Recently, a restaurant business in Northwest Wisconsin advertised for help wanted applications through Craigslist. One application came back by way of an email attachment that ended up infecting their back-office PC with a CryptoLocker type malware infection. But it did not stop there.
The latest generation of CryptoLocker not only infects the local computer, but it also encrypts data on PCs on the network that have shares on them. In other words, every computer could be at risk.
There are things to keep in mind regarding Internet access, email, and attachments. Number one, be cautious of any email correspondence from Craigslist. Luckily, in the example above, the encrypted data was relatively easy to recover and repair.
Hackers are after identity information like social security numbers and bank accounts. They use this information to directly access accounts or sell the information. But it’s not just the large corporations like Target, Home Depot, or eBay that should be concerned. Small and medium companies are prime targets for malware/ransomware attacks by criminals searching sites like LinkedIn and Craigslist. Fake applications and resumes are sent in that carry a macro-type infection.
How do you protect yourself?
First, do not open attachments from unknown senders.
Second, invest in a higher-end network router/firewall. At Imagineering, we recommend Watchguard. The firewall can be configured to strip suspicious attachments from the email, as well as block websites that have been compromised. When I say invest, think of it as insurance. Your network is only as strong as your weakest link.