Tag: cybercriminals

Beware Holiday Shopping Scams | Cybercrime

Better Watch Out – Better Beware… of Holiday Cybercriminal Scams

The festive season is here again and it’s almost time to take a well-deserved  break. Unfortunately, cybercriminals never seem to take a day off – and that means we all need to be extra alert to holiday shopping scams in December and January.

Before you pack up for the holidays, it’s essential to make sure that your data security is as tight as possible.

Let’s take a look at some of the most common holiday scams you’ll encounter online and how to avoid them.

be careful what you phish for

Phishing scams have become so common that it almost seems like a cliché to fall victim to one – and yet so many of us still do.

Scammers take advantage of year- end sales and Christmas specials to send fraudulent emails to unsuspecting people and businesses at this time of year.

If you’ve received tons of promotional emails in the past few weeks, you can imagine how easy it might be for an unsuspecting victim to open one of these, love what they see in the cleverly produced images, and click on a link that leads to a dangerous URL.

  • There are options when it comes to avoiding this type of scam: either make sure that the emails you open really come from a well-known company or don’t open them at all.
  • You can just as easily browse your favourite e-commerce website and see what Christmas and New Year’s specials they have to offer.

did I really order that?

If you see an order confirmation or delivery email pop up in your inbox in the next few weeks, you’ll you want to check carefully and make sure that you haven’t been the victim of a scam.

This time of year is the season for packages and deliveries, especially now during the pandemic. That means that you are probably expecting to hear from various courier companies, especially as Christmas approaches. Scammers rely on this fact to fool their victims into opening fraudulent emails and the results could spoil your Christmas and New Year entirely.

To protect yourself, make sure that the email is from a legitimate address and contains your personal details as well as the order number you received when you purchased your goods.

When in doubt, it’s always a good idea to contact the courier directly by phone and confirm that the correspondence is legitimate.

avoiding the holiday shopping scams grinch

Make your online holiday shopping merry and bright rather than dark and dreary by sticking to a couple of basic rules:

  1. Keep a watch over your spending and spend – try to stick to using only one credit card online, in this way you’ll be able to see exactly what you’ve spent at a glance, and keep tabs on any unusual activity on your card.
  2. Make sure that the sites you use are encrypted and if you are shopping online in a public space – lock down your devices and online accounts before you start to shop. If you are really concerned about the public connection rather use the connection on your smartphone.
  3. Update your operating systems and use 2 factor authentication wherever possible.

Cloud storage is the gift that keeps on giving

By taking the right precautions, you’ll increase your chances of a safe and stress-free festive season. For added peace of mind, our range of secure cloud storage options will help make sure that your business information is kept safe in 2022 and beyond.

Best Password Advice | Passwords

Passwords – Then and Now

In the ‘good’ old days before the internet became our backyard, ‘passwords’ applied to secret dens at the bottom of the garden. Password advice was only given out to those granted secret access to these dens as part of the gang.

Of course, not all passwords in those days related to childhood games, but the point remains, they were not a massive part of everyday life. You certainly didn’t need them to make a phone call because phones then were used for calling people. Computers were around, but cybersecurity was still relatively unknown and password advice a thing of the future.

fast forward to the use of passwords today

Today, you need a password to log onto your phone, passwords for every app and more passwords to make changes on the said apps. The simple task of accessing your bank account or paying your electricity bill can also require multiple passwords.

Popular advice states, ‘don’t write a password down.’ However, when you consider the veritable bible of passwords required to access your various online accounts and data, the thought of storing them all in your head can be rather daunting and near impossible.

Which brings us to our next point, the cardinal sin of using the same password for multiple accounts. Hackers love this attitude, guess one, and you guess them all. This being the case, it makes sense to create random passwords with words that are not easy to crack, differ for each account or log-in, and are easy to recall but near impossible for a would-be hacker to guess.

Sound like the unicorn of passwords? Well, using three random little words is actually easier than you think!

why three random words?

Memorising complex combinations of letters and words isn’t one of our strong points as humans. Instead, our memory recall relies on predictable patterns and numberings to file them away safely in our brains for future use. If the combination is too complex, we forget and so resort to the ease of using the same password repeatedly.

