In recent weeks, we’ve seen a worrying trend in fake ransomware emails telling people across the globe that they’ve been hacked and demanding a fee be paid to release their private details.
Here, we take a look at what these ransomware emails look like and what you can do to prevent your details being leaked to tricksters.
Hoaxers are sending out emails telling people that they posted a Trojan virus on illicit sites and that, as a result, their details have been hacked. The malicious actor says they have webcam footage of the person who’s been ‘hacked’ watching footage on these sites – these emails are extremely convincing and can cause genuine fear to strike!
The fraudsters are demanding sums of around $800 – which some people have reportedly paid. The emails detail a user’s correct access password and email address.
Some people have confirmed they have found their details on www.haveibeenpwned.com, confirming this email is from pre-existing breaches. Your primary security step should be using different passwords for different services, using a password manager to keep hold of your various different passcodes.
Cybersecurity is something we take incredibly seriously at UKFast. We ensure that our password verification system and your data is fully encrypted at all times:
While, in this instance, the emails are fake and you should block the user and report them to the ICO, there could be a time when these messages are very real. Here’s what you need to do:
1. Use 2FA (for everything!)
Be proactive when it comes to your security and protect your programmes with two-factor authentication (2FA). 2FA means that even if hackers get hold of one of your passwords, it is useless without knowing your second log-in. UKFast gives you the option to use 2FA for your server solution. If you aren’t using it already, head to MyUKFast to update your account settings.
2. Generate strong passwords
There are external sites that can do this, however, you can ensure your passwords are strong by including punctuation and numbers as well as upper and lowercase letters. Passkeys can be actual words, a combination of random characters or passphrases (longer, complex sentences) which are super-tricky to crack: make your password totally unique.
3. Never use the same password for anything!
While we know it’s tricky to keep track of all those full stops, digits and bizarre turns of phrase, ensure that you have a different (strong) password for everything you use. One of the most common mistakes that people make is using their LinkedIn password for their work programmes. Sound the klaxons! This is an absolute no-go. In fact, we’d say it should be on the first page of Cybersecurity 101. You can store (and generate) your complex passwords in a password manager.
For more information and a complete list of UKFast’s top advice on dealing with blackmail emails, read the blog here