Ransomware etc

For the discussion of topics related to the conservation, cultivation, propagation and exhibition of cacti & other succulents.
Forum rules
For the discussion of topics related to the conservation, cultivation, propagation, exhibition & science of cacti & other succulents only.

Please respect all forum members opinions and if you can't make a civil reply, don't reply!
Post Reply
User avatar
Bill
Posts: 8524
https://www.behance.net/kuchnie-warszawa
Joined: 11 Jan 2007
Branch: None
Country: Wales
Location: Pwllheli North Wales

Ransomware etc

Post by Bill »

In light of recent events thought this might be useful, feel free to add any further advice.

The simplest and easiest way to protect yourself against Ransomware, is to back up all your important files to a storage device that is physically disconnected from your computer & network/internet when not in use.

You should also make sure your computers operating system is up to date with all security patches and updates applied, if you are running older versions of Windows such as XP ditch it and get a new version, its no longer supported.

Make sure you have a good current antivirus checker, Kaspersky is one of the best and if your are with Barclays online banking you get it free, other banks may offer similar.

Never open emails from people you don't know.

Never click on links in emails you weren't expecting without checking where its taking you, just hover over the link, the email may be from Ebay but the link could go anywhere.If in doubt type the site you think you are visiting direct to your browser.

Never open attachments you weren't expecting.

Never click on ad banners on websites, particularly ones that offer you amazing stuff/prizes, you are not the 1000th visitor you will be the next victim.
fruit
BCSS Member
Posts: 225
Joined: 16 Aug 2015
Branch: None
Country: UK
Location: West Suffolk

Re: Ransomware etc

Post by fruit »

Bill wrote:The simplest and easiest way to protect yourself against Ransomware, is to back up all your important files to a storage device that is physically disconnected from your computer when not in use.
as well as disconnect that storage device from anything else that is network connected - including the internet
That may be a little over the top but if you want to be safe...
User avatar
Bill
Posts: 8524
Joined: 11 Jan 2007
Branch: None
Country: Wales
Location: Pwllheli North Wales

Re: Ransomware etc

Post by Bill »

No not OTT at all, I thought it and didn't type it. (tu)
_______________________________________________________________________________
Haworthiad Editor

Mainly Haworthia and Gasteria, a few other South African succulents and the odd spiky thing.
fruit
BCSS Member
Posts: 225
Joined: 16 Aug 2015
Branch: None
Country: UK
Location: West Suffolk

Re: Ransomware etc

Post by fruit »

Bill wrote:No not OTT at all, I thought it and didn't type it. (tu)
Guessed you had :)

I have this morning come across a post on another forum from a Windows 10 user who, having checked his update history, has found that all updates since January are marked as failed.
Check! Don't assume that auto-updates are auto-updating - applies to any OS.

I guess that additional precautions may be needed for anyone relying on 'cloud' backup (including apps such as DropBox?).
I don't use any of them but would not be happy without my own backup on a device physically in my posession and totally under my control
User avatar
Chris L
BCSS Branch Websites Co-ordinator
Posts: 2601
Joined: 11 Oct 2009
Branch: MANCHESTER
Country: England
Role within the BCSS: Branch Websites Co-ordinator
Location: Lancashire, England
Contact:

Re: Ransomware etc

Post by Chris L »

I had an email today from Shutl.

Starting today - 10% off Hermes drop off services on eBay delivery powered by Shutl


Never heard of Shutl before but obviously it is linked to eBay and Hermes, both of which I use.

Stupid eBay have put me on the mailing list - it's addressed to christopher, they know who I am - so where is that unsubscribe link........ :evil:

:shock: Errrrrr..... No........ Nearly had me there........ :oops:

MARK AS SPAM, BLOCK and DELETE.

