Scams & Alerts
March, 2016 - Ransomware
What is ransomware, you ask? Simply put, it is malware that locks computer systems by encrypting files and demanding a ransom to obtain the decryption key. Encryption is a security tool used to protect non-public information of all kinds. It’s normally used to protect the transmission of sensitive information; the sender locks the information by encrypting it with a unique key and the only person who may decrypt it is the receiver, who has the same unique key to unlock the information.
Recently, a hospital in California was infected with ransomware. Hollywood Presbyterian Medical Center had to pay a $17,000 ransom to regain access to its electronic files. The hospital’s network was offline for over a week, forcing staff to use paper, fax machines, and telephones to get their work done. Some patients had to be transported to other hospitals because of the issue.
Unfortunately, cybercriminals figured out they could use encryption for their own sinister activities. When ransomware is installed on a system, the personal files on that computer, such as documents, spreadsheets, pictures, music, and game files, all get encrypted and the decryption key is sent to the criminal.
The criminal then forces a pop-up on the person’s system that tells them their files have been encrypted and that they have anywhere from 48 hours to a week to pay a ransom and get the decryption key. They typically demand the ransom to be paid in bitcoins, which are electronic currency not yet recognized as legal tender in the United States. As of this writing, March 14, 2016, one bitcoin exchanges for about $418.00.
So, how do we protect ourselves from ransomware? Here are some simple actions you can take to make sure this malware doesn’t hit your computer:
- Make regular backups of your most important files and disconnect the backup device when you’re done. If you have a backup of your files, there is no need to pay when ransomware strikes.
- Do not open attachments that you weren’t expecting or that look suspicious. This is the #1 method of delivery of ransomware.
- Do not enable macros on Word documents unless you’re 100% sure the document is legitimate.
- Avoid clicking on links in emails or following questionable links when surfing the Internet.
- Use a good anti-virus and/or anti-malware software; there is even a new anti-ransomware product on the market.
- Enable the Windows firewall on your system.
- Patch and run updates to your system and programs as soon as they are released.
Last but not least, if something suspicious is happening on your computer, quickly disconnect the Internet connection.
October, 2015 - Phone Call / Text Message Scam
SCU Members, we have received reports from a financial institution in the Upstate about a new phone call or text message coming from an automated system that:
- Says to activate a debit card
- States a debit card is locked
- States that there is an issue with a card OR
- To verify account information.
The messages are stating that customers need to call a number to resolve the above stated issues.
Some reported cases indicate the automated system is asking customers to enter in their debit card number and occasionally, the line goes dead.
Reports are coming in stating there are numerous numbers appearing on caller ID. Some read UNKNOWN, and some read 000–000–0000.
Please be advised, State Credit Union will never ask Members to enter in their card number or account information. If you receive any calls like this, please notify us immediately by calling 800–868–8740.
As always, we thank you for being a State Credit Union Member!