Q: I recently opened what looked like a resume in Outlook which made everything go crazy. Now I鈥檓 locked out of my files with a message that says I need to pay to get them back.聽 What do I do?
A: You’ve been hit by one of the many sophisticated 鈥渞ansomware鈥 attacks by hackers that have recently surged in popularity.聽This has become a very lucrative extortion scam for organized cybercrime groups, generally thought to be located in Eastern Europe and Russia.
There are two reasons that we鈥檙e seeing another surge in ransomware: better social engineering and crowdsourcing.
In your case, you were opening what you thought was a resume, which likely means that you were on a business computer.聽In the past, the cyberthieves were happy to snag anyone who聽fell for their traps, but now they are specifically focusing on businesses.聽They have learned that businesses are more likely to pay the hefty ransoms because they can鈥檛 operate without the files that are being held hostage.
They also know that they only need to get one person in a company to fall for the scam in order to hold the entire company hostage.
Think like a hacker for a minute: By finding companies that are actively posting employment ads, it鈥檚 more likely someone will open an attachment that鈥檚 posing as a resume for a posted ad.
They鈥檙e also replying to Craigslist ads with rigged malware documents posing as resumes.
Anyone either posting or applying for a job needs to understand this new threat and think about changing how they interact.聽Employers should look into one of the many online employment resources that allow applicants to create online resumes instead of using email attachments.
Those looking for jobs should think about other ways to get their work experience in front of employers, such as fully filled-out LinkedIn profiles or the online employment resources.
The crowdsourcing development in ransomware attacks is the most disturbing thing to me.聽In the past, cyberthieves had to pay hefty sums to get their hands on the ransomware attack programs, but not anymore.
Anyone who knows how to navigate the 鈥渄ark web鈥 can find a number of places to download a ransomware kit and spread it however they want.聽When someone pays up, a 鈥渃ommission鈥 is paid by the developer to whoever distributed the attack.
Recently, we’ve seen versions that instantly resend the infection to thousands of people in the address book of the infected computer to help spread the threat.
If you don鈥檛 have a good off-site backup of your critical data, your only options are to pay the ransom (which encourages these guys to continue) or start over without the infected data.
We’ve all heard it over and over again: DON鈥橳 OPEN EMAIL FILE ATTACHMENTS. But these guys are really good at creating scenarios that encourage people to let their guard down.
They know most businesses couldn’t survive a complete loss of their critical business data, which is why they’ve stepped up their game.
Whether you鈥檙e a home or business user, if you haven鈥檛 recently reviewed and verified your off-site backup system, consider this a wake-up call!
Editor鈥檚 note: Ken Colburn is founder and CEO of . Ask any tech question you have on his .
