New strains of malware called "Trickbot", often a precursor to ransomware, have been recently released and are targeting businesses across the globe. Coalition has been handling an increased number of these cases, and we project that number to increase over the holiday season. This type of malware is most often installed when a user downloads files from untrusted sources. The downloads can come from email or the web, and often are disguised as macro-enabled Microsoft Word documents (e.g. docm and xlsm extensions). Another tactic is to use malicious email links embedded in emails. Once on the system, malicious actors have the ability to steal banking information from your browser, usernames and passwords, as well as emails and address lists from Outlook.
What you should do
- Do Not Click Links or Open Any Attachments You Are Not Expecting. If you are not expecting a specific attachment, do not open it for review. Additionally, do not click links within emails if you are not expecting them. Follow up with a phone call to the sender directly, better to be safe than sorry!
- Use Proper Email Security. Always verify that the emails you receive are from legitimate and trusted sources. Inspect the from addresses closely, and be wary of downloading any files that you’re not already expecting.
- Use Proper Web Security. Only download files from known and trusted websites. Verify that the URL is not intentionally misspelled to confuse you into downloading malware from a malicious website.
- Disable Office Macros. Macros in Microsoft Office are small pieces of code that run in the background - that code often downloads malware. It’s rare to see macro-enabled Office documents used in normal business (docm and xlsx files). We recommend disabling macros on all computers to prevent ransomware infection.
- Perform Backups. Often the best recovery option for ransomware is restoration from backup. Ensure your organization is performing daily backups on all systems in the event that restoration is required.
- Educate Your Employees. Ensure your employees are aware of this alert to help remind them to stay vigilant. Remember, a single employee’s actions can infect an entire network!
Interested in Cyber Insurance? For a free quote Click Here.
Contact Me Today
Lee Norcross, MBA, CPCU
Managing Director, CEO
(616) 940-1101 Ext. 7080