PROTECT YOURSELF FROM RANSOMWARE, MALWARE AND VIRUSES. STEP BY STEP CHECKLIST FOR HOME OR BUSINESS October 16, 2018at 19:50 pm By: James Byrne After Dark Grafx Ransomware, malware and viruses are on the rise. Hackers are getting smarter with clever subject lines and phishing scams to get you to open that email. Be on the lookout! Recently, there is an email going around with subject line. “Your Account Has Been Hacked” and sometimes includes an old password that you may have used and have never changed. We take cybersecurity seriously and so should you. How did they get your password in the first place? There are multiple methods like social media engineering – where the hacker monitors some of your social media accounts and is able to guess your password, with the help of some software. They then engage brute force attacks – these attacks are targeted at one or more of your accounts and again, enlist the help of some computer software which tries millions of variations of passwords. Eventually they will guess the password as too many people do not use strong enough passwords, nor do they change them frequently enough. Another thing is in an email phish, they don’t need your password. They just need your email address (often readily available on social media), and the ability to create a convincing enough email to get you to click. Once done, they have your computer and all the data it contains. Did you know that most people do not change their passwords for at least 5 years! This is awful behavior. Couple this with using the same password across all of your social media and banking accounts and you are opening yourself up to some severe cyber pain. Take action today to mitigate these risks! Step 1: BACKUP EVERYTHING that is important on the computer(s). Using an external hard drive is excellent for this and can be found on amazon or local best buy for less than $80. Step 2: Check your computer(s) for Viruses. Avast.Com is free and other Anti-Virus programs offer free trials and scans. Other anti-virus programs are low cost and well worth the investment. Do a COMPLETE scan and not just the quick scan so you can get back to work. Schedule this at the end of the day. When you are about to leave the office or not needing to use your computer for a while, set the scan to check everything! Step 3: Download an anti-malware program like Malwarebytes.Com – free trial and run a full scan. Step 4: Download a rootkit scanner. Also available from Malwarebytes – this will scan your computer for any root access. Step 5: Change your passwords on all accounts. PC and MAC systems have a built-in on-screen keyboard. Initially, use this when you change your passwords on your accounts. If there is a keylogger on your computer, using an on-screen keyboard is a way to thwart someone from spying on you with a basic keylogger (although the scans above should find the intruder – you can never be too safe ) Also, enlist a PASSWORD MANAGER to save your passwords for you. This way you do not have to remember each different password. This is the safest and most effective method to manage your multiple passwords. BE SURE THAT EACH PASSWORD IS DIFFERENT ON ALL ACCOUNTS. Especially, do not use your banking passwords on any social media or email accounts. Don’t just add a 1 or 2 or $ to the end of a password to make it different from another password. Don’t use birthdays, pet names, favorite sports, bands, or anything that could be guessed based on information you provide publicly on social media. Bad Password: Ralph1972 Good Password: A3#!g*9gC! Step 6: Update everything, software, firmware, etc. Check your PRINTER FIRMWARE (yes, it needs to be updated – if it is on the network, it is vulnerable.) Update the ROUTER FIRMWARE (most routers will do this automatically, but some are older and need manual intervention.) Update the Operating System (Mac or PC) with the required patches. Step 7: Backup Everything again once the updates and patches are applied and steps 1-6 are completed. Step 8: Put into place a security protocol checklist at work or home explaining to your employees or family as to what to click on via email and what to not click on. You can even block websites via the router with a firewall. A part of this plan should include automatic backups to local external drives and to the cloud. Google Drive or Dropbox.com are excellent sources for this while other, larger companies will need a more robust backup solution. Your IT company should have this in place for recovery. Run daily or active scans for malware and viruses. Step 9: Add a hardware firewall. These days, computers and routers have built in software firewalls but adding the extra hardware firewall will give you another layer of protection. Step 10: Shut off the router. If you can do so, turn off the router at night so that there is an extra layer of security. If hackers can’t reach the computers, they will move on to easier targets. Don’t be the easiest target. We know life gets busy, but taking a little time to make sure that you and your business are as secure as possible will make for a better night’s sleep. After Dark Grafx does not specialize in implementing computer or software cleanup as stated above but this is the general information that we supply to our clients. We do, however, fix hacked word press, or magento websites. We also specialize in web design, e commerce, shopify, miva merchant, web development, SEO, and app development. If you have questions as to whether we can assist you, please call us. After Dark Grafx is not affiliated with or compensated for any of the software vendors or programs mentioned in this post.