Loss Prevention Tip #41
Avoid Ransomware Viruses
Recently, law firms across Canada have been hit by a computer ransomware virus called MAZE. As a result of this virus attack, they have no access to email, Word, their accounting software, or any of their backups, including cloud backups. Everything is tied up by MAZE and they have been asked to pay an enormous ransom to regain access to any of their work.
Ransomware viruses are often hidden in email attachments. Recently, the infected attachments appear to have been about COVID-19 including:
- Emails with a COVID-19 outbreak maps in an attachment.
- Emails inviting you to a seminar to discuss responses to COVID-19, which includes a link to register for the seminar.
- Emails claiming to be from vendors or associations about COVID-19 that include links to PDFs and Word documents.
- SMS (text) messages, indicating you need to “click here” to find out about modified firm operations.
These emails and attachments can be loaded with malware which can gain control of your remote access into firm computers and encrypt your home and work computers and anything else the malware can reach through your network.
What can you do to avoid ransomware viruses?
- Always think before you click.
- Never click on an email or text message from anyone you don’t know.
- If you receive an attachment in an email or text message you were not expecting—even if it is from someone you know—call the person at a known telephone number (not the number listed in the message) to confirm the message is legitimate.
- If you click on something you should have avoided and a box opens that asks you for your password, or to supply some information or click on a link to enable a later version of software: stop, close out, unplug the computer and immediately call your IT support!
Please be careful. Think before you click. And if you notice something suspicious going on with your computer, unplug it and call your IT support right away! Be careful and pass this warning on to staff and lawyers in your office.
Check with the person or firm who provides your IT support and ask if there are additional steps you should be taking at this time. To report a claim and get some advice, email a description of the circumstances to cyberclaims@clia.ca; or call 1-833-3831488 (toll free).