The concept of using three random words as a password is simple. Pick a phrase or combination of three words and use this as your password rather than using a single word followed by a predictable exclamation mark or hashtag sign. This approach keeps hackers guessing and makes you less vulnerable to pesky cyber criminals.

why random words make sense

  • Longer passwords make it near impossible for hackers to bypass your security.
  • The words contain information essential only to you and are relevant to the site or app.
  • Multiple words increase the range of possible passwords for hackers to consider.
  • They are easier to enter than complex passwords with numbers and special characters.

If you are required to include numbers and symbols to the password, add them at the beginning and end of your random words. For example, you could use 3GreenHealthyApples#! as your password for a health app.

our parting words on the best password advice

Keeping up with the best password advice is essential if you don’t want to fall victim to opportunistic criminals. Use the tips and advice above to ensure that you’re always one step ahead and that your data and devices are always safe. Oh, and find a password manager that works for you, not the hackers…

Got some password tips and advice of your own to share? Let us know in the comments and let’s share our tips!

Your Guide to the Best Email Security Practices

Every time you send and receive an email, you’re taking a risk. There’s ransomware, phishing, viruses, and compliance violations to be wary of. From CEOs of big corporations to secretaries who manage client emails all day every day, everyone needs to be aware of the best email security practices to follow to ensure that your emailing behaviour doesn’t become the very thing that brings your company to its knees.

To take the guesswork out of the process of drawing up an email security strategy, we’ve included some tips and advice for the correct and most effective security practices for your business. Before we investigate these practices, let’s learn more about the risks involved in using email.

the common threats

Regardless of its size, every company must have a cybersecurity strategy in place, and email security forms part of that.

Many people believe that as they aren’t sending or receiving particularly sensitive information, it doesn’t matter whose hands their email falls into. However, this is a risky mindset as hackers aren’t only interested in your email content. They want access to an even bigger network and the front door for them is through your email.  Once a hacker has access to your emails, the online world (your online world) is their proverbial oyster.

Cyber hacks and attacks are ever-changing. Over the years, they have progressed from simple phishing links to complex social engineering tactics and email security should form a critical part of your overall cybersecurity.

what to be aware of

Knowing what to watch out for is important. Here’s what to keep an eye out for.

These are emails that request money and sensitive information from a user. Spear phishing is when ‘someone else’ impersonates ‘someone you trust’ to get information out of you. You might receive an email stating, “Your online banking profile number and pin is going to expire in three days. Click on this link to register your new profile and pin.” Everything might look legitimate, but it’s not!

  • social engineering

Ever received an email or a pop up that says, “OMG, it looks like you in the video!” – well, that’s social engineering at play. This is when cybercriminals rely on you to click on a malicious link or attachment.

  • business email compromise

This is a form of spear phishing where a cybercriminal impersonates the CEO of a company or a manager. This type of scam relies on employees sharing sensitive information, which can be used to steal business data and even money.

  • spam

You know those emails that say, “You’ve just one a R1 000 Woolworths voucher!”? Well, this is known as spam, and most often, we fob them off as an annoyance when we click on it, and it takes us seemingly nowhere. What you’re not expecting is that a bot, instructed by the cybercriminal, sends you that link and when you clicked on it, spyware, malware or even ransomware is installed on your computer.

  • malware

Malicious software, called “malware,” often presents in the form of a Trojan, ransomware or some other program that attacks your computer system. In most instances, the files on the computer are encrypted, and you are requested to pay a ransom to get the key to unlock the encrypted files. Some types of malwares can get access to your computer camera or your entire device, which means they see what you see and do! Obviously, that’s a big risk.

  • botnet and ddos

Largescale spam and phishing campaigns are often managed by botnets which are groups of devices that are under the control of a cybercriminal. Often, these devices are used to overload a system or network in hopes of making it crash. This type of attack can cause absolute mayhem.

tips to the best email security practices

Email security is all about building as many walls as possible between your data and the cybercriminal. Cyber security should be no different to virtual security with multiple barriers making entry virtually impossible.

  • Educate employees on best email security practices such as never clicking on unexpected attachments and links;
    • Put rules and guidelines in place for all work email security.
    • Make sure that your employees understand what kind of sensitive data they are likely to be handling.
  • Encrypt sensitive email attachments through a secure hosting service.
  • Activate 2 factor authentication – this will tighten up access points from end-to-end, which includes email.
  • Add legal disclaimers to your emails so recipients are aware they cannot send that email on to anyone.
  • Regularly change email passwords (and ensure they are difficult passwords)
  • Do regular encrypted data backups just in case you ever fall victim to malware
  • Update your operating system to avoid software vulnerability which is often corrected with updates.

