Holiday Shopping Safety

Tis the Season…to learn about Holiday Shopping Safety!

Scammers love this time of year, because there are many opportunities for them to separate you from your money. To be a smarter and safer consumer, you need to educate yourself, so you can avoid falling victim. Here are holiday shopping safety tips to help keep your holidays merry.

Holiday Shopping Safety

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. These spam emails will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts to buy their gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites are set up all over the internet, that sell stuff that doesn’t even exist. They will offer fantastic bargains that are truly too good to be true. Also, beware of copy-cat websites that appear to be the real shopping site.  Some fake websites use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information gets sent straight to the criminal and will be used to make illegal purchases.

Fake online Ads will appear on social media sites and even on legitimate News websites. The ads exist to entice you to click on links that will ask you to provide personal information. If you see an Ad for something you like, instead of clicking on that Ad, go to the retailer’s website directly. If you don’t know the web address, use Google to search for it. The real legitimate website will be at the top of the Google results – about 99% of the time.

Public Wi-Fi is neither private nor secure. Never ever use public Wi-Fi to shop online. You can never be sure whether you’re using the authorized Wi-Fi of the retailer or actually the Wi-Fi of the thief, who is likely sitting a few tables away. When using public Wi-Fi, it is advisable to use a Virtual Private Network (VPN) for better online security.

Debit Cards should NEVER be used while shopping online. Your debit card is tied to the money in your checking account. You have better consumer fraud protections when using your credit card. Better yet, use a gift card or prepaid debit card for all of your online purchases.

STAY SAFE OUT THERE AND HAPPY HOLIDAYS TO YOU AND YOURS!

Here’s a good website to learn more about Shopping Safely Online

Here’s an article I wrote about Online Shopping

ANGLER PHISHING NEWEST PHISHING TACTIC

ANGLER PHISHING – Beware of the Newest Tactic!

Phishing is a term used to describe a common tactic used by identity thieves to gain access to your personal information. It happens when a criminal attempts to lure or entice their victim into clicking on a link or opening an attachment in a text message, a social media message or in an email. If the victim complies, they are directed to provide personal information or even worse, the victim’s computer will become infected with Malware or Ransomware! Angler Phishing usually happens on social media.

ANYONE CAN FALL FOR IT

If a criminal already has any personal information about you or your family (gleaned from a data breach or social media site) they can put together a well-designed Phishing email. They will provide you with a reason to have to click on the link. Here’s an example: “Your daughter Lisa fell and hit her head at school today. Please click here to contact us for additional information”.

Angler Phishing Mssages

    Never Click on Email or text links on social media messaging inbox

Similarly, Spear-Phishing is an even more laser-focused Phishing attempt. For example, criminals will target the emails of employees in a company’s Human Resources Department. These Spear-Phishing emails are used to get payroll information to glean the Social Security numbers of the company’s employees.

NOW THERE’S A NEW PHISHING TACTIC

It is referred to as Angler Phishing. It begins when you as the customer, becomes upset with the service you received at a company you just did business with.  So, you post an angry comment about your experience on your social media account. Soon thereafter, you get a text or email response – which appears to have come from the company you posted a complaint about. The ‘customer service’ rep at the company offers to help you resolve their problem. The trap is now set!

You don’t realize that the person who contacted you is really a fraudster who read your post and is now impersonating the company you complained about. The fraudster attempts to lure you into clicking on a link to directly connect you with a customer service rep at the company. If you comply, then merely clicking on that link can result in you downloading Malware or Ransomware. Alternatively, the provided link will connect you to a fake customer service rep, who asks for personal information in order to reimburse you or resolve your issue. The Fraudster will then use your personal information to commit identity theft.

You MUST always be wary!

Angler Phishing usually happens on social media. So, make it a habit to NOT respond to any communications you receive through social media, because it is difficult to verify the legitimacy of the contact. If you receive a message from a company you complained about, contact the company directly or go to the company’s website instead of clicking on the link that is provided to you.

