Hoax Ransomware Emails: How to Stay Safe

26 November 2018 by Jenn Granger

In recent weeks, we’ve seen a worrying trend in fake ransomware emails telling people across the globe that they’ve been hacked and demanding a fee be paid to release their private details.

Here, we take a look at what these ransomware emails look like and what you can do to prevent your details being leaked to tricksters.

What does the ransomware email say?

Hoaxers are sending out emails telling people that they posted a Trojan virus on illicit sites and that, as a result, their details have been hacked. The malicious actor says they have webcam footage of the person who’s been ‘hacked’ watching footage on these sites – these emails are extremely convincing and can cause genuine fear to strike!

The fraudsters are demanding sums of around $800 – which some people have reportedly paid. The emails detail a user’s correct access password and email address.

Some people have confirmed they have found their details on www.haveibeenpwned.com, confirming this email is from pre-existing breaches. Your primary security step should be using different passwords for different services, using a password manager to keep hold of your various different passcodes.

Security & UKFast

Cybersecurity is something we take incredibly seriously at UKFast. We ensure that our password verification system and your data is fully encrypted at all times:

• All passwords are stored encrypted in the database using AES 256 encryption. This is the only place they are stored – they are not stored anywhere else in plaintext.
• The only place this can be changed is through MyUKFast, in which all traffic is encrypted using TLS 1.2.
• When a customer calls UKFast and provides information over the phone, only certain characters of their passcode are requested, never the whole password. UKFast never asks you for your full password as all systems-only requests are a randomly generated section of the client’s passwords and verifies if these match the characters stored in our encrypted database.
• The UKFast CRM prompts for characters at different positions and verifies if they match.

What can I do to prevent being exploited by these emails?

While, in this instance, the emails are fake and you should block the user and report them to the ICO, there could be a time when these messages are very real. Here’s what you need to do:

1. Use 2FA (for everything!)

Be proactive when it comes to your security and protect your programmes with two-factor authentication (2FA). 2FA means that even if hackers get hold of one of your passwords, it is useless without knowing your second log-in. UKFast gives you the option to use 2FA for your server solution. If you aren’t using it already, head to MyUKFast to update your account settings.

2. Generate strong passwords

There are external sites that can do this, however, you can ensure your passwords are strong by including punctuation and numbers as well as upper and lowercase letters. Passkeys can be actual words, a combination of random characters or passphrases (longer, complex sentences) which are super-tricky to crack: make your password totally unique.

3. Never use the same password for anything!

While we know it’s tricky to keep track of all those full stops, digits and bizarre turns of phrase, ensure that you have a different (strong) password for everything you use. One of the most common mistakes that people make is using their LinkedIn password for their work programmes. Sound the klaxons! This is an absolute no-go. In fact, we’d say it should be on the first page of Cybersecurity 101. You can store (and generate) your complex passwords in a password manager.