March 22

Alert: A clever new type of ransomware attack

Your business has a contact form on it’s website, right?

It seems like we’re talking about cyber scams a lot at the moment. And now there’s another new trick you need to be aware of.

Cyber criminals are smart. They’re forever coming up with new ways to infiltrate your devices and networks to access your valuable data.

Fortunately, the defence weapons continue to get stronger and stronger to help keep you protected. Some email systems are now especially good at identifying malicious messages and threats.

But if your website has a contact form – and most do – you face a new threat. That’s because cyber criminals are using web forms to spread malware.

They pose as a potential new customer and ask you to provide them with a quote for your goods or services.

Once you email your reply to their request, they’ll send you over a special kind of file – known as an ISO file – which they say is relevant to your conversation.

Crucially, this file won’t be attached to the email. They’ll send it via a file-sharing service, such as WeTransfer. This is to help to avoid your email provider’s protection.

Think about the psychology of what’s happening here. Whoever in your business is managing this conversation thinks they’re talking to a prospective new customer, and is much more likely to open the files without thinking.

The fact the conversation started with a contact form lowers their natural scepticism. They just want the sale!

When you open the file, it will give the cyber criminals remote access to your device. And that can allow them to access your full network. They can then launch a malware or ransomware attack.

The latter is something you want to avoid at all costs. It’s where your data is encrypted so it’s useless to you. And you have to pay a large ransom fee to get it back… with no guarantees the payment will work.

Experts think this form of contact form attack was first tested on large businesses in December 2021. And believe it’s now becoming more popular.

It’s vital that you and your team check requests sent via your website are genuine. And never, ever open any files emailed over unless you trust the source 100%.

If we can help keep your business protected or train your team on the big threats to be aware of, please contact us.  

Published with permission from Your Tech Updates.

We thought you'd like these posts

May 14, 2024

Have you been hearing more about email authentication lately? There is a

May 7, 2024

Data is the lifeblood of modern businesses. It fuels insights, drives decision-making,

April 30, 2024

Maximising productivity is a goal shared by many teams, and Microsoft Teams

April 23, 2024

Let’s chat about something crucial yet a bit daunting: malware attacks. Yep,

April 16, 2024

Running a business or managing a team is pretty much like being

April 9, 2024

Imagine you’re sifting through your emails when an unexpected message from a

Looking to switch IT provider?

Experience the m3 difference for yourself and discover why our customers can't stop praising our service.
Fill out the form below to setup your 100% FREE, no-obligation consultation.