 

ANOTHER THING YOU NEED TO KNOW

When it comes to Angler Phishing, there’s another aspect you may not have given much thought to. It’s another part of ANY customer service situation. Never rely on a Google search to locate a customer service telephone number for a company. Some companies do NOT even have a customer service number to call them. They instead force you to go to their website to resolve an issue. Realize that the customer service number that you just found on Google may not really be the company’s legitimate customer service number. The number you found may be a scammer who set up a phony customer service number for that company. Then, when you call the number, the Imposter will phish for your personal information.  Then, the theft of your information will unfortunately make you a victim of Identity Theft!

TIPS:

  • NEVER click on links or open attachments in emails, text messages or your social media messaging inbox unless you substantiated its legitimacy  
  • Be wary of any unsolicited posts on social media
  • Never give your personal information to a stranger
  • Always do your research first – “Don’t Trust until you Verify” directly from reliable sources before engaging with anyone on social media.  
  • Log in to a company’s website by typing their web address into your internet browser – instead of clicking on links that could be tainted.
  • Be sure to have virus and malware protection on all your devices
  • Always keep your software updated – set them to automatically update

 

REPEAT AFTER ME…

NEVER EVER click on links or open attachments in emails, text messages or your social media messaging inbox.  99.9% of the time, they are tainted links. It is referred to as click-bait messages. Click-Bait is designed to entice you – with an urgent important message – that prompts you to click on a link – to remedy the situation.  

Phishing attacks come in two parts. First there’s the tempting click-bait email. Next the link in the message takes you to a look-alike fake website the scam artist controls.

When it comes to Identity Theft, I can’t stress enough how important it is to refrain from clicking on any links or opening up any attachments in an email unless you are 100% certain that it’s legitimate or if you initiated the contact. Criminals will never stop Phishing – so please – DON’T TAKE THE BAIT!

Read another one of my articles about Phishing here.

IRS TAX SCAMS

Taxpayers CAN protect themselves from IRS Tax Scams – If they know what to do…

Knowledge is power, especially when it comes to avoiding IRS Tax scams. Here’s what taxpayers need to know to determine whether an encounter — in person, over the phone, by text or by email — is an imposter or an actual IRS employee:

IRS TAX SCAMS
Be Suspicious of IRS Calls, Texts or Emails

The IRS Does Not:

  • Call to demand immediate payment using a specific payment method, such as a prepaid debit card, gift card or wire transfer.
  • Demand taxpayers pay taxes without the opportunity to question or appeal the amount owed.
  • Threaten to bring in local police, immigration officers or other law enforcement to have someone arrested for not paying.
  • Threaten to revoke someone’s driver’s license, business licenses or immigration status.

The IRS Does:

  • In general, first mail a bill to any taxpayer who owes taxes.
  • Normally initiate contact with taxpayers through mail delivered by the United States Postal Service.
  • Present official identification when visiting a taxpayer. Taxpayers have the right to see these credentials, and – if they would like – the representative will provide them with a dedicated IRS phone number for verifying the information and confirming their identity.
  • Call or visit a home or business under certain circumstances. This includes when a taxpayer has an overdue tax bill, to secure a delinquent tax return or a delinquent employment tax payment, or to tour a business as part of an audit or criminal investigation. Even then, taxpayers will generally receive several letters from the IRS in the mail first.
  • Assign certain cases to private debt collectors, but only after written notice is given to the taxpayer and their appointed representative.
  • Offer several payment options. Payment by check should ALWAYS be payable to the U.S. Treasury and sent directly to the IRS, instead of a private collection agency.

IRS Tax Scams Use PHISHING Attempts:

Phishing Emails
Don’t Click on Email or text links!

Thieves often pose as IRS employees to get victims to turn over their personal information using Phishing techniques. Phishing is typically carried out through unsolicited emails or calls. Just remember that the IRS does not call, text, or email you. They communicate via a letter sent to you in the mail.

IMPORTANT TIPS:

  • Never click on links in emails or text messages from anyone claiming to be from the IRS.
  • Hang up the phone if someone claiming to be from the IRS calls you and don’t believe what you see on your caller ID. The # can be spoofed.
  • You can forward suspicious IRS emails to phishing@irs.gov
  • Forward text messages as-is to the IRS at 202-552-1226. If possible, in a separate text to the IRS, forward the originating number of the sender to the same IRS # 202-552-1226.
  • Visit the IRS identity protection page for more info on steps to take to protect your info.
  • You can read a prior article I wrote about IRS Phone Scams here.

