At the moment, we’re hearing a lot about cyber scams. There’s now another new method to be cautious of.
Cybercriminals are clever. They’re constantly coming up with new ways to gain access to your important data via your devices and networks.
Fortunately, the defense weapons continue to get stronger and stronger to help protect you. Some email systems can now identify malicious messages and threats.
However, if your website has a contact form as most do, you are now exposed to a new threat. That’s because cybercriminals use online forms to distribute malware.
They contact you as a potential new client and request that you give them a quote for your products or services.
When you reply, they’ll send you a file, which they claim is pertinent to your conversation, once you respond to their request.
The attachment however will not be included in the email. They’ll send it through a file-sharing service, where you will have to click a link in the body of the email and download the files from a 3rd party website. This will help evade your email provider’s security measures.
Consider the psychology of the situation. Because they believe they are dealing with a potential new customer, whoever is in charge of this communication is likely to open the files without thinking.
The fact that the discussion began with a contact form has lowered their natural wariness. They simply want to close the deal!
Once the file is opened, it gives cybercriminals remote access to your device. They can then launch a malware or ransomware assault on your entire network. The ransomware encrypts your files and displays a message on your screen that informs you that if you do not pay the ransom, your data will be deleted.
It is something you want to avoid at all costs. This is when your data is encrypted so you can’t use it. You also have to pay a large ransom fee to get it back, but there’s no guarantee the payment will work, or that you will get all your data back.
According to the experts, this variant of attack was initially attempted on larger corporations in December 2021. But they’re just starting to catch on with small and medium-sized businesses being targeted. And it’s gaining more traction, they say.
It’s critical that you and your staff verify every request submitted on your website is genuine. And, unless you know the sender 100%, don’t open any attachments emailed to you.
All Business Technologies specialize in keeping businesses safe and protected and training your staff on the big threats to avoid. If we can be of any help, please reach out for a free cyber security assessment.