Ransomware is currently one of the most significant security threats to small businesses in Australia. Criminal gangs spread this malicious software via convincing spam emails to extort payment from the victim.
Ransomware is a type of malicious software (malware) that encrypts (or locks) the files on a computer, making them inaccessible. Once the malware has been downloaded on the victim’s computer, the victim receives a message on their computer screen from the criminal (the ransom note), advising them that their files have been locked, and demanding money in return for unlocking the files.
In 2015, the Australian Competition and Consumer Commission (ACCC) received more than 4,400 reports of ransomware with small businesses and consumers reporting losses of nearly a million dollars as a result.
This figure likely represents only a fraction of the total victims of ransomware, as not all victims are willing to report the crime. Cybercriminals usually demand victims pay the ransom in virtual currencies, such as Bitcoin, which is difficult for law enforcement to trace.
“Several people reported losing over $10,000 to these scams, which can have a devastating effect on a small business,” says ACCC Deputy Chair Dr Michael Schaper. “Ransomware can also see your business losing all of its business and financial records, which may be catastrophic.”
ACCC recommended steps to protect your business from ransomware
- Do not open attachments or click on links in emails or social media messages you’ve received from strangers – just press delete.
- If you want to access footage or information about major or breaking news, use a reliable news source rather than an unknown web link.
- Be wary of free downloads and website access, such as music, games, movies and adult sites. They may install harmful programs without you knowing.
- Always keep your computer security up to date with anti-virus and anti-spyware software, and a good firewall. Only buy computer and anti-virus software from a reputable source.
- Use your security software to run a virus check if you think your computer’s security has been compromised. If you still have doubts, contact your anti-virus software provider or a computer specialist.
- Keep your office networks, computers, and mobile devices secure. Update your security software, change passwords and back up your data regularly. Store your backups offsite and offline. Stay Smart Online explains how to back-up your data (link is external) and secure your mobile devices (link is external).
If you think you have provided your account details to a scammer, contact your bank or financial institution immediately.
We encourage you to report scams to the ACCC via the report a scam page. This helps the ACCC to warn people about current scams, monitor trends and disrupt scams where possible. Please include details of the scam contact you received, for example, a screenshot.
Spread the word to your friends and family to protect them.