A new phishing email is going around with an MS Word attachment offering unique Google search tactics. Do not open the email and more importantly do not open the attachment. Even though the Word document has no active content, no VBA macros, embedded Flash objects or PE files which are often elements that could flag an attachment as spam, there are several links in the document that trigger scripts located on third-party web servers. Once the attachment is opened the bad guys will receive information about the software installed on your computer as well as your IP address. This information will be used in the future by the bad guys to deliver more targeted and effective mechanisms for attacks including ransomware and keylogging. Yet another good reason to secure a Cyber Liability policy as well as improve your agents’ cyber awareness.
Another huge breach.. this one the bad guys good a lot of valuable information, here is the summary:
- Equifax reported a cybersecurity incident potentially impacting 143 million U.S. consumers. The company has found no evidence of unauthorized activity on Equifax’s core consumer or commercial credit reporting databases.
- The unauthorized access was discovered July 29 and Equifax notified us of the incident on September 7, 2017
- The company said the information accessed includes names, birth dates, Social Security numbers, addresses and some driver’s license numbers
- In addition, credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers, were accessed.
Yet another good reason to secure a Cyber Liability policy as well as improve your agents’ cyber awareness.
You may have seen the news this weekend. Criminal hackers have released a powerful strain of ransomware that spreads itself automatically across all computers in a network, causing a global epidemic. If you are not paying attention and accidentally open one of these phishing email attachments, you might infect not only your own workstation but immediately everyone else’s computer too. Here is a map of the infected:
Be very careful when you get a phishing email with an attachment. If there is a .zip file in the attachment, do not click on it but delete the whole email.
WannaCry is the name of this latest ransomware, a growing category of extremely heinous malware. Once it has activated on a machine, it encrypts the files on that machine so they are inaccessible. Then it instructs the owner to pay a ransom in Bitcoin in exchange for unlocking the files. This is the screen that will appear asking for payment to unlock your computer.
The best way to avoid becoming a victim is to have a your computers updated with the latest Microsoft system updates as well as avoid clicking on email attachments in phishing emails.
Here is a brief video that explains what happens on this outbreak: http://money.cnn.com/2017/05/13/technology/ransomware-attack-who-got-hurt/
PBI Group’s Cyber Liability insurance policy from ACE will provide protection against ransomware attacks like WannaCry, which may include paying the ransom for you as well as providing coverage for business interruption and lost digital assets. Yet another good reason to secure a Cyber Liability policy as well as improve your agents’ cyber awareness.