PHISHING EMAILS – You’re the Fish

When it comes to Phishing Emails – You’re the Fish!

It’s always Phishing Season for Fraudsters. Phishing attacks use emails and sometimes text messages or malicious websites to get information from their victims. The ruse is an attempt to lure you, under the pretense of a problem or an emergency, to click on a link or open an attachment. There is usually a circumstance that is presented to you that requires your attention and your follow-thru, in order to resolve an immediate problem or issue. The emails claim that there will be dire consequences if you ignore the message.

Phishing Emails
DON’T CLICK ON LINKS!

Phishing emails often have the look and feel of authentic communications. Company logos are easily cloned and used in fake phishing emails. Inconsistent or incorrect spelling and grammar are also a tell-tale sign of phishing emails.

Most legitimate emails from businesses would include your name and/or the last few digits of your account number. An email from a friend or family member should be personal in nature. These targeted messages can trick even the most cautious person into doing something that may compromise them. Even if the email is from a known source, people should use caution, because Cybercriminals are very good at mimicking trusted businesses, or even friends and family.

Phishing Emails are Designed to Infect a Victim’s Computer with Malware.

You want to avoid getting Malware installed on your computer.  Infections can result in your downloading keystroke-logging software that enables a scammer to steal information from you as you type passwords or account numbers on a website.

Malware also gives the cybercriminal the ability to use the email addresses of everyone in your email program to spread SPAM to all of them. Your friends and family may be fooled into believing the SPAM email is safe (because it’s from you); and will therefore click on a tainted link or infected attachment in the email.

TIPS and ADVICE

  • Never click on links or open/download attachments – unless you are 110% sure AND have confirmed that they are legitimate.
  • If you receive what appears to be a phishing email or text, always go directly to the source (not the info in an email) to confirm that this is not a scam.
  • Hover you mouse over the sender’s address. You may see that the email address is not consistent with the name of the company or it may be a long string of numbers and symbols that don’t make sense.
  • If calling a business to confirm the email’s legitimacy, be sure to call the correct phone number. In some instances, fraudsters will purchase phone numbers that are only one digit off from those of a legitimate company. These fake (usually toll-free numbers) are an effort to trap people who may mistakenly dial an incorrect number or area code of a bank, credit card issuer, or other legitimate organization.
  • Suspicious emails should be reported to the Federal Trade Commission (FTC) by forwarding the email to spam@uce.gov.  Be sure to report it to the legitimate organization that the email pretends to originate from. You can also report it to your email provider. Once you’ve done that, you should always delete the tainted email from your computer.

KEEP ONLINE DATA SAFE

It’s important to take several steps to help keep your online data safe. During the holiday shopping season, shoppers are looking for the perfect gifts. At the same time, criminals are looking for sensitive data. This data includes passwords, credit or debit card numbers, financial accounts and especially Social Security numbers.

Online Data on Santa's List

Anyone with an online presence should do these few simple things to protect their identity and keep online data safe from predators and fraudsters.

  • Shop at familiar online retailers. Generally, sites with an “s” in “https” at the start of the URL, are secure. Users can also look for the “lock” icon in your browser’s URL bar. That said, some criminals may get a security certificate, so the “s” may not always mean a site is legitimate.
  • Avoid unprotected Wi-Fi. Users should never do online financial transactions when using unprotected public Wi-Fi. Wi-Fi is never private. Unprotected public Wi-Fi hotspots may allow thieves to view your transactions. Use a virtual private network to keep your data private.
  • Recognize and avoid phishing emails that pose as a trusted source. These emails can come from a source that looks like a legitimate bank or even the IRS. These emails almost always include a link that is tainted or takes the user to a fake website. From there, the thieves can steal usernames and passwords.
  • Keep a clean machine. This includes computers, phones and tablets. Users should install security software to protect against malware that may steal data or install Ransomware. This software also protects against viruses that may damage files. Be sure to always keep your software updated and set them to update automatically.
  • Use passwords that are strong, long and unique. Experts suggest a minimum of 10 characters. Use a combination of upper-case and lower-case letters plus some numbers and symbols mixed in. Use phrases or a sentence. It is most important that you ALWAYS use a different password for each of your important online accounts.
  • Use multi-factor authentication when available. Some financial institutions, email providers and social media sites allow users to set their accounts for multi-factor authentication. This means users may need a security code, usually sent as a text to their mobile phone, in addition to a username and password.
  • Sign up for account alerts. Some financial institutions will send email or text alerts to an account holder when there is a withdrawal or change to their accounts. Generally, people can check their account profile to see what added protections may be available.
  • Encrypt sensitive date and protect it with a password. People who keep financial records, tax returns or any personal information on their computer should protect this data. Users should also back up important data to an external source. When disposing of a computer, mobile phone or tablet, it is extremely important that people make sure they wipe the hard drive of all information, including their printer, before disposing or trashing.

