Don’t get caught out by game over Zeus & Cryptlocker

Virus proection

You may have recently heard reports in the news detailing a number of malware or virus-related PC threats. The reports specifically mention the following – Zeus, Game Over Zeus, P2P Zeus and Cryptolocker.

The threats listed have been live for in excess of 12 months in one form or another, so this is not a new threat. The 2-week window to protect yourself (as reported widely) is, in our opinion, largely arbitrary. We cannot say that there will not be a massive escalation of threat in two weeks’ time, but equally threats can occur at any time. This has not changed owing to recent developments.

To ensure your business network users are doing everything they can to minimise risk to their PCs, we make the following recommendations:-

Risk Awareness – It is vital to educate your users about where threats are likely to come from and what they can do to ensure that they avoid them.

Avoid opening attachments in emails if you do not know the sender or cannot verify the sender. Emails may look like they have come from HMRC, banks, PayPal, eBay or other familiar organisations. This trick is used to get users to open an attachment which then infects the PC.

Links sent in emails may not be genuine. You can check where a link in an email leads to by hovering over it in Outlook. If in doubt, don’t click on the link. Please note – Genuine organisations do not ask for personal or security information in emails or request that you send this information to them by opening an attachment or clicking on a link. If in any doubt contact the source of the email by phone (using the number advertised on the company’s website) to check the email is genuine.

Have an Internet Acceptable Use Policy – Make it clear to your users which websites they are permitted or not permitted to access via your business network.We advise avoiding file sharing, gambling, pornographic and illegal media streaming websites as these may have been compromised in order to distribute malware. Social media websites are often used to advertise or share links to third-party websites, which may be sources of malware. We advise that you avoid following these links.

Allow anti-virus protection and Windows updates to install as soon as possible. If updates fail, report this to our helpdesk immediately.

Take notice of threat reports from your Internet Security or Anti-virus product– these products will alert you if they detect suspicious activity such as an infected or compromised website trying to access your PC or the presence of malware on your PC. Most threats will be blocked automatically and should cause no further issue. If threat warnings are persistent, note down the message details and report this to our helpdesk

Avoid storing passwords in web browsers or in any documents. Change passwords regularly and don’t use the same password for multiple sites/online services

Technical Counter-measures

Anti-virus/Internet Security Products – all client PCs, laptops, and Windows or Android smartphones/tablets should have a protection product installed and this should be kept up to date at all times.

Protection at the email gateway is an additional layer of protection. For the majority of our support contract customers this is already in place. This is an additional layer of protection, which sits with the email server and prevents the vast majority of viruses ever reaching the user’s mailbox. Where email services are partially or fully supplied by a third party (e.g. Office 365 customers and those customers who have an additional layer of email configured by a parent company or organisation) this protection may already be in place.

Regular backups are an important additional line of defence – you should check yours have completed and can be relied upon in the event of a problem. We regularly check backups for our contract customers (at least once per week) for their peace of mind.

By following the advice above the risk of a security compromise, or data loss, in the event of infection on your network will be greatly reduced.

If you have any concerns, please call us today on 01535 358161 and talk to the experts in IT peace of mind!


< Back to blog