It isn't every day you get to see what a real Trojan attack looks like.
When you do, there's seldom time to even take screenshots: you just want to get the heck out of Dodge.
But, this time, in putting together material for our upcoming free workshop when I happened across a real attack I was able to record it.
If you've ever wondered what an attack looks like, here's your chance to see one.
Here's the best/worst part: nothing stopped it.
- Not our Internet Security Software.
- Not any of our browsers' built-in malware protection
- Not even Windows 10 built-in security.
See for yourself how it happened and what you can do to stop it.
This file opens in a new tab / Window for you.
On Feb 18, the entire computer system at Hollywood Presbyterian Medical Center was locked and held for ransom.
The hackers who easily infiltrated the hospital's system locked and encrypted all of the hospital's medical files and computers making it impossible to work and help patients. The hackers demanded $17,000 to unlock the hospital's computer system. The hospital staff had to resort to pen and paper to get anything done, and many critical patients had to be diverted to other hospitals for care.
And if you think you're not vulnerable to ransomware attacks, think again:
The Lockie ransomeware malware can be targeted at anyone, anytime. Whether you're a big company or a single person, Lockie makes it incredibly easy to infect and hold your PC... or many PCs... for ransom. Local resident Brandi C. was hit by Lockie at home.
Brandi had to pay $300 to the hackers so they would unlock and release her computer back to her.
How Does This Happen?
The Lockie ransomware is spread primarily through emails. Proofpoint CEO Gary Steele says their security firm saw 10 million messages go out in one day that contained the Lockie ransomware.
Lockie is typically delivered via email as an attachment. By clicking open a simple Word document attached to your email, you could instantly infect your system with Lockie. Your entire computer would then be locked and encrypted with a demand from the hackers to pay hundreds or even thousands of dollars to unlock your computer.
How To Avoid Lockie and Other Ransomware
- Don't click on suspicious links or attachments in your emails. If you get an email from someone you don't know that has an attachment, you have two options:
- Delete the email immediately without opening. This is your best and safest option.
- Use your antivirus software to scan the file before opening it (most antivirus software has a feature that lets you right click a file and scan it. Caution: be extremely careful that you don't actually double click to open it. If you do, you could instantly infect your PC. If you do get infected with Lockie or any ransomware, try The FixMeStick to get rid of it.
- Delete the email immediately without opening. This is your best and safest option.
- Backup all your data regularly. If you're not already backing up your files... you should be. A good backup software is a critical piece of online security that many people overlook. Backup always and often.
- Be sure you have a good antivirus or Internet Security software installed. We say it over and over, but people still get hit with ransomware and other malware all the time because they have poor antivirus software. A good antivirus program will scan attachments before they can do any damage.
In the end, the hospital paid the $17,000 ransom to get their files back. They panicked because they felt they had no other choice. They should've trained their staff to better identify suspicious email attachments, and they should've had better antivirus software running.
And Brandi, and thousands more like her, was an innocent bystander who got hit with this devious malware... and you could too. Be alert when you're online just like you would in a bad part of town. Keep your eyes and ears open and don't be too quick to click.
Although it may seem strange to some people, to others the very thought of using a credit card online seems pretty crazy.
In fact, we talk to someone by phone at least once a week with this concern.
Pam, a New Hampshire resident, called this week asking,
"I want to buy one of the antivirus programs you review, but I'm uncomfortable buying online.
"I just don't like putting my credit card information in some website. I'd rather do it in person or by phone.
"Is there a way I can buy the software in a store, instead?"
In my view buying software online (and in fact all transactions online) are actually safer than those you do in a store.
(As the former CTO of a sizable credit card processing company, I can answer this question with some authority.)
Read on for the answer...
Why online transactions are actually safer
First, let's take a look at what really happens when you buy something in a store.
The fact is almost all credit card transactions, even those done in a store, happen entirely on the Internet. (We'll cover this more in a second.)
Second, when you buy software in a store, you have the huge hassle of going back to the store and dealing with that store's return policy for software.
Since nearly all stores prohibit customers from returning software once it's opened, your only recourse is to go back to the manufacturer and wait for them to issue a refund. (Oh, joy!)
In contrast, if you buy software online, the license key and a link to download are emailed to you. If you need a refund, you just get in touch with the company directly since they're the ones that sold you the software. Schlepping to the store involved? Zero.
Third, when you buy antivirus software in a box, what you're getting is weeks—maybe even months—old. Yes, the software will update itself automatically, but a heck of a lot of new viruses are developed between when the software was boxed up and when you bought it.
On the other hand, antivirus software purchased online is often the manufacturer's latest, greatest release.
Before we get back to buying software in a store, let's talk about buying by phone. The problem with phone purchases is you're trusting the person to be honest on the other end of the line.
For the most part, they are. Other times, not so much.
