You all have probably heard of the latest threat–ransomware that hit a number of countries, but hit Russia the hardest. Are you vulnerable?
You really should have the latest version of your operating system installed. Remember that Windows 7 is an end-of-life product and is no longer supported. It is vulnerable. Windows 10 is the current operating system–but it needs to have all the latest updates installed. As of this writing, the most generally available update is V. 1909. How can you tell what version you have? In the search bar at the bottom of your screen type “winver” and then press the “enter” key.
In addition–you need to have a current version of anti-malware/internet security software installed. Scan your system regularly. And, most importantly, you need to have your data backed up. Ransomware only attacks your data. If you have a copy of all your date, you can replace the encrypted files. BUT–that backup needs to be offline. If you have a system that is constantly backing up your data, it will back up the encrypted data and you’ll be out of luck. If you have a backup that is offline, your data can’t be overwritten.
We recommend having your data stored on an external drive and plug it in only when you are doing a backup. If you are using cloud backups, talk to the company’s tech support to be sure they have a second copy of your data archived so it can be retrieved if your data is compromised.
Recently, there has been a noticeable increase pfishing attacks–notably using the Google Docs scam. You get an email from someone offering to share a document on Google Docs. If you don’t have a Google account, don’t use Gmail or don’t have anything stored in Google Docs, you don’t have to worry. However, if you do use Gmail be advised that clicking on the link you are sent will allow hackers to download your entire Google history and Google contacts, etc. Just delete the mail. DO NOT click on the link!
Here’s a link to an article that talks about remediation: steps: https://motherboard.vice.com/en_us/article/massive-gmail-google-doc-phishing-email