Cybersecurity Blog

ALERT – Bad Rabbit ransomware attack – 10/25/17

 

The US Department of Homeland  Security has issued an alert for the Bad Rabbit ransomware strain. It has crippled organizations in Russia and the Ukraine and has been found in the US. It is only a matter of time before it begins appearing here.

What does it do?
  • It encrypts your files and extracts the login credentials for your computer.
How do I know I have been victimized?
  • Your computer will start to run slowly.
  • You are directed to a webpage that gives you 41 hours to pay the ransom to get access to your files or the ransom will go up.
How do you get infected?
  • When visiting a legitimate website, a pop up appears asking you to install Adobe or the Adobe Flash Player.
  • Downloading and installing either of these programs installs the ransomware.
What is IT Services doing to fight this attack?
  • Our anti-virus is up to date.
  • We are actively monitoring systems to detect any abnormal activity on the network.
What can I do to fight this attack?
  • If you are prompted to download Adobe Flash Player or Adobe:
  1. Close the browser tab that contains the prompt.
  2. Open a new browser tab and visit www.adobe.com/ca.
  3. Search the Adobe website for the application and download it from there.
  • If you are a victim, disconnect from the network immediately (pull the network cable or disconnect from WiFi) and contact the IT Service Desk at 403-440-6000.

If you have any questions or concerns, please contact the IT Service Desk.

Las Vegas Victims Charity Scam – 10/12/17

 

Just like clockwork, the scammers have surfaced to take advantage of the tragic shooting in Las Vegas. The have created fake gofundme pages, fake facebook pages and fake charity sites all designed to tug on your heart strings and take your money. They are enticing you to visit these fake sites by sending texts and emails encouraging you to donate and help out the unfortunate victims.

At the very best clicking one of these links or visiting one of these websites will result in the donation going to the scammer. At the worst, your financial information can be compromised or malware can be loaded onto your computer.

If you wish to donate, be careful of the sites you visit. Use a google search or bookmark to find your favorite charity.  Ignore facebook posts, texts and emails asking you to donate as they could be set up by scammers.

Want to donate, but you aren’t sure who is legitimate? Visit www.charitynavigator.org. This free website will let you know if a charity is legitimate or a scam.  By being aware, you can make sure your money goes to the victims and not the criminals.

Latest Windows update patches 62 vulnerabilities – 10/11/17

 

In past posts I have talked about the importance of keeping your computer up to date by shutting it down each night. This week that is more important than ever. On Tuesday MIcrosoft released its latest updates for Windows, Office and other software which includes patches for 62 different vulnerabilities.

What is so important about patching these vulnerabilities? Hackers have known about some of these for a while and have already created malware that takes advantage of them. Keep your machine secure, shut down your machines this afternoon and get your updates.

ALERT – Phone scam targeting Mount Royal University – 10/11/17

 

Residence Services is reporting voice mail messages are being left on their phones threatening legal action if the call is not returned. The callers are requesting banking information and are calling from a 705 area code.

If you ever receive a threatening phone call requesting banking or personal information over the phone:

  1. Politely inform the caller you will call the organization or institution directly.
  2. Hang up.
  3. Call the organization or institution directly using a phone number that you know is legitimate. Do not use a phone number given to you by the caller.

Remember, if the call is legitimate you will be able to contact the caller through their organization/institution general contact number. If you cannot, you know the call is a scam and can ignore it.  For more information on phone scams, check out the Crime Stoppers Telephone Scams page.