How do you ensure that your company uses email safely? Share your tips and advice with us today!

Virgin Active, Latest Victim of a Cyberattack in South Africa

May brought with it an unhealthy surprise for Virgin Active South Africa, the country’s largest gym chain. A cyberattack on the fitness group carried out by what the company refers to as “sophisticated cybercriminals”, is the most recent attack in South Africa by modern-day hackers.

If you were struggling to access your Virgin Active account online, now you know why!

The company took all services offline while they implemented measures to protect the data of its customers. All South African branches spent a week acting on a first-come-first-serve basis, which of course, lead to a degree of disgruntlement.

While there was no indication that any data had been removed from the systems, Virgin Active told customers that clubs would be operating as normal but advised that they should remain vigilant of any suspicious activity on their accounts. Forensic experts were hard at work trying to ascertain the extent of the attack!

business as usual, kind of!

Virgin Active doors remained open, but customers had to adapt to booking classes by phone or in-person, with online workouts out of the question for some time.

Regular gym-goers used to racking up points on a weekly basis became a little concerned about what this would mean for their benefits. In an attempt of goodwill, Virgin Active reassured customers that they would be awarded the full points for the week that they would have otherwise accrued.

virgin active’s response to the latest cyberattack in South Africa?

People want answers, and while those answers are sketchy right now, one thing is evident; the security of Virgin Active customer data seems to have been a top priority and that there was no negligence involved.

The company is adamant that the security practices of the brand are top-notch and that all security audits leading up to the attack were passed. Also, all financial and banking data of customers on the system were data encrypted, which leads to a massive amount of customer relief!

While Virgin Active is still to release the full details of the cyberattack, it’s reassuring for members to know that the company followed reasonable protocols in the face of the attack. The company notified the SA Information regulator and worked closely with law enforcement to ensure that all bases were covered.

last word

Cyber experts warn that it’s only a matter of time before other companies fall prey to similar data attacks in South Africa. Businesses and individuals are advised to change their passwords frequently and to ensure that they don’t use the same password across different websites.

Were you affected by the latest Virgin Active cyberattack? Let us know how you were impacted – we’d love to know!

 

Is the latest iPhone iOS update worth your time?

With iOS 14.5 now available, the question begs to be asked; is the new update really worth your time, and if it is, what exactly has changed or improved?

Digital giants are constantly releasing software updates for their devices, some small and relatively insignificant while other updates have a significant impact on the performance of the app or the device.

The new update comes alongside iPadOS 14.5 and WatchOS 7.4. That means it offers the Apple Watch unlock feature and App Tracking Transparency. Some say that the new features were designed to appeal to a world in the midst of a pandemic and, of course, to those worried about what happens to their data and their money in a world of digital payments.

So should you get the new iPhone iOS update? Without a doubt!

The new update comes hand-in-hand with iPadOS 14.5 and WatchOS 7.4. That means it offers the Apple Watch unlock feature and App Tracking Transparency. Some say that the new features were designed to appeal to a world in the midst of a pandemic and, of course, to those worried about what happens to their data.

ios 14.5 update #1: apple watch unlock

Apple watch unlock is for people on the move who want to comply with COVID-19 regulations (i.e., wear a mask at all times in public). As Apple devices have progressed over the years, the fingerprint ID feature is no longer. Now, Apple devices work purely on facial recognition, and you know what that means? It means you have to remove your mask to unlock your phone.

The new iOS 14.5 update enables users to unlock their mobile devices using their Apple Watch, eliminating the mask issue. Of course, you need to have an Apple Watch, and it must be running the Watch OS 7.4 version.

You can set up this feature in the following way:

  • On your mobile device, open settings.
  • Select “Face ID” and then “Passcode.”
  • Look for the toggle labelled “Unlock with Apple Watch” and select it.

Now you can unlock and relock your iPhone using your Apple Watch.

ios 14.5 update #2: app tracking transparency

This feature is for those worried about the safety of their personal data when using online services and applications.

