Warning: New Type of Ransomware Attack
Here’s another new trick hackers are using that you need to be aware of.
Cyber criminals are smart.
They’re always coming up with new ways to gain access to your devices and networks to ultimately steal your valuable data.
Fortunately, the ransomware detection continues to get stronger and stronger to help keep you protected.
Some email systems are now really good at identifying malicious messages, threats, and ransomware attacks.
But if your website has a contact form – and most do – you face a new threat.
Web Form Attacks
That’s because cyber criminals are using web forms to spread ransomware malware.
They pose as a potential new customer and ask you to provide them with a quote for your goods or services.
Once you reply to their email, they’ll send you over a special kind of file – known as an ISO file – which they say is relevant to your conversation.
Normally, this file won’t be attached to the email.
They’ll send it through a file-sharing service, such as WeTransfer.
This is so they can to avoid your email’s built-in protection.
Now let’s think about the psychology of what’s happening here.
Whoever in your business that responds to emails thinks they’re talking to an actual prospective new customer, and is more likely to open the files without thinking.
The fact the email started from their website’s contact form lowers their natural skepticism.
They just want the sale!
When you open the file, it will give the cyber criminals remote access to your device.
And that can allow them to access your entire network.
From there, they can then launch a malware or ransomware attack and usually bypass your ransomware protection.
Now this is something you want to avoid at all costs.
There are many different types of ransomware but almost all work the same way.
It’s where your data is encrypted so you can no longer access or open any of your files.
And now you are left with 2 options for ransomware recovery.
Option 1 is to pay a large ransom fee to get it back…with no guarantees the payment will work.
Option 2 is to restore all the encrypted or locked data, with working copies from your backup.
“You do have a backup of all your files right?”
Experts believe this type of contact form attack was first tested on large businesses in December 2021 and we believe it’s now becoming more popular.
It’s vital that you and your team check requests sent via your website are genuine and real.
And never, ever open any files emailed over to you unless you trust the the sender 100%.
We can help keep your business protected against ransomware and train you and your team on good cyber hygiene.
Ready to take the next step?
Book a 15-minute discovery session and discover if your business is protected against ransomware attacks by clicking here.