No Clicks!

WannaCry warning screen.

Do NOT click ANY links that inside ANY emails.

They might look something appear to come from a person or company you deal with on a regular basis.  They may like this…

Click here to get information from Microsoft.

…or they might be a button with a similar phrase.  In either case, hold your cursor over any such link. Note that the link is actually to this site and NOT to Microsoft’s website. Sometimes they will include “microsoft” within the link, but it’s not an actual Microsoft URL. For instance, the link may be something like:

instead of a legitimate link like…

It also might have a “mailto” link. However, instead of calling up your email client to send a message to someone, the link could be a trigger for a process that attacks a vulnerability in Windows.

So what do I do?

Don’t click the link. Your options are…

  1. Telephone the sender to confirm that they sent you that particular email.
  2. Go directly to the “sender’s” website using your browser (type the URL into the address bar) instead of clicking the link.
  3. If it’s an email link, open your Outlook or other email client and send the message using the email address you have on file already.

Instead, manually go to the company’s website or manually send an email to the person who supposedly sent you the email instead of clicking the link.

What happens if I forget and click a link?

With luck, you have not clicked a bogus link and all is right with the world.  And, then again, this could pop up on your screen:

At this point, there is currently nothing you can do.  Any option it provides will cost you $$$ and may not work.  The best we can do is to wipe your hard drive and start from scratch.

The name of the game is prevention.  Don’t click and make sure your computer has all of the available Microsoft updates installed.

Some other things to know:

  1. If WannaCry installs itself on a computer on your network, it can not only hold your computer for ransom, it can spread to every other computer on the network, including any unpatched servers.
  2. If your computer is still running Windows XP, that computer is the biggest target of WannaCry.  It’s so bad that Microsoft just released a patch for it—several years after Microsoft stopped supporting and updating XP.  Patch that computer NOW! Google “WannaCry Microsoft” (without the quotes) and click the link for “Customer Guidance for WannaCrypt attacks”, which should be among the top results of the search.  Scroll down to the bottom and click the version of Windows you want to patch (It’s on the line that says “Download English Language security updates:”)
  3. Newer versions of Windows (7, 8, 10)had patches released last month. Those patches were supposed to automatically install themselves.  Sometimes your computer is set up to get the updates but not install them until you tell them to.  If you have a message from Microsoft saying that updates are pending, PLEASE install those updates NOW.
  4. Backups are REALLY important.  Under the worst of circumstances (your computer’s hard drive is encrypted and you don’t have the key, there’s a fire or other damage to your computer or network) you can restore from those backups and be back in business in short order.
  5. Your Desktop is NOT backed up! On networks over which I have control, there are up two different backups (one in the cloud and the other on a local external drives).  That’s the good news.  The bad news: I see a LOT of users who store important information on their desktops or the C:\ drive.  BIG MISTAKE!  Generally speaking, files stored on your local computer are not backed up. If your computer dies, your information stored on the desktop dies with it.  Store all data on your server folder (usually your H: drive).  If you want convenience, put a shortcut to that folder on your desktop.
  6. Employees who access their personal emails using a web-based service like Gmail or Yahoo can also be the target of an attack.  The “no clicks” rule applies to personal email and well as corporate.

Get Proactive

AVG, my current anti-virus system of choice, has come out with a new product that not only deals with traditional viruses, but it also monitors whether all computers are current with Microsoft Updates and allows me to force updates to any non-compliant PC remotely and during non-business hours.  I’m conducting a pilot program now and will be in touch with you when (and if) I’m satisfied with the product.

My goal is to have a central control point available for all of my clients’ workstations and servers so that we catch little problems before they become big ones.  I also envision offering vulnerability testing, that checks to see how “exposed” you are to outside threats that don’t come from email.

Today’s Takeaway: Please share the “Do Not Click” part of this post with your employees.