Malware Offering Up New Tricks no Treats

Over the course of the last few weeks, we have read and seen a flurry of malware attacks that are quite scary. Two in particular are very nasty and present new ways to infect and reduce your company’s productivity to a stand still.

The first is a fake Microsoft Security Essentials malware product. We have personally see this on a couple of systems now and it is making it rounds. It presents itself as the actual product on web page pop up and "warns" you of "malware". You allow it to run and it then infects your system. In terms of defense, the first step is knowledge. Microsoft will NEVER send you a pop up through a web page to warn you that you are infected; it would do so through its actual product on your desktop. Also, Microsoft Security Essentials is a decent anti-virus program, BUT it is only meant for home use only and even specifies in the terms and conditions when you download it that it will not be used for business. If you are a company, you need to use an anti-virus alternative. This will also allow you and your employees to discern between your company’s anti-virus product and this fake one.

The second one is under the category of ransomware. Essentially by being tricked from a link in an email, it installs their software on a machine. From there, it encrypts the entire hard drive. At this point the user is told they have 10 days to pay (right now the average is $300) to give the employee access back to their data. If they don’t pay, the hard drive’s data is deleted. Unfortunately, once it is installed, there is nothing that can be done to recover encrypted data. However, there are two ways to prevent and work around this issue. The first is to install a professional version of Anti-Spyware. Many free programs are out there that can detect this and other malware once it has already been installed. This doesn’t fix the problem. A professional version of the program actually stays resident in memory and can see if something that is ABOUT to be installed is malware, thus preventing the problem before it becomes an issue. The other tactic is to have your employees store company data on a central server or other location away from their computer. This way, in the event of severe malware (or other issue) striking a particular system, you can wipe the system without wiping away the employee’s (or company’s) work.

If you have concerns about these malware infections or the state of your security at your company in general, please contact us at sales.

More on malware mentioned above:

http://news.softpedia.com/news/Bogus-Microsoft-Security-Essentials-Alert-Used-to-Distribute-Fake-AV-350072.shtml

http://blog.malwarebytes.org/intelligence/2013/10/cryptolocker-ransomware-what-you-need-to-know/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s