Shutl appears to be genuine, but the email may not be........ (td)
Joined 1991
Lamb's Reference Plate Index http://www.cactus-corner.co.uk/referenc ... -guide.htm
FREE on Kindle Unlimited:
Anglesey Circular Walk https://amzn.to/34i18qF
Lytham-Arnside Walk https://amzn.to/3fpQPGf
My Redbubble Shop https://www.redbubble.com/people/cactuschris/shop
User avatar
Chris L
BCSS Branch Websites Co-ordinator
Posts: 2601
Joined: 11 Oct 2009
Branch: MANCHESTER
Country: England
Role within the BCSS: Branch Websites Co-ordinator
Location: Lancashire, England
Contact:

Re: Ransomware etc

Post by Chris L »

The best thing you can do to protect yourself is not to use the same email address for throw away logins and mailing lists that you use for money based websites.

Anything financial should use one email, which when they send emails come to your inbox. These should only be those that need to know who you are for financial or security reasons. Everything should have a different password as a matter of course.

Any forums, mailing lists, social media, own websites, photo sites etc etc etc, should use a different email address.

The BIGGEST thing you can do to combat hackers is to use different user names for all your accounts, and have something that will pull up a lot of hits on Google. Having a user name of EchinoFossuloCactusMan2017 across all your accounts is not a good idea and user names along the lines of Morcambe&Wise, Eric&Ernie, The_Two_Ronnies, Tommy_Cooper, etc are much better.
Joined 1991
Lamb's Reference Plate Index http://www.cactus-corner.co.uk/referenc ... -guide.htm
FREE on Kindle Unlimited:
Anglesey Circular Walk https://amzn.to/34i18qF
Lytham-Arnside Walk https://amzn.to/3fpQPGf
My Redbubble Shop https://www.redbubble.com/people/cactuschris/shop
User avatar
Bill
Posts: 8524
Joined: 11 Jan 2007
Branch: None
Country: Wales
Location: Pwllheli North Wales

Re: Ransomware etc

Post by Bill »

Chris L wrote:
The BIGGEST thing you can do to combat hackers is to use different user names for all your accounts, and have something that will pull up a lot of hits on Google. Having a user name of EchinoFossuloCactusMan2017 across all your accounts is not a good idea and user names along the lines of Morcambe&Wise, Eric&Ernie, The_Two_Ronnies, Tommy_Cooper, etc are much better.
Unfortunately not so easy nowadays with more and more sites using your email as your primary logon and a user name being optional.
_______________________________________________________________________________
Haworthiad Editor

Mainly Haworthia and Gasteria, a few other South African succulents and the odd spiky thing.
IanW
Registered Guest
Posts: 3807
Joined: 18 Nov 2007
Branch: LEEDS
Country: UK
Role within the BCSS: Member

Re: Ransomware etc

Post by IanW »

Also not running a 16 year old operating system like Windows XP, and patching your more modern operating system is probably a reasonable step.

But apparently the NHS thought otherwise.
User avatar
AnTTun
BCSS Member
Posts: 2882
Joined: 14 Jul 2010
Branch: None
Country: Croatia
Contact:

Re: Ransomware etc

Post by AnTTun »

My company got a warning email from Microsft support few days ago about „Wana Decrypt0r“ ransomware. I guess its 3rd generation ransomware (I'm an IT but sometimes its hard to catch up with everything). Besides all their 'update on regular basis.. .have a good anti virus...' & all that jazz, bottom line is not to click on any suspicious (???!!!???) links or attachments that come to your email. Well, thank you MS staff but even I did it few times because it was masked too darn good and seemed so real (eBay, PayPal etc).

Fact one: we got infected by 1st & 2nd generation ransomware despite similiar MS warnings (and company firewall, and antivirus and...). There was always someone that 'had to check what it was in his / her email'.
Fact two: both attacks (plus few that I've faced in private practice) came thru emails.
Fact three: only way to unlock your crypted files was to pay ransome. We didn't and we still have thousands of locked files. Two of my customers did pay ransome and we have unlocked their files. (But I wouldn't really count on that...)
Fact four: one of my customers had backup but it was already locked (now thats BAD luck)

To summarize: you can hardly disconnect from The Net, but if you are VERY careful with emails you are (so far) more than 90% safe. Of course, incremental backup (Cobian for example) is just additional bonus :)
TTcacti - C&S database software - http://www.ttimpact.hr/anttun/
Post Reply