August 10, 2016
Hello, it's Malware Calling!
Never download a file from an unfamiliar domain; the first commandment of IT Housekeeping. Phishing emails are out to get you with friendly file names (‘Nan’s Wedding Pic’), seemingly helpful suggestions (‘new voicemail!’), or peevish requests for late payments. According to Get Safe Online, 26 percent of victims surveyed had fallen for a phishing scam.
What about when you receive something from a business you do know? What about a business of whom you are a customer? You could be forgiven for thinking that, in those instances, the coast is clear. Especially when they’ve gone to the trouble of sending you something by snail-mail; a harmless USB stick.
Apparently not. Business customers of O2, a leading mobile network provider in the United Kingdom, received a USB stick in the post this week. Unfortunately, it was infected with Malware. According to news website The Register, O2 realised their mistake immediately and attempted to notify their client base. An email titled, “Urgent: Information about potential virus”, warned customers:
“The virus has the ability to install new programs onto your system including updated versions of itself and programs that might grant the virus’s author remote control over your computer. If you have already and your antivirus has flagged a risk, please follow the instructions your antivirus software gives you and then remove and dispose of the USB.”
However, this warning may have come too late for some. A recent Datto EMEA survey of Partners has shown that 92% of respondents had suffered Ransowmare infections in spite of Anti-Virus.
An O2 spokesperson has said, “For any customers that have already used the USB or are concerned, we have a specialist team on hand to support them and guide them through any action they may need to take.”
Unfortunately, there is no catch-all cure for malware. The only sure-fire way to rid a system of the virus (without paying a ransom and fuelling the cyber criminals) is to roll back to a time prior to the infection using a Total Data Protection platform such as Datto.