Slashdot Mirror
93% Of Phishing Emails Are Now Ransomware (csoonline.com)
According to the latest data from security firm PhishMe, 93% of all phishing emails as of the end of March contained encryption ransomware. The numbers underscore a growing trend in the security space as ransomware instances in phishing emails grew up by 56% since December last year. From a report: The anti-phishing vendor also counted the number of different variants of phishing emails that it saw. Ransomware accounted for 51 percent of all variants in March, up from just 29 percent in February and 15 percent in January. The skyrocketing growth is due to that fact that ransomware is getting easier and easier to send and that it offers a quick and easy return on investment. Other types of cyberattacks typically take more work to monetize. Stolen credit card numbers have to be sold and used before the cards are canceled, for example. Identity theft takes even more of a time commitment.
we cant put as much effort into catching these fraudsters as we put into catching underwear bombers.
Business is business.
Now, where do I sign up?
Just click on the following embedded link:
...
Isn't there a technical solution to require significant user intervention before a program (especially downloaded from email) is able to access files and modify them? Can't we put programs in more restrictive sandboxes by default? Also we need software widely installed that encrypts files for cloud backup and is easy for users to run. Backups stop ransomware in its tracks.
I'm scared of my mother calling me one day telling me "I've lost every picture from all my life and a guy is asking me $10K to recover them".
By that point it will be late to tell her "shouldn't have been storing them in a disk permanently attached to your windows laptop".
But I don't know how to stop her. I won't convince her to use linux. I won't manage to teach her not to execute random crap once per year.
Should I trust hard drives to store data for decades?
to help mitigate the threat of ransomeware.
At work I use a MacBook Pro (issue). Personally, I use Dropbox and Google Drive to store all of my personal files. I leave nothing personal on my work machine, which also happens to be the only laptop I have. I don't have a personal laptop. I have two personal Android phones. One is a Nexus on Project Fi, the other a Samsung Galaxy S7.
I don't like my Dropbox or my Google Drive accounts to my MacBook or either phone. The Google account with my stuff is a separate account. All of my accounts use 2FA using the Google Authenticator app (in case of no signal). I do not have the Dropbox of Google Drive clients on any device. I log into these accounts in a browser just for them.
I've seen people's Dropbox and Google Drive accounts have the contents encrypted by malware so I keep my own accounts "cloud only". I also keep hard copies of the account reset passwords in my wallet with no reference to the account names on them. Both Google and Dropbox issue 10 reset passwords that can be regenerated if lost or used.
I recommend this way of doing things even though it might be inconvenient.
I'm guessing that of that 93% you only have to worry if you're on Windows.
Have good, versioned backups. I like CrashPlan, as one can use it to backup to various destinations, including local systems/disks, remote systems associated with one's account, remote systems belonging to others (so long as they give permission), and for paid users, to the CrashPlan-run storage service.
All backups are encrypted so that the destinations cannot access one's data, it keeps regular versions so one can easily recover from a ransomware (or other) infection that corrupts or destroys files slowly over time, and compresses/deduplicates data to save space. I've used it for years and it's saved my bacon a few times. Their family plans are quite affordable.
(Disclosure: I am a paid CrashPlan user but otherwise have no connection, financial or otherwise, with the service.)
And I have yet to receive my first ransomware phish. Or any phish.
Apparently I'm doing something right, yet I feel strangely left out.
You can buy a 4tb external for 100$ teach her to backup once a week and "DISCONNECT" the disk once she's done. That's what I did.
Keep an offsite backup for her. Actualize it monthly. Those kind of people need support, they are unable to help themselves.
Our suggestion is that they make backups of their valuable data... and since that may not be something they are confident/knowledgable enough to do on their own, if you want to make sure it gets done, you may need to set it up (and occasionally check up on it) yourself.
On Mac, setting up a Time Machine backup drive is pretty trivial to do. For Windows, similar solutions exist. For a laptop, there are solutions that back up data via WiFi, if plugging in an external drive is too much bother. In either case, if you want to be completely safe, you may want to swap out the backup drive with a spare every month or so, to avoid the possibility that the ransomware finds a way to encrypt both the computer's primary drive and its connected backup drive.
Do all that, and the likelihood is that a ransomware attack will require only a reformat and reinstall, followed by a recovery from the latest backup, and only a few hours' worth of data will be lost.
I don't care if it's 90,000 hectares. That lake was not my doing.
VERSIONED BACKUPS! VERSIONED BACKUPS! VERSIONED BACKUPS! Automated, off-site, and with rollback. Hell, carbonite can do this for her.
