Learn
Scam Alert: Malware and Ransomware
The benefits of working from home may be many — you can't beat the commute time or the dress code (or lack thereof) — but it does come with increased cybersecurity concerns. As work-from-home arrangements continue to accelerate, so do cybercriminals' attempts to hack into devices. Ransomware attacks increased by more than 37% in 2023, with the average ransom demand for enterprises exceeding $100,000.1
Here's what you need to know about malware and ransomware to protect yourself, your data, and your company as you work from home.
Did you know? Ransomware is the "digital kidnapping" of data. Cybercriminals demand a ransom to release valuable files back to the owner.
What Are Malware and Ransomware Attacks?
Malware — short for "malicious software" — is any type of software created to disrupt or damage a device's operation, gather sensitive information, or give someone access to your computer. Cybersecurity terms you may have heard before, like viruses, spyware, and ransomware, are all different types of malware.
Ransomware is a specific type of malware that aims to gain access to a victim's files so the hacker can lock and encrypt them before demanding a ransom from the file owner in exchange for unlocking the file. The National Cyber Security Alliance's StaySafeOnline initiative calls ransomware "the 'digital kidnapping' of valuable data — from personal photos and memories to client information, financial records, and intellectual property."2
When the kidnapped files contain personal files, this threat is scary enough, but when you're working from home, your company's files could also be at risk, making ransomware an even more daunting — and costly — menace.
How Does Malware Get on My Computer?
Cybercriminals use various tactics to sneak malware onto devices, including phishing emails with malicious attachments, creating fraudulent websites that mimic legitimate ones, distributing infected USB flash drives, compromising legitimate software, utilizing adware on websites and offering fake mobile applications. These methods exploit both technological vulnerabilities and user trust, leading to inadvertent malware installation.3
Why Are People Who Work from Home More at Risk?
Remote workers tend to have fewer cybersecurity protections and protocols compared to those working in an office under the careful eye of their IT department. For example, many home Wi-Fi networks rely on routers set up by residents with little or no cybersecurity knowledge and may expose users to malware attacks.
Plus, when working from home, people are more likely to blend their personal and professional work on the same device. This can make them less careful about the links they click on or files they download compared to what they might do on a work device in the office.
What Can People Do to Protect Themselves?
Awareness and a few easy precautions can go a long way toward making your devices more secure when working from home. Here are a few tips for protecting yourself against malware, including ransomware:
- Update your operating software and browsers regularly. Software updates help to protect you from the newest types of ransomware attacks.4
- Install reputable antivirus software and keep it updated. These can intercept suspicious downloads and also flag web pages that may be compromised.4
- Avoid clicking links directly from emails, even when they look official. Small changes in a URL can take you to a malicious site. Type trusted website addresses into your browser instead.4
- Open email attachments and website downloads with extreme caution, particularly if they are compressed or ZIP files. Only download files from trusted senders or reputable websites. And if you get an unexpected file from a trusted sender and it lacks appropriate context, double-check with them to be sure the file is really from them. Sometimes a hacker can gain access to their email, and then entice you to open a malicious file because you generally trust the email address from which it came.5
- Back up your data regularly and store your backups separately from your computer, such as in an external hard drive. Keep your external hard drive disconnected from your computer when you're not actively backing it up.6
- Treat flash drives, external hard drives, and anything else you plug into your computer's USB port with the same suspicion as email attachments. Malware can live on these devices as well.4
- Only download mobile apps or computer programs from reputable sources. When choosing among apps, opt for those that have been around for some time and have plenty of positive user reviews.4
- Be extra suspicious of emails and websites during major events like natural disasters, epidemics and health scares, economic concerns, political elections and holidays. Increased phishing attempts often increase on those occasions.7
What If I Become a Victim of a Ransomware Attack?
If you receive a ransomware demand, it's up to you decide if it's worth it to pay for the release of your files. The FBI urges people to not pay ransomware attackers.8 If you do choose to pay, never give your bank account information to the hacker. Cryptocurrency is the typical method of payment. If you suspect you've been a victim of malware or receive a ransomware demand, CISA advises home users to contact your local FBI office or local U.S. Secret Service office.9Enroll in Credit and Identity Protection Services
As a Synovus Plus, Synovus Inspire, or Synovus Private Wealth customer, you can enroll in complimentary Credit and Identity Protection services. With this service, Synovus will monitor your credit reports and notify you any time any changes are made. Synovus will also scan the web to make sure your personal information hasn't been compromised by checking websites, blogs and peer-to-peer networks. Synovus also offers full-service identity restoration if you become a victim of identity theft.
Want to know more about how you can achieve peace of mind as a Synovus customer? Learn more.
Important disclosure information
This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.
-
ZScaler, "2023 ThreatLabz State of Ransomware," accessed February 11, 2024.
Back -
StaySafeOnline, "Malware, Viruses, and Botnets," published May 31, 2022, accessed February 11, 2024.
Back -
Norton, "Malware: what it is, how it works, and how to stop it," published December 8, 2023, accessed February 11, 2024.
Back -
Federal Trade Commission, "How To Recognize, Remove, and Avoid Malware," accessed February 11, 2024.
Back -
Federal Trade Commission. "How to Recognize and Avoid Phishing Scams," accessed February 11, 2024.
Back -
National Security Alliance, "Backups," published May 1, 2022, accessed February 11, 2024.
Back -
Cybersecurity and Infrastructure Security Agency, "Avoiding Social Engineering and Phishing Attacks," published February 1, 2021, accessed February 11, 2024.
Back -
FBI, "Ransomware," accessed February 11, 2024.
Back
People are also reading
Do you have questions or ideas?
Share your thoughts about this article or suggest a topic for a new one