For additional tips, read my previous article about how to Shop Safely on Cyber Monday

Tis the Season…For Holiday Scams

The holiday shopping season is underway and Scammers are already gearing up to exploit innocent victims with holiday scams. They love this time of year, when they have even more opportunities to separate you from your money.

Holiday Scams Warning

Here’s a list of Holiday Scams to help  keep you safer & smarter!

Spam Phishing Emails will be finding their way into your inbox. These emails have urgent messages or will contain offers for bargain prices or discount coupons. They will always include a clickable link or an attachment to open. If you click on the provided link or attachment, you will infect your device with Malware. It is advisable to never click on email links or attachments.

Package Delivery Scams are a Fraudster’s favorite trick. They know that most of you are either sending or expecting to receive a package during the holidays. Many millions of spam emails, pretending to be from known shippers (like the Post Office, FedEx or UPS) will be sent out to unsuspecting victims. The emails will include a link to click on that lets you “track” a problem with a package you recently mailed or “track” a package that’s on its way to your house.

E-cards are a fun, easy & inexpensive way to send holiday cheer to family and friends. Make sure any e-card you receive comes from a well-known reputable e-card company. Do NOT open it if the sender is unknown to you.  Many fake e-cards contain spyware and viruses.

Gift cards make popular holiday gifts. Be sure to only purchase them from official retail stores or websites that you know and trust. Beware of websites or ads offering steep discounts for gift cards. Chances are the cards are fraudulent or stolen cards from third-party vendors.

Fake websites will pop up all over the internet offering fantastic bargains. Beware of copy-cat websites or sites that use similar or misspelled names of legitimate retailers. You may not realize that you’re on a fake website and enter your password or credit card information. You think you actually made a purchase, but your merchandise will never arrive and your credit card information will now be used to make illegal purchases.

A good place to evaluate websites selling retail goods is http://www.resellerRatings.com  where you can find reviews about merchants and see if they’re legitimate. If they’re not listed there, chances are it’s a holiday scams website.

Fake online Ads will appear on social media sites and even on legitimate News websites. They exist to entice you to click on links that will either contain keystroke-logging Malware or lure you into providing personal information that will make you a victim of Identity Theft.

Public WiFi is neither private nor secure. You can never be sure whether you’re using the authorized WiFi of the retailer or actually the WiFi of the thief, sitting a few tables away. Use a Virtual Private Network (VPN) when using WiFi, for better online security. Make sure to NEVER use your debit card while shopping online. Your debit card is tied to the money in your checking account. You have better consumer protection when using your credit card. Better yet, use a gift card or prepaid debit card for all your online purchases.

EQUIFAX BREACH EXTREMELY DAMAGING

Why is the Equifax breach extremely damaging? Because the typical information required to prove your identity is now in the hands of the bad guys!

YOU CANNOT HIDE YOUR HEAD IN THE SAND AND THINK YOU’LL BE IMMUNE! 

An identity thief will go to great lengths to dig up your personal identifying information (PII) so they can impersonate you and then commit ID theft. This Equifax breach has already completed that part of the job for them.

Remember that 145.5 million Americans (over ½ the U.S. population) have had their PII stolen! Your information will likely be auctioned off on underground websites to opportunistic criminals, across the planet. Armed with your PII, a criminal can do a lot of damage to your identity, your good name and your financial records!

equifax breach extremely damaging
ARE YOU ANGRY YET??? YOU SHOULD BE!!!

