Tips to Prevent Ransomware Attacks

Phishing Scams

In 2017 ransomware attacks on business users increased to 26%, up from 23% in 2016, according to Kapersky Labs. These “professional hackers” are paying for their kids to go to college with this money, so they take it seriously. It’s their job to research, learn, spam, and scam their way to your confidential information and your bank account(s).

If these professional hackers are smart, which most of them are, they want to leave little to no footprints. That means wealthy folks and business owners are at a greater risk. Professional hackers can be monitoring your behavior long before they make any attempts to gain additional access to your valuable data. Once they gain access to your email account, they can:

  • Study your main points of contact – internal and externally;
  • Replicate your email signature(s);
  • Learn who you copy on your emails – a colleague, partner, or assistant;
  • Speak in your language and style of writing- casual or professional;
  • Figure out your schedule – when you may be out of town, in a meeting, or at your busiest, most flustered.

Unfortunately, we have seen this one too many times and want to encourage you to be better with keeping your sensitive data from getting in the wrong hands. Here are some tips on what you can do to prevent a ransomware attack.

1. Guard your passwords.

It all starts here. The more sensitive information you have access to, the more complicated and the more often you should change your passwords. If you have a complex password or passphrase, with uppercase and lowercase letters, symbols, numbers, the more difficult it will be for these professional scammers to gain access to your accounts. You should change your password every 30 or 60 days, or even 90 days will make it even more difficult for hackers. Don’t change one letter or number, change the entire password. If you’re worried about remembering your password, here are some suggestions on how to safely store them.

We recommend two-factor authentication (2FA) to all of our clients. In fact, it will soon be required of them. This requires an extra measure of security based on the premise that an unauthorized user is unlikely to be able to supply two (or more) factors required for access.

2. Don’t click on any link in any email ever.

That’s right. As a business owner, as anyone, as a person, you should never click on a link in an email. If it’s imperative to click on the email, you should first hover over it to see exactly where it is pointing and if the link looks even the slightest bit strange, don’t click on it. Any vendor or application that is requesting you to click on a link, will have the same information within their own application.

3. Be intentional with your communication.

If someone gains access to your email, imagine what they could learn about you. That is why we should never send financial information or personal identifying information about us or any other people, especially any of your clients. All matters of business should be done in person or over the phone. However, don’t be fooled, professional hackers and professional identity thieves can imitate voices over the phone.

Be proactive when it comes to protecting yourself and your business.

Security and convenience are always in tension. The tighter one becomes, the looser the other is. Make sure you add multiple layers of security. Criminals, hackers,  and identity thieves are changing their tactics, so you must also.


At Howard Tech Advisors, we manage your IT infrastructure so that you don’t have to. Whether you need assistance creating a disaster recovery plan or you’d like to outsource your IT needs, we can help! Keep up with our weekly blog to stay up-to-date on the latest tech trends, security information you need to know to stay safe online, and tips and tricks to effectively navigating an increasingly mobile world.

Don’t forget to check us out on FacebookTwitter, and LinkedIn too.