Mortgage Software Solutions Blog

Cyber Security Trends Put You, Your Company, and Your Devices at Risk


Lock on keyboard

Staying on top of cyber security is one of the most critical aspects of protecting your business. That includes knowing about the latest scams and threats on the horizon. Whether you're protecting yourself, protecting your company, or protecting your devices, you need to know about the latest concerns in cyber security. 

Pop-ups and Scam Calls

Instead of sending out viruses that are likely to be caught by your firewall, many hackers are attempting to catch your team unaware. Pop-ups claiming they are able to "fix" computer problems that don't really exist are one of the most common cyber threats--and unfortunately, they're becoming increasingly savvy. Some are clones of your antivirus software, while others are specifically designed to look like Windows error messages.

Scam calls are also an increasingly common form of social engineering. In order to protect your business, your staff must have the tools to recognize scam calls and react to them appropriately. Without that knowledge, unknowing employees could accidentally release confidential client data or provide system passwords to individuals masquerading as employees. Protecting your company means ensuring that every employee is familiar with the potential for scam calls and knows how to react appropriately. 

IRS Taxpayer Scams

The recent tax season has seen a substantial rise in the number of IRS taxpayer scams. Even the most law-abiding citizen reacts to contact from the IRS with stress and tension. As a result, they're more likely to respond quickly and instinctively to threats rather than taking the time to think their responses through. Today's scammers demand information immediately, insisting that they're going to arrest the victim if they don't respond as soon as possible. They're offer refunds if the victim will simply provide them with necessary bank account information. Scammers frequently insist that payment be made immediately, rather than allowing individuals to set up payment arrangements or take the time to ensure the validity of the communication. 

Note that the IRS never contacts people over the phone. Instead, they'll use certified mail for their initial contact. They also allow citizens to take the time to ensure the validity of their claims and to set up payment arrangements for outstanding debts, rather than putting pressure on citizens for immediate payment. By remaining aware of these circumstances, you can help protect yourself and your employees against this common scam.

Petya Ransomware

Many business owners, managers, and directors are terrified by the rise of ransomware--and with good reason. Ransomware encrypts every file in your system, making it unusable until you either break the encryption and pay the ransom--and in some cases, even if you pay the ransom, hackers may not be able to deliver a "fix." The Petya ransomware attack, which is one of the latest waves of ransomware attacking businesses, encrypts the master boot records of Windows machines. This makes the machines completely unusable until the $300 ransom is paid or a solution is found.

In order to protect against Petya, it's critical that your antivirus software remain updated, as many companies have already released patches that claim to protect against it. You can also protect against ransomware breaches by ensuring that your computer has been updated through at least March 2017, when a critical patch was released that defended against the EternalBlue vulnerability. Petya, in particular, will not impact your computer if you have the read-only file C:\Windows\perfc.dat installed on your computer; however, this will not prevent your computer from impacting others on the network. 

Protecting yourself, your company, and your devices is a full-time job. If you need additional help with this critical process, contact us today to learn how we can help keep your protections updated and your company safer.


Topics: ransomware Petya ransomware cybersecurity

Petya: A New Ransomware Threat


Ransomware is a growing threat to computers and to the businesses and individuals that use them. This kind of malware encrypts the contents of a drive, making it useless to the owner. To get it decrypted, the user must send payment through an anonymous channel to the extortionist, who will then (if you're lucky) send you a decryption key that will restore your files.

Understanding Petya

Petya is a recent and especially nasty form of ransomware that encrypts not your documents but the underlying Windows file system, making it impossible even to boot your computer. The payment process is cumbersome and error-prone. The good news is that it's possible, though difficult, to recover the files.

So far, this attack has taken the form of supposed job applications emailed to employers. It asks them to download a file from Dropbox that supposedly contains a resume. It's actually an executable file that does the dirty work. Dropbox has removed this file, but we can expect the perpetrators to put it up somewhere else in the near future.

When it runs, it overwrites the boot loader—the code that your computer executes when you first turn it on. Then, it crashes the computer, displaying only the "Blue Screen of Death." At this point your file structure is still intact, but it isn't safe to reboot.

If you reboot, you'll see text on your screen that impersonates the CHKDSK system software that verifies the disk. What it’s actually doing is encrypting the computer's Master File Table. When it's done, it will display a red skull made of text characters and then a politely phrased demand for payment.

Since your computer is now useless, you have to go to another computer to carry out the instructions. You have to send a payment, most often in Bitcoin, to retrieve the decryption key. Then you have to type it, by hand, on your own machine; it's very long and difficult to copy without mistakes.

How are Mortgage Firms Affected?

Mortgage companies and similar institutions are especially vulnerable to this type of attack because they get a lot of email that falls into generic categories, such as job applications, loan applications, and follow-ups, and they also retain and receive a lot of extremely private and valuable information.

How Can You Protect Your Business?

Fortunately, your mortgage business can take certain measures to avoid being hit. First, if you get a file or a download link emailed to you, check what kind it is. PDF and text files are reasonably safe to open, but you should never double-click an executable file unless you have a really good reason to run it. This applies even to files that may appear to come from people you know and trust.

If you have second thoughts after double-clicking and your computer immediately crashes, do not reboot it. Have it checked remotely by an IT security professional.

If you reboot after that sequence of events and it appears to be running CHKDSK, pull the plug. That's almost never good advice, but this is one of those rare occasions when it's the right thing to do.

Petya encrypts the Master File Table, which tells the computer where all the files are, but doesn't touch the actual content of the files. It's as if someone went through your library, tearing every page out of your books, erasing the page numbers, and scattering them randomly on the floor. All the information is still there; you just don't have any good way to get at it. A good disk recovery service may be able to reconstruct your files. It will still cost money, but at least you won't be helping to finance extortion.

Antivirus software companies are just now catching up with Petya, but we know that it’s only a matter of time before other viruses and security threats evolve. Keeping the protection on your computer up to date will help to stop these threats.

Using Access Business Technologies’ managed mortgage security solutions will protect you from new and existing threats. In particular, DocumentGuardian™ provides a secure way to send sensitive documents, scanning them for malware and rejecting anything that is infected. Access Business Technologies vigilantly monitors several sources for new spyware, ransomware, and other forms of intrusion, to help you stay ahead of cyber criminals. For more information about our services, please contact us.

Learn More

Topics: ransomware Petya ransomware