To Customer Support To Customer Support

Ransomware Live Q&A

  • 18 October 2018
  • 14 replies
  • 739 views
LLiddell
Userlevel 7
Badge +36

 
Hello Webroot Community!
 
I wanted to spend some time with you to answer your questions about Ransomware. Webroot is holding a LIVE Q&A session right here on the Webroot Community.
 
Please use this time to post your questions about Ransomware, and I will answer as many as I possibly can between 10-11 a.m.
 
Webroot will also be giving away a $100 Best Buy.gift card as well so be sure to post your questions!
 
 
 

14 replies

F
Userlevel 7
Badge +48
To get us started, we wanted to ask @ about how to best protect yourself against phishing emails. 
 
 
B
Rank
Can ransomware encrypt files on a NAS if there are NO mapped drives to it (pretty sure it can if drives are mapped)?

Thanks in advance.
TylerM
Rank
Userlevel 7
Badge +25
Great question Drew!
 
First things to do is to evaluate the email and see it resembles typical social engineering templates. Usually, there is a call to action to click a link. This link is usually the phishing site that you should avoid. Hovering over the link with your cursor will reveal the URL and make sure to check it as it almost always never resembles the actual domain of the company that they are spoofing - like google, apple, dropbox, chase, wellsfargo, ect. 
 
The best way to protect yourself is to have a solution that can block these URLs from even resolving and displaying on your browser so you never have a chance to fall for them.
 
There are also other phishing scams that have no link and will just threaten you will a false claim to pay bitcoin. Here is an example of one of these. 
https://community.webroot.com/t5/Tech-Talk/Social-Engineering-What-to-look-out-for/m-p/331714
 
TylerM
Rank
Userlevel 7
Badge +25
If the drive is not mapped that will definitely help as it will avoid a good portion ransomware and this was very common tip with early ransomware, but we've seen some more advanced samples that will attempt to map all accessible drives before encryption with mixed success. 
 
Also if the criminal breached your system through compromised RDP, then, of course, they will manually map any drives before dropping a ransomware payload.
LLiddell
Userlevel 7
Badge +36
You mentioned in the video that side loading will put you at risk for ransomware, can you expand on that?
TylerM
Rank
Userlevel 7
Badge +25
Absolutely!
 
So many advertisements you will see while browsing on your mobile device will offer apps that do things for free that usually you only get with premium paid apps. However, these apps require and instruct you disable security settings on your phone and allow installation from unverified sources. This is definitely something everyone should caution against unless you are an advanced user that knows exactly what you are doing. 
 
This type of tactic is a breeding ground to trick people into installing malicious apps that usually have embedded trojans in the device that will steal personal contact information and in extreme cases will give remote access to the criminal to your phone and all your actions you conduct on the device. 
B
Rank
Thanks, Tyler.
 
While I take nightly images of my PC, I've always been concerned about the files that are on my NAS. When I originally setup the NAS, before Ransomware, I had mapped each of the 4 folders that reside on the NAS; Music, Pictures, Uploads, and Video. After reading that Ransomware can affect mapped NAS drives, I decided to set all folders that were mapped, except the 'Uploads' folder, as 'Read Only'. It makes it a little inconvienient when adding to those folders, as I have to change permissions, but most of the access to those folders is read only, anyway. I only add content every so often. The 'Uploads' folder is at risk in this configuration, but I only use that folder as a temporary landing spot to upload files when away from home, before being moved to one of the other folders on the NAS or to a particular PC. Most of the time this folder is empty. The threat of ransomware has me so concerned that each weekend I run a full backup onto a 2.5" external drive, of which I have two. Each Monday I swap out the drive and leave it in my desk at work, just to have an off site backup. Looking into getting a cloud storage option in place, as well.
 
Thanks for the info @. 😉
F
Userlevel 7
Badge +48
Thanks @ for answering a few questions this morning and for everyone that attended.
 
If you haven't seen it already, Tyler shot video on ransomware and how to best protect yourself online: 
 

 
We'll be looking to do more of these LIVE Q&A's in the coming months. In fact, our next one will be at the end of this month focused on taking control of your privacy and protecting yourself on the go using a VPN. Be on the lookout for dates and times soon! 
 
Thanks again! 
 
 
B
Rank
I received my.gift card yesterday. Just wanted to say thanks and 'Holy Crap'! :p
I had no idea there was a.gift card involved, when I participated, let alone a $100 one! :S 
 
Thanks very much @, @, and Webroot for the generous.gift. It will come in handy at Christmas-time. ;)
 
Thanks again!
LLiddell
Userlevel 7
Badge +36
@ wrote:
I received my.gift card yesterday. Just wanted to say thanks and 'Holy Crap'! :p
I had no idea there was a.gift card involved, when I participated, let alone a $100 one! :S 
 
Thanks very much @, @, and Webroot for the generous.gift. It will come in handy at Christmas-time. ;)
 
Thanks again!
No problem! Thank you for participating 🙂
B
Rank
You're welcome, Lara. I'm glad I did! 😃
F
Userlevel 7
Badge +48
Thanks so much @! I'm glad you liked the surprise! 
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
@ wrote:
I received my.gift card yesterday. Just wanted to say thanks and 'Holy Crap'! :p
I had no idea there was a.gift card involved, when I participated, let alone a $100 one! :S 
 
Thanks very much @, @, and Webroot for the generous.gift. It will come in handy at Christmas-time. ;)
 
Thanks again!
Congratulations @
B
Rank
Thanks, Jasper. It was a nice surprise. I just happened to be at the right place at the right time that day of the Q&A. 😉

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.