Imagine you’re sitting down to use your laptop, when all of the sudden a threatening message appears. The message, which looks startlingly real and official, informs you that for some specific reason, your computer access is “blocked.” The concerning message goes on to say that you will not be granted access to your files, photos, information, and more, unless you pay a “ransom” in a given amount of time. This ransom is often demanded unusual forms such as via Bitcoin or iTunes gift cards. Even worse, if you fail to pay, you’re told, your data will be irrevocably deleted.
This scenario is admittedly frightening, and refers to something hackers use known as “ransomware.” Advanced ransomware infects your system and encrypts your files, preventing you from obtaining access. Although ransomware has been a popular strategy for hackers for several years, hackers are now getting smarter about tricking web users to inadvertently download the ransomware. And by using less trackable forms of payment, such as Bitcoin, these criminals are able to remain undetected for longer.
The Trick of Social Engineering Ads
Even the savviest of web users may have found themselves a victim to a hacker scam such as ransomware. But how does this happen? The hackers’ methods are improving. While it’s always wise to avoid spammy looking websites with an abundance of pop up ads, ransomware can lurk even in the most unsuspecting of places. Hackers disguise their malware or ransomware in the form of ads or popups, designed to reflect notifications you commonly see on your home computer, such as error warnings, notices that an update is needed, or by asking you to login to your email or other account. They prey on your tendency to trust familiar elements. After you click or provide information, you’re in trouble. Hackers also research where you live and pose as local or national businesses or organisations that you’re more likely to trust. It can be a challenge to distinguish between a clever “social engineering” ad and the real thing.
Google’s Warnings
Fortunately, Google is helping to combat this. As announced a few months ago, Google will now use their “Safe Browsing” alert to warn users when they are about to enter a website where these social engineering ads have been found. This gives users an option to avoid the site altogether, or to proceed with caution. These warnings will not appear for a single deceptive ad–these can occasionally appear via an ad network on even a trustworthy web site– as the intention is not to penalise sites with advertisements. Rather, the warnings will be applied on sites where many social engineering ads are regularly found. Google will do their part to actively warn you, but web users still need to exercise care and attentiveness when browsing the Internet.
What Can You Do?
Experts agree that the best protection against hackers, ransomware, and malware of any kind is prevention. Your files should be regularly backed up to an external hard drive or a cloud service. Keep all programs on your computer as up to date as possible. This guards against attacks on the vulnerabilities of outdated software. Installing a high quality antivirus program on your PC is also a must. When downloading from the web, only do so from reputable sites that you know and trust. Most of all, avoid visiting websites that seem unsafe or unsecured. Certain sites can automatically download malware to your computer, merely by paying a visit.
What ways do you stay safe online? Share with us in the comments below.