Wednesday, April 19, 2017

Don't be Held Ransom!

Online security is a serious topic in our digital society and we all need to be extremely diligent in order to protect our information and resources. As we all recently learned, just one accidental click on an attachment in an email can cause a lot of damage and loss of information. The virus that attacked our network was a "ransom virus" and was very intentional. We were asked to pay a ransom to recover the encrypted files, however our district was advised to not pay this ransom. Typically when organizations do pay the ransom there is no guarantee that all files will be recovered. After several hours of work, we were able to remove the virus and recover the majority of files on our network.

I recently attended an Internet Security session led by an FBI agent. It was a little overwhelming and unsettling, but he did provide some tips and information to help users protect themselves and their information.  While hardware and software can help protect you against many attacks, one of the most important tools to protect yourself is knowledge and diligence.

Things to look for in a Fraudulent or Phishing Email:
  • Incorrect date on the Email
  • No address in the "To" line
  • Misspelled words or grammar
  • It will ask you to click on a link to visit their website. 
    • Do not click on hyperlinks or links attached in the email, as it might direct you to a fraudulent website.
    • Type in the URL directly into your browser or use bookmarks / favorites if you want to go faster.
    • Only enter sensitive data on a secure website. (In order for a site to be ‘safe’, it must begin with ‘https://’ and your browser should show an icon of a closed lock.)
  • The sender is unknown, however many times these emails will falsely come from someone in your contact list.
  • If you suspect anything suspicious do not click on anything and delete the email!

NEVER provide the following information to anyone on the phone or in an email:
  • Your social security number
  • Your user name
  • Your password or pin number
  • Any personal or banking information
  • Credit card information

What Next?

If you suspect that you may have clicked on something questionable or downloaded an attachment in a Randsomware email, please do the following:  Power down...Unplug...Call!  This will isolate the attack to your computer and not affect the network. Check out this short video, Protecting yourself from Ransomware that Reginald Smith from the Wausau School District created to emphasize this.

Password Reminders
  • Use a mix of numbers, letters and symbols
  • Don't use common names or personal information
  • Do not save your passwords in your browser.
  • The longer the password, the harder it is to crack
  • Do not use the same password for every website
    • Take a sentence and turn it into a password.
      • Example: WOO!TPwontSB = Woohoo! The Packers won the Super Bowl!
    • Use a common "hard to crack" password and add something unique for each site. 
      • Example: c0ff33!APPLE and c0ff33!FACEBOOK
Did you know that one of the most common passwords that people use is "password123"? Take a look at this Jimmy Kimmel video to see how easy it can be for someone to get your password.