How is the Equifax breach extremely damaging? Let’s count the ways… 

  1. Pretexting – Criminals will use your PII to convince your bank, credit card company, utility or phone service to make changes to your accounts. Your PII gives them the ability to change your email address, PINS, passwords, direct deposit info, phone # and home address. They’ll even change the answers to your secret questions – all in their quest to gain access to private information or to lock you out of your own
  2. Tax ID Theft: File fake tax returns to get large refunds.
  3. Credit Fraud: Open new lines of credit in your name (personal loans, auto loans, mortgages, new credit cards).
  4. Counterfeiting: Create fake ID’s like driver’s licenses, passports, insurance cards, etc.
  5. Criminal ID Theft: Use your ID to give to police if they get arrested.
  6. Medical ID Theft: Create medical insurance cards to get medical services or commit insurance fraud.
  7. Employment ID Theft: Use your PII to get a job and collect a paycheck.
  8. Financial ID Theft: Open bank accounts in your name and pass around bad checks.
  9. Malware/SPAM: Infect your devices with Malware by sending SPAM emails or texts, purported to be from Equifax. SPAM emails and texts are designed to lure you to click on links or open attachments that infect your devices and turn them into ‘bots’.
  10. Spoofing/Phishing: Imposter phone calls from Equifax employees or clickable links that lure you onto a fake Equifax website. Offers of free credit monitoring services or class action lawsuits, designed to phish for additional info, like your credit card number

YOU MUST LEARN WHAT TO DO TO PROTECT YOURSELF! YOU MUST BE PRO-ACTIVE AND EVER VIGILANT!  AND PLEASE – PASS IT ON…

READ MY PREVIOUS EQUIFAX BREACH ARTICLE TO LEARN WHAT YOU NEED TO DO.

 

EQUIFAX BREACH UPDATE

HERE’S AN EQUIFAX BREACH UPDATE

Equifax announced last week that they suffered a data breach that may have affected 143 million (Updated to 145.5 million) of its customers. Social Security numbers, names, addresses and even some Driver’s Licenses and credit card numbers were breached.

If you add this Equifax breach to the other 700+ data breaches this year, (as of June 2017), chances are that your personal information has already been exposed.

The sheer size of this recent breach is so large and the potential harm so great, it makes sense to assume the worst!

Equifax Breach Update
143 Million Records Exposed!

Equifax has launched a tool to let you know if you’ve been affected by this breach. Go here: https://www.equifaxsecurity2017.com/potential-impact/  You’ll need to provide your last name and the last six numbers of your Social Security number. Alternatively, you can call them at 888-548-7878.

If you were impacted, Equifax is offering free credit monitoring via its own company – TrustedID Premier.  However, you won’t be able to enroll in it immediately.  You will be given a date when you can return to the site to enroll.  Equifax will NOT send you a reminder, so mark the date on your calendar to enroll. The deadline to sign up for credit monitoring expires November 21st.

Under pressure from N.Y. Attorney Eric Schneiderman and others, Equifax has now removed the waiver of your rights to participate in a class action suit as a condition of accepting their free credit monitoring.  Because they have now removed this clause, in their terms of agreement, I now advise that you sign up for the free credit monitoring service, ASAP!

A reminder that you have a right to a free copy of your credit report, once a year, from each of the 3 credit bureaus. There is the only federally authorized website to get your free report. Go here to get your free report: https://www.annualcreditreport.com/index.action

What you should do is stagger those requests among the three credit bureaus, by only requesting one of them every 4 months. That way you will have viewed your credit report, for free, 3X during the year.

TIPS:  The advice from my previous article is much the same.

  • Place a credit freeze with all 3 credit bureaus, ASAP. Equifax has now offered to waive the fee to place a credit freeze on their site. You’ll still have to pay the small fee to place a freeze with the other two.
  • In addition, get copies of your credit reports to see if there’s anything on them that might be an indication that you have already been a victim. Remember although this breach was announced last week, the breach actually happened a few months ago.
  • Be sure to monitor ALL of your financial accounts for any signs of trouble or inaccuracies.
  • Use two-factor authentication and set up spending alerts on your credit cards.
  • Watch out for Phishing Spam emails from Equifax Imposters trying to lure you into clicking on links regarding this breach. DON’T fall for it!