The fact is, you're giving that person all your card details, even the security code from the back, so they've got everything--even your billing address. If they want to go on a seven state shopping spree or sell your info on the black market, you couldn't make it any easier.
OK, let's get back to what happens when you buy something in a store.
What Really Happens?
The super simple version of what happens goes something like this:
- Your card is swiped in a credit card terminal or cash register, and then
- The credit card number is immediately encrypted, and then
- Shot to a "front end" processor, who then
- Talks the store's bank, who then
- Talks to your bank to get authorization to charge your card.
Later, a "back end" processor enters the picture, too, who also gets handed your card number via the Internet. [This is a simplified version of what happens, too.]
Any guess were all this happens? Online.
All of it.
What's all this mean?
It means in-person purchases are ultimately no different than those that happen entirely online.
What's the real risk?
First, in most countries for there to be any liability, the bank has to prove you were at fault for the theft. If you're not at fault, the liability is usually $0.
What's more if you're in the U.S. your maximum liability is $50. (It's the law.)
And, in Canada, Australia, and most countries in Europe, liability is legally limited there, too. Usually, it's between $0 and $50/£50/€50.
The bottom line:
- All credit card transactions ultimately end up online
- Your credit card number and other info about the purchase is encrypted as it moves across the Internet
- Laws in most countries limit your liability to between $0 and $50/£50/€50.
Lastly, because of the encryption in use and the layer upon layer of security in place, in many ways it's MUCH safer to use your card online than it is to use a card in person in person in a lot of places.
Consider: a restaurant.
When you're done with dinner, a waiter or waitress takes your card and disappears with it. For minutes at a time they're out of sight.
Sure, they return with your bill, and that* much you can make sure is correct, but what else they did with your card while they had it is anyone's guess.
So, if you're reluctant to use your credit card online, knock it off. Save the trip to the store and buy online. And, if you don't like the software, make the refund process easier on yourself.
We've been getting such tremendous feedback from this story from our newsletter subscribers, I've decided to turn it into a blog, too.
This "Ask the Experts" deals with a personal story from my college days and situational awareness.
It's a short story. Every word is true.
I hope it helps keep you safe online, too.
The story goes like this, I put myself through college managing car washes.
It was a lot of fun, and unlike a lot of my friends, I got to work outside and got priceless experience in ways you'd never imagine: scheduling, managing staff, handling customers, negotiating with vendors, bookkeeping, even welding.
One night after locking up the safe, I'd just turned out the lights inside and as I was walking down the long hallway, ready to head out for the evening, out of the corner of my eye I spotted movement in the bushes outside.
Because of the one remaining light outside, I could see outside, but you couldn't easily see inside the completely dark building.
I was sure someone was there.
At 11:00PM, no one had any business being on a dark car wash parking lot, much less skulking around in the bushes.
As stealthily as I could, I dialed 911 and as quietly as possible explained the situation.
In no time, an officer showed up; we immediately recognized one another as his department routinely brought their cars in.
As he stepped out, he reiterated the situation as I'd explained it to the 911 operator.
Seeing the situation for what it was and my (extreme) concern, and knowing me pretty well personally, he unholstered his weapon. Together we walked the perimeter of the lot.
We found nothing.
I felt silly, but I know what I saw, so I chalked it up to, "Oh well..."
Still shaken, I thanked the officer, and apologized for the wild goose chase.
His words, "Better to feel silly than to be dead."
The words stuck with me.
I nodded, got into my car, and went home.
The next day...
The next day when I came in for my shift, the morning manager said, "Hey, Kevin... did you hear about the Shell station down the street last night?!"
"They got robbed. Shot and killed the night manager. Just after 11 o'clock. You're lucky they didn't come here instead."
I got lucky.
I got lucky that night. Very lucky. But I was also aware of my surroundings and willing to look stupid.
Online, it's harder.
The bad guys are smarter than ever, and like the crooks at the car wash that night, they want your money.
Today's bad guys online make phony bank sites and phishing emails. They make 'em seem so legit it's nearly impossible to tell they're not real.
Even professionals have a hard time telling good from bad.
And, while antivirus and Internet security software can be a big help, your own situational awareness is just as important.
If you get an email, no matter who it's from, if it's got a link: be wary of it.
If you click the link, do not, under any circumstance fill out any kind of form on the site. No usernames. No passwords. Nothing.
If it's legit, you can always go back to the site by typing the _real_ website name into your web browser by hand.
The bottom line...
Be aware of your surroundings online just like you are in the real world.
Keep in mind, too, it's not just bank websites being phished. Be wary of any email claiming to be from anywhere where you use a username and password.
If you think you've got something in the bushes of your PC, feel free to contact Josh and me.
We may not be peace officers, but we do know a thing or two about online safety and security.
After all, it's better to feel a little silly asking for help than the alternative.