Hello. This is CoBank’s Fraud Wise helping you avoid becoming a victim of fraud.
Today we are taking a deeper dive into cybersecurity –specifically how to avoid becoming a victim of different types of malware.
Malware, or malicious software, is installed on a victim’s computer without their knowledge and with the intent of causing harm. These attacks take several forms, and could include ransomware, key loggers and crimeware. As its name implies, in a ransomware attack, the malware encrypts the victim’s computer and holds the contents hostage until a ransom is paid.
Unfortunately, ransomware has been on the rise over the past few years, and Ag companies across the US are being specifically targeted. So, what can you do to protect yourself against a malware attack? Email vigilance. Malware is most often installed through links or attachments contained in unsolicited emails – these emails often look like they came from someone familiar or official, so it’s important to assess the email and look for red flags before opening attachments or links. Email filters and email quarantines at the organizational level can also help flag suspicious activity, however malware can still get through.
If you suspect you’ve received a malicious email, don’t click on a link or attachment.
Malware downloads can also happen while visiting a malicious or vulnerable website or social media site. Discourage your employees from using their business computers for personal social media or web surfing activities to avoid these vulnerabilities.
Another common type of malware is known as a key logger. This type of malware captures the victim’s password as its being entered into websites. With the password, or even passwords, in hand, the criminal is free to log in whenever they want.
To avoid falling victim to phishing, we recommend offering short training sessions for employees, and even launching phishing campaigns to see how many are falling for a phish. Knowledge is power – and being proactive versus reactive is always the better approach.
Unfortunately, ransomware can cost you, whether you actually pay the ransom (which is NOT recommended by Law Enforcement authorities) or through incremental revenue loss from stalled production. If you have been the victim of a confirmed ransomware attack, we encourage you to contact your local law enforcement and the FBI as soon as possible. Do this BEFORE you take any action with the fraudsters. They can sometimes deploy decryptors that are not publically available. Resources such as cisa.gov and StopRansomware.gov may be of help.
And finally, it’s always a good idea to invest in cyber and or fraud insurance so you are financially protected in the event that a cyber-event ever does occur.
This has been CoBank Fraud Wise, helping you protect against fraud.