Ransomware attacks continue to devastate countries around the world. Right now, CBS News is reporting that Hackers demand $70 million to end biggest ransomware attack on record. Businesses like yours are among those affected:
CEO Fred Voccola of the breached software company, Kaseya, estimated the victim number in the low thousands, mostly small businesses like "dental practices, architecture firms, plastic surgery centers, libraries, things like that."
There are truly evil people in this world, and it's discouraging and overwhelming to maintain constant vigilance against their attacks. However it's our only option, and today we'd like to expose one of their many tricks, which is called a homograph attack.
This trick is based on different alphabets. The easiest example is the lowercase letter a in our English alphabet. Unfortunately, the Russian (Cyrillic) alphabet also has a letter a which looks the same, but is coded differently.
Your computer, which only deals in numbers, sees the English a as 97:
It sees the the Russian a as 160:
Therefore, a hacker could use the 160 a for an URL like www.factcheck.org. It would look perfectly OK, even if you hovered over it in an e-mail, but would lead to a completely different website. This bogus website would most likely look exactly like the real one, but would have malicious code which could lead to a ransomware attack, or simply steal your login and password for your PayPal or bank account.
The Cybersecurity and Infrastructure Security Agency, a part of the U.S. Department of Homeland Security, recommends three steps to avoid falling victim to the scheme:
- Avoid clicking on links and instead type the web address into an internet browser.
- Keep web browsers up to date because older versions have fewer protections in place.
- Hover over links before clicking on them to see the true destination. If the web address is unfamiliar, it might be an attempt to deceive you.
And it's always recommended to have antimalware software installed. The health of your system is as valuable as your own.
Stay safe.
