Similar to a phishing attack, ransomware executes when a user is lured to click on an infected link or e-mail attachment or to download a file or software drive while visiting a rogue website. Sophisticated social engineering techniques are used to entice users to take the desired action; examples include<\/p>\n
- \n
- an embedded malicious link in an e-mail offers a cheap airfare ticket (see figure 1);<\/li>\n
- an e-mail that appears to be from Google Chrome or Facebook invites recipients to click on an image to update their web browser (see figure 2); or<\/li>\n
- a well-crafted website mimics a legitimate website and prompts users to download a file or install an update that locks their PC or laptop.<\/li>\n<\/ul>\n
![\"\"](\"http:\/\/blogs.sun.ac.za\/it\/files\/2017\/06\/ransomware1-500x414.png\")
<\/a><\/p>\nFigure 1. Phishing e-mail with ransomware embedded in a link<\/strong><\/p>\n
\n ![\"\"](\"http:\/\/blogs.sun.ac.za\/it\/files\/2017\/06\/ransomware2-500x345.png\")
<\/a><\/p>\n<\/figcaption><\/figure>\n\n Figure 2. A fake Google Chrome e-mail<\/strong><\/p>\n<\/figcaption><\/figure>\n
To avoid becoming a victim of ransomware, users can follow these tips:<\/p>\n
- \n
- Delete any suspicious e-mail.<\/strong> Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious (see figure 3). If in doubt, contact the alleged source by phone or by using a known, public e-mail address to verify the message\u2019s authenticity.<\/li>\n
- Avoid clicking on unverified e-mail links or attachments.<\/strong> Suspicious links might carry ransomware (such as the CryptoLocker<\/a> Trojan).<\/li>\n
- Use e-mail filtering options whenever possible.<\/strong> E-mail or spam filtering can stop a malicious message from reaching your inbox.<\/li>\n
- Install and maintain up-to-date antivirus software.<\/strong> Keeping your operating system updated with the latest virus definitions will ensure that your security software can detect the latest malware variations.<\/li>\n
- Update all devices, software, and plug-ins on a regular basis.<\/strong> Check for an operating system, software, and plug-in updates often \u2014 or, if possible, set up automatic updates \u2014 to minimise the likelihood of someone holding your computer or files for ransom.<\/li>\n
- Back up your files.<\/strong> Backup the files on your computer, laptop, or mobile devices frequently so you don\u2019t have to pay the ransom to access locked files.<\/li>\n<\/ul>\n
![\"Figure](\"http:\/\/er.educause.edu\/~\/media\/images\/blogs\/2016\/11\/erob166211figure3.png?la=en\")
\n Figure 3. An example ransomware e-mail message<\/strong><\/p>\n<\/figcaption><\/figure>\n
\u00a0<\/div>\n[:af]<\/p>\n
Ransomware is `n tipe malware ontwerp om gebruikers se\u00a0l\u00eaers te enkripteer\u00a0of hulle\u00a0bedryfstelsels\u00a0te blok sodat\u00a0kuberkrakers\u00a0`n losprys\u00a0kan eis. \u00a0Volgens `n\u00a02016 Symantec-verslag<\/a>, is die gemiddelde\u00a0losprysbedrag\u00a0$700 en is 57% van alle sekuriteitsinsidente onder gebruikers tussen January 2015 en April 2016 ransomware.<\/em><\/p>\n
Soortgelyk aan `n\u00a0phishing<\/em>-aanval, lok ransomware ook gebruikers om op `n\u00a0kwaadwillige skakel te kliek,\u00a0of `n\u00a0epos aanhangsel oop te maak\u00a0of om\u00a0sagteware\u00a0af te laai\u00a0vanaf\u00a0`n\u00a0bedrieglike\u00a0webwerf. Gesofistikeerde sosiale ingenieurswese\u00a0metodes word gebruik om gebruikers\u00a0in die versoeking te bring om te reageer, byvoorbeeld<\/p>\n
Sophisticated social engineering techniques are used to entice users to take the desired action; examples include<\/p>\n
- \n
- `n\u00a0ingesluite\u00a0kwaadwillige\u00a0skakel\u00a0in `n e-pos belowe\u00a0`n goedkoop\u00a0vliegtuigkaartjie (siene figuur 1);<\/li>\n
- `n e-pos wat lyk\u00a0asof dit van Google Chrome of Facebook kom nooi ontvangers om op grafika te kliek om hulle webblaaier op te dateer (sien figuur 2); of<\/li>\n
- `n goedgeprakseerde webwerf na-aap `n werklike webwerf en por gebruiker aan om `n l\u00eaer af te laai of `n opdatering te installeer wat dan hulle toestel sluit.\u00a0<\/li>\n<\/ul>\n<\/a><\/p>\n
Figure 1. Phishing<\/em> e-pos met ransomware versteek in `n skakel<\/strong><\/p>\n
\n
- Avoid clicking on unverified e-mail links or attachments.<\/strong> Suspicious links might carry ransomware (such as the CryptoLocker<\/a> Trojan).<\/li>\n
- Delete any suspicious e-mail.<\/strong> Messages from unverified sources or from known sources that offer deals that sound too good to be true are most likely malicious (see figure 3). If in doubt, contact the alleged source by phone or by using a known, public e-mail address to verify the message\u2019s authenticity.<\/li>\n