By now, you’re aware that the apps you use (yes, including social media apps) track your user activity and data. The app tracking transparency feature requires these apps to ask your permission to do so. When you’re on a social media app, you will receive an alert asking if you want to allow the app to track your activity across other services and applications. You can switch off app tracking altogether or go to “Privacy” on your device settings and select which apps you want to disallow and allow monitoring.

additional features of ios 14.5 update

There are, of course, other features included in the iOS 14.5 update that aims to make the user experience more enjoyable and convenient. These include improvements to Siri, updates to the Podcast app, a selection of fun new emojis, Apple News updates, and various bug fixes that make the software run smoothly.

last word

If you want to take our word for it then the iOS 14.5 update is definitely worth your time, particularly if you want to ensure that you’re following COVID-19 regulations and keeping your personal data safe and secure. Download it today when you do your next online backup!

Mobile Health Apps Need Better Health to Reduce Cybersecurity Attacks

Mobile health apps are becoming more and more popular in modern medicine enabling hospitals to collect and share patient information on an anywhere-anytime basis.

Health apps also help to deliver a streamlined and beneficial process allowing hospitals and doctors to track and manage patient health and giving patients access to their medical data at the push of a button. The problem though is that many of these apps have been developed at high speed focussing more on innovation than security leaving the apps vulnerable to cyber-attacks.

why are cybercriminals targeting mobile health apps?

Mobile health apps amass detailed profiles of their users, making them a prime opportunity for cybercriminals to jump in and steal valuable user data. Some of the information includes an identification number, cell phone numbers, email addresses, banking details, and physical addresses. The personal information can be used to carry out identity theft, guess login details for accounts, and even make online purchases (especially if they encounter saved card details online) and there is big money in the ‘full medical record’.

Pair all the above sensitive personal data with vulnerable cybersecurity measures, and you have a big problem. Stored patient records make for a cybercriminal field day! Crime syndicates are quickly catching on to the fact that mobile health apps have inadequate data protection, which puts hospitals and patients in a precarious position. Measures need to be put in place swiftly to avoid significant repercussions.

authorisation and authentication

Authorisation as a step of security on these apps is not sufficient. Pairing authorisation with authentication may be the solution to the above problem.

Name and password authentication is no longer an adequate cybersecurity level, particularly with apps that store such a vast amount of personal data. App designers need to implement a further step of authentication as an added security element, which can be implemented in multiple ways.

One of the most common added security layers these days is a one-time pin (OTP) number that is sent to the users’ mobile device. Without the OTP pin, there is no access to the profile.

Avoiding user-only input and requiring a one-time pin generated from an external source is a simple yet effective solution to the problem. This simple step should reduce the number of cyberattacks on mobile health apps.

The issue of authorisation without authentication is not limited only to mobile health apps – it would seem to be a common security flaw in many apps. The concern with health apps, however, is that they contain far more personal data, making them a hot target for cyber-criminals as a “jackpot” of user data.

conclusion

Mobile Health Apps can save lives but there is no denying that cyberattacks are on the rise and these health apps are being targeted. It is up to both developers and hospitals to partner together and go the extra mile to ensure all users are sufficiently protected against possible cyberattacks. With the right crypto applications, end-users can ensure that they keep their data and privacy safe from cybercriminals.

Just how much is your personal data worth on the dark web?

To many, the “dark web” only really exists in chilling movies. The reality, however, is that the dark web exists in our lives, and it can have a dire impact on you and your loved ones if you’re not careful.

The thing about falling victim to criminals who lurk on the dark web is that it can take you completely by surprise. It’s all far too easy to unwittingly give someone all the information they need to ruin your financial life. Consider what’s involved when starting a new online job or opening a seemingly legit online account.

You may not appreciate the risk of emailing a copy of your ID to a company that requests it, but what if the person requesting the file is just a poser (not a real representative of the company)? The poser then sells the copy of your ID to unscrupulous criminals through the dark web. After all, they can’t exactly advertise your ID in the local newspaper.

how much is your personal data worth?

Criminals on the dark web actively advertise for the personal data of individuals and companies, often paying over ridiculous amounts for specific data records. They have become so flagrant and so commercialised that they even offer loyalty schemes and rewards programs for people who can sell them bulk lists of personal data.

What’s in the data, and how do the criminals score? It’s not just your name, surname, and ID that these criminals can get their hands on. It’s also your credit card and banking details. With your personal data, they can create fake documents, open loan accounts, impersonate you, and even steal your identity.

the dark web is like a freelancing site for criminals

It’s hard not to compare the dark web to freelancing sites.

Cybercriminals simply post an ad for the personal data they want and attach a price to it. A “freelance” criminal will then set out to find these details to hand over to the criminals in exchange for payment.