You can learn how to report and recover from identity theft by visiting FTC’s website:  http://www.identitytheft.gov  or by calling them at 1-877-438-4338.  The FTC provides information on how to protect yourself after a data breach.

Here are the online links and phone numbers of each of the 3 credit bureaus to place a credit freeze.

 

PHISHING SOCIAL SECURITY NUMBERS

PHISHING SOCIAL SECURITY NUMBERS

Cybercriminals are hell-bent on Phishing for Social Security Numbers, (SSN) because it’s the fastest and most effective route to stealing your identity!

During the first half of year 2017, about 60 % of all data breaches involved the exposure of Social Security Numbers (SSN).  When a company or organization gets hacked, nearly half (47.7%) of these attacks involve Phishing. The grand prize of these phishing expeditions is to reel in as many Social Security Numbers as possible.

Email Phishing Social Security Numbers
Never Click on Unsolicited Email Links/Attachments

Phishing – Favorite Tool in a Cybercriminal Arsenal!

Phishing is mostly done via texts or email. Cybercriminals attempt to lure or entice their victim into clicking on a link or open an attachment in a text or email. Once the victim complies, they are directed to provide personal information, including their SSN. Malware may also be downloaded giving them access to all your files.

Similarly, Spear-Phishing, is a more laser-focused Phishing attempt. For example: Cybercriminals target a company’s Human Resources Department, seeking payroll information in order to steal the Social Security numbers of its employees.

Armed with your SSN – a Criminal can do a lot of damage!

Once your Social Security Number is gleaned via Phishing or a data breach, they will easily make you a victim of identity theft. They can establish new lines of credit, open bank accounts, apply for personal loans, open utilities or phone service, file a fraudulent tax return and even get a job, using your SSN.

Additionally, the medical ID number of most Medicare recipients is their SSN. Identity thieves are well aware of this fact. So, by phishing for the Medicare information of a recipient, the thief is able to gain access to their SSN too.

 

PREVENTION TIPS:

  • Never provide your SSN to anyone who requests it. Always ask if you are legally required to give it to them. Always offer some other form of ID, such as a Driver’s License or code number instead.
  • Never click on links or open attachments in emails, unless you are 110% sure it is safe to do so. Always check with whomever sent it to you first.
  • Never carry your Social Security card in your wallet, nor your Medicare card if it uses your SSN as your Medical ID number.

RANSOMWARE-Always Update & Backup Your Devices

In May, two world-wide Ransomware attacks infected 200,000 computers in over 150 countries. This was a problem that should never have even happened at all. So, how did it happen? Ransomeware Screenshot

The infected computers were not ‘updated’ quickly enough. Both strains of Ransomware, known as “Petya” and “WannaCry”, were developed to take advantage of a Microsoft Windows Operating System flaw. A timely update would have easily patched this vulnerability.

In fact, Microsoft had already issued a patch to eliminate this flaw. But only those who timely updated their devices, as soon as the security patch became available, were safe. The lesson learned here is to always, always keep your devices updated. All your devices should be set to automatically do these updates, as soon as they become available.

Additionally, many of the infected computers were using outdated operating systems. Microsoft no longer issues security patches or updates for Windows XP, Vista and Windows Server 2003. If you are still using an outdated operating system, it is imperative that you upgrade to a newer one, so your computer is protected from dangerous exploits.

Go here for Microsoft’s free security updates for older operating systems: https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

TIPS TO AVOID FALLING VICTIM:

First: Ransomware is easily spread via phishing emails. Phishing emails include an urgent link or an attachment. Unsuspecting victims are lured into clicking on or opening them. Never click on links or open an attachment in an email or text message, unless you are 110% sure it’s safe to do so! You must always first verify that the email or text message is legitimate.

Second: To help prevent losing your files from Ransomware, you must regularly back up your files, either in the cloud or copy important files to a separate external hard drive or flash drive that is not connected to your device.

Third: You should never pay the ransom! There is no guarantee that you will ever get your files back by simply paying the ransom! In fact, paying the ransom simply puts you on a “Sucker List”.

Here is a great resource website: https://www.nomoreransom/org/  The website provides free decryption tools that have proven to be effective against many, but not all, strains of Ransomware.