Be Ransomware Aware: Don’t End Up Paying The Price

C_Fun
Community Manager
Community Manager

glenn-carstens-peters-npxXWgQ33ZQ-unsplash.jpg

Have you ever heard of ransomware? This costly type of cybercrime is a real and growing threat. Ransomware incidents can be costly – both financially and to the trust of customers. Learn more about how you can spot and report ransomware below.

 

What is it?

 

Ransomware attacks are typically carried out via phishing emails. When a user clicks on what looks like a legitimate link or opens a seemingly normal attachment, the ransomware is installed and begins stealing and encrypting files. The cybercriminals demand a ransom for the return of the files or may threaten to leak sensitive information unless paid. The money they make from these ransoms then usually goes on to finance other criminal activities.

 

Cybercriminals are also getting crafty by studying their target victims and then sending more customized phishing emails that may have sender addresses or previous conversation topics in the subject line. Other types of ransomware, for example, make use of compromised business contacts to target potential victims. These types of phishing emails take advantage of our human tendency to trust what is familiar.

 

How to spot and avoid phishing

 

Before you click on a link or attachment, even if it’s from someone you know, take a few minutes to consider the following:

 

  • Who is sending the email? If you don’t know who is sending the email or why it has been sent to you, proceed with caution. No legitimate organization will send emails from an address that ends ‘@gmail.com’. Not even Google.
  • What is in the email? Phishers may try to hook you by referring to previous emails or matters you’ve already worked on, or use deadlines or threats to prey on your emotions. Don’t click on links or images in the email.
  • What is this attachment? If an attachment seems suspicious, don’t open it. A suspicious attachment may end in an uncommon extension (like “.exe,” “.msi,” “.js,” “.zip,” “.jar,” “.rar,” “.7z,” “.docm,” “.pptm” or “.xlsm”), require a password for access, or require you to enable macros.

How to report it

 

While technology is in place to help prevent malicious emails from reaching you, no technological solution is perfect. If you have received a suspected TELUS phishing email, forward the email message to the Consumer Digital Protection team at CDP@telus.com. You can also report anything suspicious by calling the Canadian Anti-Fraud Call Centre at 1-888-495-8501 to report the fraudulent email.