Silence is a state of mime.
For some people education works. My father called me when "Windows" (not Microsoft) called him telling him he had errors on his system and they wanted to remote in to fix them. I informed him of the scam and he avoided being hooked. (Now he harasses the scammers calling him.)
For others, education doesn't work. My wife's grandmother still clicks on suspicious links in Facebook because "Well, it was on my friend's wall and said I'd get this free stuff so it must be good, right?" This despite a dozen "No it isn't and stop clicking those links" cries from us.
My sci-fi novel, Ghost Thief, is now available from Amazon.com.
I'm scared of my mother calling me one day telling me "I've lost every picture from all my life and a guy is asking me $10K to recover them".
By that point it will be late to tell her "shouldn't have been storing them in a disk permanently attached to your windows laptop".
But I don't know how to stop her. I won't convince her to use linux. I won't manage to teach her not to execute random crap once per year.
Should I trust hard drives to store data for decades?
Just go ahead and delete it all now, that way no harm can come to the files.
Wanna buy a shirt?
https://www.redbubble.com/people/stealthfinger/shop?asc=u
Google GAVE me 65 gigs free for clicking on something once.
Why do you have local data on high risk users workstations?
Stop using Windows? Uh.. well phishing scams don't magically only work on Windows and honestly the Ransomware part is the LEAST important part. If someone has your personal info from phishing, that's WAY more important that your local data in 99% of cases.
50% or more of home users don't even have local data they care about anymore. What they care about is on the web or they just stop caring because they have so many devices and so much redendancy and 1000 times more info than they ever had before. People don't care as much if they lose pictures because pictures are so much more plentiful now, same goes for most data.
We create so much more data now, people care about it less, not more. The data that matters is in the cloud, inside the websites of our banks, utilities, email providers and so on. Phishing doesn't work that well because of two factor. Ransomware seems powerful, but most people don't even have local data to lose and that trend will only continue.
Store you data on a professionally run datacenter for free or next to nothing and these problems all go away. If I was hit by Ransomware, I'd just laugh, format and be glad a had a nice fresh install anyway. There is no better security than not having much to lose and what you do have, keep it diversified in the cloud and behind two factor.. ideally non SMS two factor. If you do that you are basically too much work for most hackers and they will go find lower hanging fruit.
Google could also improve their spam filter.. a lot. That would be the easy central point to stop mots of that. Google should also better regulate and protect it's users from the endless security hole that is Google Images.
For Google Images to be safe, it has to be trusted image hosts only. Millions of people get infected from google images every year and I never hear anyone talk about it. It's a giant cluster of unchecked links all one click away.
Also.. friends don't let friends use flash.
I've been making it part of MY backup process. Use 2 drives, visit my parents occasionally - drop off 1 of my drives at their house, pick up their newest backup drive, connect their old one, etc.
It's not the most precise offsite backup solution (sometimes it's a month or more) - but i think it's mostly ok.
Tell her now, with current news articles in hand, that this is the risk you run by using Windows. If she won't listen and move to Linux, then too bad: she was warned.
I had the same problem with my father.
What I did was to arrange for all his files to be rsynced daily to one of my servers, which in its turn was backed up nightly.
We had a couple of instances of him accidentally deleting stuff and I was able to restore it for him easily. Happily he never got hit with any malicious software - not after I weaned him of Windows anyway.
And the backup needs to be done in a way that guarantees profilaxis from the ransomware.
I think from now on, when visiting parents and sisters I'll bring a usb bootable linux and a hard drive that I'll take back with me.
I predict much debate over what's "Important to keep".
The trouble with that is, after remembering a couple of times the job will then be forgotten.
Whatever it is, it has to be automated.
Its simple, you automate your reminder to them to do it every three months. If you wanted to, you could probably write a script that automatically reminds them to backup.
Yup, 100% on this.
A friend of mine runs a small business from home, she knew enough to keep offsite backups of critical data but not enough to know about versioning.
Then I got a call one day, she couldn't file her tax return, non of her spreadsheets etc wouldn't open, she'd been hit by ransomware.
The backups were useless, since her "backup" software had already copied the ransomwared versions to the server.
Fortunately it hadn't got everything, and only the last months worth of accounts needed to be reentered from the paper versions.
APK Hosts File Engine 9.0++ SR-4 32/64-bit http://www.bing.com/search?q=%...
Less power/cpu/ram + IO use vs. DNS/routers/addons/antivirus (slows you) + less security issues/complexity. Compliments firewalls (w/ layered drivers blocking less used IP addys vs. hosts blocking more used domains) & DNS (lightens dns load). Gets data via 10 security sites.