Stolen PayPal details, for instance, can net a cybercriminal just less than R3 000, while Master Card PINs will get you just over R200. These amounts make you realise why so many criminals are willing to spend a large portion of their time scouting around for criminal opportunities.

vigilance is key

Protecting yourself is all about being vigilant. You should be aware of the risks and ensure that you don’t become complacent with your personal data.

  • If you need to store a copy of your ID, don’t store it on your phone. Rather back it up to the cloud and make sure that it is data encrypted.
  • If a company asks for your proof of address and a copy of your ID online, take the time to research the company to ensure that they aren’t a scam.
  • Never throw your credit card statements with all your particulars on them in the regular trash.

in conclusion

The more aware and alert you are to cybercrime, the safer you can keep your personal details. Take the time to regularly change your passwords, back up your personal data to the cloud (encrypted), and never share your personal particulars with anyone.

The Serious Consequences of Bad Data Security Practices

Online shopping and digital payment systems were already on an upward trend before COVID-19. The pandemic only served to catapult businesses into embracing digital business formats ahead of schedule and now, more than a year in, retailers and small business owners are reaching a broader audience through their online services.

As we begin to settle in to a new state of normal, online shopping continues to soar, as do bad security data practices. In the rush to go digital, many companies have not given due consideration to data security and what happens when the correct measures aren’t set in place to protect consumers.

With consumers turning to digital shopping for lifestyle and convenience, “cash is king” is no longer relevant. Even if COVID-19 had to disappear tomorrow, it’s doubtful that consumers would go back to the old way of shopping.

A look at the current digital business environment shows us that companies are now using cloud-based point-of-sale systems as well as online networks to share, store, and access important company information. With such an upward trend in online transactions, the inevitable is happening; cybercriminals are starting to take note and pay attention to them. Modern cyber crooks are finding new ways to take advantage of people and businesses online.

bad data security practices an incentive for cybercriminals

In 2017, the retail giant Target paid the biggest data breach settlement in history to opportunistic hackers who had gained access to the payment details of their 41+ million customers.

With corporates showing that they are willing to pay what it takes in order to get their data back, the bar is set much higher for cybercriminals giving them far more incentive to exploit the weaknesses in the design of payment systems.

avoiding bad data security practices

The fact that Target was forced to pay a ransom as a consequence of bad data security practices was a costly lesson to many. What needs to be done now is that companies should seriously consider what they can do to avoid being hacked in the first place so that they don’t have to resort to the same behaviour.

Business owners need to spend more time ensuring that they select the correct security software for their business.

Tighter digital security practices can go a long way towards deterring point-of-sale system hacks.

If your business processes credit card payment information online, then protecting your point-of-sale system should be your number one consideration. In fact, you shouldn’t process even one payment online until you are 100% certain that your security system is well suited to your business and that it is running optimally.

make end-to-end encryption a priority

Don’t overlook the importance of end-to-end encryption when data is exchanged between two points. When the data is encrypted from both sides of the transaction it remains private throughout the process, making it less attractive to possible hackers. Even law enforcement can’t view a person’s data when it is end-to-end encrypted.

make two-factor authentication mandatory

Nobody wants to force their customers into doing anything, but you might want to put a bit of pressure on them to activate and make use of two-factor authentication.

Educate your customers. Let them know that when they sign up for an online account that they can access via log-in information, two-factor authentication should be the norm. This means that a customer will have a second layer of defence and will be the first to know if someone has accessed (or is trying to access) their account.

take heed – protect your company data today

No business is too big or too small to be the victim of a data breach. Hackers don’t discriminate and they don’t take pity on any company they target.

The reputational damage that a business suffers after a data breach is far more damaging than the monetary loss. Pay attention to the warning signs and don’t wait until it’s too late. Install encrypted data backups and look into various other ways of installing safety systems to protect your customers – and your business.

Pillow Talk – The Side-Channel Attack

It’s an accepted fact that no one would hand over their sensitive information and data to a stranger or criminal knowingly. But what if you’re doing just that each time you use your computer and are simply unaware of what information it’s spewing out, behind your back (or behind the scenes!)?

Let’s talk about what it is exactly that your computer might be doing behind the scenes, that may (in fact it will) lead to a side-channel attack.

What is a “Side-Channel Attack”?

A side-channel attack is quite simply your computer’s inability to keep a secret. Your computer might be giving away just a little too much information which to the average human would prove uneventful, but to a cybercriminal, is gold!

