How to know if is a website may have ransomware
The best way to deal with a ransomware attack is to avoid being targeted by one in the first place. Unfortunately, there is no 100% accurate list of sites where you are known to pick up ransomware. There are, however, some useful guidelines to follow when you are surfing the internet so you reduce your chances of being infected with ransomware.
Use an ad blocker as much as you can
This may seem harsh given that many websites are still funded, at least partly, by advertising revenue. The problem is that legitimate advertising space can be bought by cybercriminals and used for malvertising attacks. Malvertising is the strategy of using adverts to spread malware. In most cases, the user needs to click on the advert for the strategy to be successful. In some cases, however, it is enough for the advert to be displayed on the screen.
At present, it is believed that malvertising cannot be used to spread ransomware itself. It can, however, be used to spread malware which scans a system for vulnerabilities that can then be exploited to increase the chances of a ransomware attack being successful.
Never click on short links (without checking them first)
Short links do serve a legitimate purpose. They can make posts much easier to read. The problem with them is that they have the effect of concealing a lot of information about the website to which a person is being directed.
This opens the door to simple, but effective, social-engineering exploits such as creating a post about one topic and including a link to a website which has nothing whatsoever to do with that topic. Many of these links will be harmless, if annoying, but this tactic can also be used to direct people to sites that host malware, including ransomware.
The key point to take away is that you should never just click on a short link, even if it’s included in a message from someone you trust. If you are interested in it, hover over it and check the actual link address. If that doesn’t work, use a short-link analyzer to check the address before you decide whether or not it’s safe to click.
Be careful about using free software
There is a whole lot of great free (or freemium) software out there. Some of it is fully open-source, but much of it is offered by private companies of various sizes. In either case, do your research on the developer behind the software before you decide whether or not it’s safe to download and always have a file scanned by an anti-malware solution before you download it (or at least before you open it).
While this should go without saying, never download pirated software or indeed any form of illegal content. Setting aside the legality and the ethics, illegal content is notorious for being filled with malware, including ransomware. This is partly because it is effectively impossible for there to be any real come-back on the person who loads it since the user will know that they shouldn’t have been accessing it.
Be aware of other sources of ransomware
Although the Internet is often used to spread ransomware, it is far from the only source of infection. It is also frequently spread through email attachments. In fact, email attachments are now such a security threat that the safest approach by far is to scan them all before they are downloaded without any exceptions. As a bare minimum, think before you click.
Hardware can also be compromised. This means that you need to think about physical security. In particular, you want to limit access to your devices in general and in particular to USB ports and optical drives as these can be used to load unauthorized software.
Understand that it’s risky to rely on human judgment
In the early days of the internet, it often was feasible for people to keep themselves safe online just by applying common sense. Sadly, those days are now past. There are just too many threats out there and some of them are very sophisticated.
You need to protect yourself with a robust anti-malware product backed by a reputable cybersecurity company. For most companies and individuals, the smart approach is to use a cloud-based, all-in-one solution.
This gives you all the protection you need right from the time of purchase. Everything is already configured so that it works with everything else and the vendor manages all updates, which will be frequent. As a bonus, using a cloud-based solution pushes the resource-load onto the back-end servers rather than the local devices.
Please click here now to start your free 30-day trial of Xcitium AEP.
Endpoint Detection and Response
Infected By Ransomware