Ads rob bandwidth/speed, security (malvertising), privacy (tracking) + anonymity.
Hosts add speed (hardcodes/adblocks), security (bad sites/poisoned dns), reliability (dns down), & anonymity (dns requestlogs/trackers) natively. Hosts != ClarityRay blockable (vs. souled-out to admen inferior wasteful redundant slow usermode addons)
Works vs. caps & HTTP PUSH ads w/ firewalls.
Avg. webpage = big as Doom http://www.theregister.co.uk/2... & ads = 40% of the size.
APK
P.S. - Safe https://www.virustotal.com/en/... (Verified by Malwarebytes' S. Burn "I've seen the code & it's safe" http://forum.hosts-file.net/vi... )
Yesterday my hotmail account was slammed with about 120 spam emails, all with different subjects and all with an attachment. Gmail does not have the same problem, only a few per day.
You should be able to set the OS to backuo automaticly at intervals (say weekly)
the trouble would be that the important part was the "disconnect and swap" which has to include a human in the loop to pull the plug. Without that step it juts takes a smarter bit of ransomware to find and encrypt your connected backup drive as well.
Then write a damned script which automatically backs up the files once the specified external drive is inserted and train him/her to connect the drive once per week then disconnect it after the job is done.
The title is actually wrong. If you look in the research PDF, you'll see that ransomware is actually 50%. 93% of all ransomware is made up by 3 ransomware families.
Are you honestly complaining that they noticed that nobody falls for 419 scams and penis enlargement anymore and instead of wanting a government bailout to prop up their failed business they went to a more profitable venue?
What is wrong with you, are you commies or what?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The answer is the same answer you should have been giving all along:
HAVE. A. BACKUP.
Imagine an external drive connected to the laptop/PC via USB (Thunderbolt, etc). Minimum double bay set at RAID-1. Owner can read and write to the drive. Attempts to delete or modify files or folders on the drive will fail though. A physical, hardware lock needs to be "turned" to enable that capability.
This would prevent ransomware (of that drive's data anyways). It would also help prevent accidental deletes of files.
Does such a unicorn exist? I'm not looking for some half-baked alternative.
I'm scared of my mother calling me one day telling me "I've lost every picture from all my life and a guy is asking me $10K to recover them".
Yup, this is a real, justified fear.
It's wise to not attempt to switch her to Linux -- she'd probably fight that (it's too different for most people without any real benefits for what they do), and it's not really a solution to the problem anyways.
Probably the best answer to this is to buy her a big USB hard drive and set up some sort of backup that she can run just by clicking on something, and drill into her head how important it is to 1) do the backup occasionally. and 2) leave the drive off when you're not doing backups.
Ransomware isn't the only concern. Hard drive failure and software crashes that erase the disk are others.
Alas, often it's only an actual loss of files that convinces people to take backups seriously -- and it's unethical at best to *fake* a loss of files (and then recover them all because you got "really lucky") so that's not really an option unless you're dishonest.
If you see her often and she doesn't mind, you could do the backups yourself and keep the drive yourself -- that way, when she calls you, you just say "That sucks! Fortunately, I backed up all your stuff last week ..."
Carbonite.
Yeah, I could manually back up everything onto a separate hard drive every month or something, but Carbonite (and similar backup solutions which I'm sure exist) you just install it, and everything's backed up continuously. With versioning, even, so you can get last week's version back if you get cryptowalled.
It's not the most elegant and techy solution, but it's a 'fire and forget' solution that just works.
Apparently many of these malwares also encrypt data on attached volumes like Windows shares and the like. It seems to me that the best approach is a 'pull' solution, where Mom keeps her photos in a place that's shared on her network, and then another machine does periodic backups of that share. Mom's computer doesn't have write access to the pulling machine, in fact doesn't even know or care that it's there. So the backups are safe.
That means having a linux machine in the house to do the pulling. Build a super tiny linux box with a big hard drive, stick it in a closet, and let it pull nightly backups from Mom's computer. If she gets ransomwared, just reformat her hard drive, reinstall the OS, and grab her personal files from the backup. She never has to interact with linux, and her files are pretty safe.
https://www.youtube.com/watch?...
I predict much debate over what's "Important to keep".
I find that debate can be avoided by spending the extra $20 to get the Absurdly Huge External Drive (rather than just the Impressively Huge model). Then you can just back up everything and call it a day.
I don't care if it's 90,000 hectares. That lake was not my doing.