We sure are discussing cyber scams a lot lately, aren’t we? That’s because the world is ripe with scams and attacks all over. And today we have a NEW trick being unleashed on businesses in Santa Rosa you need to be aware of.
Cybercriminals are talented, and they are always coming up with new ways to infiltrate devices and networks to gain access to your valuable data.
However, not only are cybercriminals talented, so are the IT support companies that work hard to keep your organization protected. Additionally, most of the major email systems are getting better at identifying these malicious messages.
A new cyberthreat that threatens your Santa Rosa business
If your website has a contact form (most do), you face a new threat because cybercriminals are now using web forms to spread malware.
They pose as a potential new customer and ask you to provide them with a quote for your goods or services.
Once you email them back, they’ll send you over a special kind of file – known as an ISO file – which they’ll claim is absolutely relevant to your conversation.
It’s important to note that this file will not be attached to the email. Instead, they’ll send it via a file-sharing service, such as WeTransfer, to avoid your email provider’s protections.
Look at your contact form submissions with extreme caution
Think about it … your team is chatting with someone that they think is a prospect, so they are much more likely to open the file without any additional thought.
The fact that the conversation was initiated through your contact form will lower the skepticism because now they’re looking at a potential sale.
When the file is opened, it gives the criminal remote access to your device, and this will allow them to access your full network and IT environment. Once they’re in? They’ll start launching a ransomware attack.
What is a ransomware attack?
A ransomware attack is where your data is held hostage. Cybercriminals encrypt it and lock the files so that you can’t open them. In order to unlock them you either need to figure out the key OR you pay a large “ransom” fee to get it back (and this doesn’t guarantee you get your data back anyway).
This form of “contact form attack” was first tested on large businesses in December 2021. Experts believe that this has become more popular in recent months.
How to avoid falling victim to the contact form ransomware attack
It’s vital that your team are hypervigilant to ALL requests, whether that’s through email, contact forms, phone calls, social media messages, etc. And NEVER open a file that was emailed to you unless you are 100% sure it’s genuine.
Work with your cybersecurity provider to make sure your staff are properly trained and to keep you protected at all times.
Don’t just take it from us …
“The thing that puts EIS above the rest is that when we must mobilize because something has happened, Noah and the team are there for us. We had a cybersecurity incident in October and, not only was EIS ready to support us immediately, but then they worked on a whole plan to prevent it from happening in the future. So, there’s the regular help desk support, and then there’s the consulting piece of the puzzle and this relationship and continuous improvement piece that is hard to come by from other companies.”
— Julia, Chief Operating Officer
Nonprofit Environmental Organization
Protect your Santa Rosa business with a trusted cybersecurity provider like EIS
If we can help give you a second opinion or advise you on keeping your organization protected in the long run, please schedule a consultation with us. We work hard to keep our clients safe from threats, and we don’t want to see your name in the next ransomware attack headline. Get in touch with us today.