Side-channel attacks are quite smart in that a hacker can learn to read and make use of the little ‘tells’ and patterns in the information given off by every device.

Take for example the electric emissions on your computer’s hard drive and monitor. Different emissions are given off depending on what information is being processed by the hard drive or displayed on the screen in the way of time, power, sound. A side-channel attack by a clever hacker exploits these physical effects to gain the secrets in the inputs and outputs of the algorithms.

Consider the burglar who uses a stethoscope to open a safe by listening for the telltale clues in the dial clicks. The unintentional tactile and acoustic clues given off by the safe’s mechanical physics are the same as a side-channel in your computer. Each uses different techniques to process and learn the secrets within.

The Modern Hacker is Smarter Than We Think!

Many people see online criminals as dodgy individuals who send out poorly worded emails complete with bad spelling, simply taking a chance and preying on the weak.

In reality, the modern hacker and online criminals are far smarter than that… in fact, they’re incredibly sophisticated these days.

Remember all those years of study that you put in to become an expert in your field and in preparation for your career? Well, a cybercriminal is constantly analysing and refining his ‘skills’, searching for new techniques to decrypt and steal data. This means that they are always getting better at getting what they want – which is usually your personal information and your hard-earned money!

Any information that is accidentally leaked can be used for evil deeds by a skilled hacker and this unintended information is being sent back and forth constantly. If the simple sound of a person typing in their banking particulars on a computer keyboard can reveal an inner layer, imagine how much more information can be acquired if a hacker gains access to your mobile phone microphone or camera.

How to Avoid Side-Channel Attacks

There are several ways that cybersecurity experts can help you to avoid a side-channel attack. In most instances, randomisation is used to ensure the order of operations on data is constantly changing. Pre-charging registers and buses to minimise the generation of power-leakage signatures is also often used. Some companies go as far as processing regular dummy operations to reduce the effectiveness of cybercriminals when it comes to signal-to-noise ratio attacks.

It’s a good idea to ensure that you don’t actively store sensitive data on your device just in case a cyber-criminal gains access to it. Encrypted data backups can help with this. You should also make sure that your passwords are regularly changed and that you activate two-factor authentication, to ensure an extra wall of defence is in place.

Ready to start protecting your data and take the required steps to do so? Contact us at Soteria Cloud today.

COVID-19 Tracing Apps Disguised as Ransomware

As COVID-19 tracing apps roll out across the world chances are good that one will be coming to a phone near you, soon. Whether these apps slow the rate of infections by identifying people potentially exposed to the virus, who then need to self-isolate to reduce further exposure – is still unproven, yet varying apps are emerging.

When Canada recently announced the future roll-out of a COVID-19 contact tracing app, the interest of millions was piqued – including cybercriminals’.

In fact, just 2 days after the announcement in Canada – and even before the tracing app went live – cybercriminals got to work on creating websites that appeared to be offering the app for download. The reality, of course, is that these websites were offering a file that looked just like an app, when in fact it was a file that downloads ransomware known as “CryCryptor” to the device. Once downloaded, the app holds the device’s content to ransom. The fraudulent websites are called Tracershield and Covid19tracer.

What’s the Result of Downloading the Fake Covid-19 Contact Tracing App?

When a mobile phone user accidentally or unwittingly installs the fake contact tracing app, the usual things happen, but only for a few moments.

First, the app will request access to certain files. All apps do this, and many users absentmindedly accept the request without fully understanding what they are doing. This is when the ransomware gets to work encrypting all the contents on the device…including the images. The app then leaves a brazen demand note in each of the files where content is encrypted, requesting a ransom.

What to do if Fall Victim to the CryCryptor Ransomware

If you have visited any of the fraudulent Covid-19 tracing websites and unwittingly installed the ransomware files, you’ll be happy to hear that experts in the industry have worked hard to create a decryption tool for the current version of the ransomware. You can get your hands on it on the GitHub website here.

Word of Warning

As a word of warning, CryCryptor is not the only ransomware or malware that preys on people’s fears and insecurities surrounding COVID-19. Make sure that you always research the trustworthiness of applications before you download them.

Of course, you should also make sure that you do regular backups of your devices (documents, music, files, and images) to the cloud, so that if you inadvertently make the mistake of downloading malicious ransomware, you still have a copy of your data, safe, sound, and encrypted in the cloud. You can chat to our team at Soteria Cloud about safely encrypting and backing up data or find a package on our website that suits your backup requirements.