While ransomware attacks are not new, in recent months they have re-surfaced as an increasingly dangerous threat to businesses, home users and government agencies.  Fortinet’s March Threatscape report is classifying the DigiPog ransomware Trojan as a top 10 malware threat for the month of March and is warning of an increasing attack volume.

Traditionally ransomware attacks work by holding a user’s computer hostage until some set of terms is met (pay fee, supply info, supply data).

The newest DigiPog ransomware strain is an SMS-based attack that requires victims to send an SMS message to a premium number in order to obtain a code to unlock their computer system. 

A growing concern is that these types of attacks will be used to obtain sensitive data, rather than money – a significant cybersecurity threat to government agencies and businesses alike.

As is the case with most malware threats, prevention is far easier than removal.  Whether you are a single user or a network administrator securing hundreds of computers, the logic is the same: protect all entry-points.

From a network perspective, this means ensuring you have a firewall with anti-virus and anti-spyware technology in place.

From a user perspective, this means warning your users against opening any email messages, and particularly email attachments, from unknown or dangerous looking sources.

From an email perspective, ensure you have an email protection solution in place that is able to adequately address these types of malware. 

A good overview on how to protect yourself against ransomware can be found here.

...out with the old...	...in with the new...

Scareware instances have increased by 660% over the past 2 years and 400% in the last 12 months. And it’s no coincidence – there is some serious cash to be made here.

According to Francois Paget, a security research expert with McAfee Labs, “one company known as ‘Innovative Marketing’ made an estimated $180 million through these scams in one year, and more than four million consumers purchased their fake security software thinking it was real.”

Scareware has been around since as early as 1991, but has only grown “legs” in the last few years – now that users know they NEED to protect their computer, criminals are taking advantage of it. And it’s paying off (ergo it will continue).

Don’t let it happen to you or your users, check out this quick guide on how to protect yourself from these types of attacks and stay safe out there!