you can’t tell if an email is legitimate or not, please email email@example.com .
• Be especially cautious when opening attachments or clicking links if you receive an email containing a warning banner indicating that it originated from an external source.
If Something Seems Wrong, Notify IT
If your computer is infected with ransomware, you will typically be locked out of all programs and a “ransom screen” will appear. In the unfortunate event that you click a link or attachment that you suspect is malware or ransomware, please notify Dorset immediately.
To contact Dorset, please call (484)-845-1600 or email firstname.lastname@example.org.