EPDM Coatings
rvupgradestore.com Composet Products PO Box Zone
Over The Network Custom Yacht Interiors

Author Topic: Warning about Ransomware  (Read 5462 times)

HueyPilotVN

  • ---
  • Posts: 1171
Warning about Ransomware
« on: August 22, 2016, 09:19:57 PM »
I have been getting several FEDEX deliveries lately so I was not surprised to get an email that looked like it was from FEDEX.

When I opened it it said that they could not deliver a package and to click on the delivery details below for information.

As soon as I opened the attachment a large message came up on the screen.

It informed me that all my data files, pictures, and music files had been incripted and I had to go online and buy a certain amount of Bit Coins and send them to an online address to get the instructions to reverse the incription.  If I did not do that within three days the file would not be recoverable.

I looked at the files and they are all incripted.

I would never pay a ransom so I went out and bought a new laptop and software.

I spent much of two days transfering files from another backup laptop to recover as much as I could.  I still lost at least two years of files.

I am posting this to remind all of us to backup our important data every so often.

I hate a thief.
« Last Edit: August 22, 2016, 09:21:39 PM by HueyPilotVN »
Bill Waugh
40' Country Coach DP
34' Stacker Trailer, Trailer Toad
Jeep Commander
Mustang Bracket Race Car
35 years on the road

whiteva

  • ---
  • Posts: 322
Re: Warning about Ransomware
« Reply #1 on: August 22, 2016, 09:37:22 PM »
Very good reminders, thanks
2008 Winnie 29TR, Class C
Me: RETIRED: Aerobatic flight instructor, RE Broker, EE,-
DW, Nan, works Finance for RV dealer. Travel short distances pulling 77' MGB on dolly.
 If not in the RV we are on the Sea Ray, with Shadeaux the black cat. Stop by for coffee or beverage

RVRAC

  • ---
  • Posts: 1020
Re: Warning about Ransomware
« Reply #2 on: August 22, 2016, 10:31:01 PM »
Sorry to hear about it. 
2017 Leprechaun 311 FS
Toad: 2016 Jeep Patriot
American Dolly
Home: WI
Snowbird 6 months/yr.

Sun2Retire

  • Photo moderator
  • ---
  • *
  • Posts: 1867
Re: Warning about Ransomware
« Reply #3 on: August 22, 2016, 10:52:00 PM »
I have been getting several FEDEX deliveries lately so I was not surprised to get an email that looked like it was from FEDEX.

When I opened it it said that they could not deliver a package and to click on the delivery details below for information.

As soon as I opened the attachment a large message came up on the screen.

It informed me that all my data files, pictures, and music files had been incripted and I had to go online and buy a certain amount of Bit Coins and send them to an online address to get the instructions to reverse the incription.  If I did not do that within three days the file would not be recoverable.

I looked at the files and they are all incripted.

I would never pay a ransom so I went out and bought a new laptop and software.

I spent much of two days transfering files from another backup laptop to recover as much as I could.  I still lost at least two years of files.

I am posting this to remind all of us to backup our important data every so often.

I hate a thief.

Bill,

If you haven't tossed your old laptop, do some research. The decrypt keys for **some** of those ransomware attacks have been found and posted on various sites. There is a slight chance your files could be recovered.
Scott
2005 Newmar Dutch Star 3810, Spartan, Cat C7 350 "OURVEE"
Eezrv TPMS, VMSpc, 800W Solar
2002 Dodge RAM 1500 Quad Cab "RTOAD"
Stowmaster towbar & Brakemaster

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #4 on: August 23, 2016, 04:45:26 AM »
I sure love my Chromebook. That would never happen on a Chromebook. Chrome can run programs so ransomware is impossible.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

Daffy

  • ---
  • Posts: 78
Re: Warning about Ransomware
« Reply #5 on: August 23, 2016, 06:13:03 AM »
Do some searching, it is possible to recover the computer. Try "Ransomware Removal" for multiple options.
Too new at this to be a fool yet..

1999 Itasca Sunflyer 36L

KandT

  • ---
  • Posts: 744
Re: Warning about Ransomware
« Reply #6 on: August 23, 2016, 06:30:11 AM »
I sure love my Chromebook. That would never happen on a Chromebook. Chrome can run programs so ransomware is impossible.

I hope this is sarcasm!
2005 Winnebago Vectra
American Car Dolly
2009 Accord Toad
It's not a problem.  It's a project!

kdbgoat

  • ---
  • Posts: 3977
Re: Warning about Ransomware
« Reply #7 on: August 23, 2016, 06:39:39 AM »
Probably not. That statement is from the same guy that says posting your SS# won't lead to identity theft. 8)
I know you believe you understand what you think I said,
But I am not sure you realize what you heard is not what I meant


2016 Leprechaun 319DS

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #8 on: August 23, 2016, 06:52:36 AM »
Probably not. That statement is from the same guy that says posting your SS# won't lead to identity theft. 8)
Well it won't. No one has ever been able to convince me of that by telling me step by step how it can happen.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

kdbgoat

  • ---
  • Posts: 3977
Re: Warning about Ransomware
« Reply #9 on: August 23, 2016, 07:00:31 AM »
Just picking at you Tom, please don't take it to heart. ;)
I know you believe you understand what you think I said,
But I am not sure you realize what you heard is not what I meant


2016 Leprechaun 319DS

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #10 on: August 23, 2016, 07:41:05 AM »
ok, I just did not understand it was sarcasm.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

SargeW

  • Forum Staff
  • ---
  • *
  • Posts: 6307
  • Life is better on the road!
Re: Warning about Ransomware
« Reply #11 on: August 23, 2016, 07:47:39 AM »
Good reminder Bill, thanks.
Marty--
2017 Tiffin Allegro Bus 40SP
Cummins ISL 450 HP/Powerglide chassis
Visit our new travel blog! http://www.mytripjournal.com/rvnchickTNG
Support your local Police Officer, Fire Fighter and Military!

John From Detroit

  • ---
  • Posts: 19639
  • ^My New Home^
    • Diabetics Forum
Re: Warning about Ransomware
« Reply #12 on: August 23, 2016, 07:58:31 AM »
Fed Ex will never send you an E-mail.  Neither will bank of ____ or ___ bank,he FBI, the IRS or anyone else who has legitimate business UNLESS you first E-mail them and request a reply.

I do get al ot of E-mails from businesses but they are ones where I specifically requested them (Signed up for the e-mail list).

But if you get an E-mail about Money.. Very good chance it's phony

NOTE: If you can identify (if you have paid for example, the ransom and have the payee listed on your Charge Card statement) prosecution is possible and you can hold them for ransom in a manner of speaking (They go to prison).
Nothing adds excitement like something that is none of your business
My Home is where I park it.

glen54737

  • ---
  • Posts: 1187
  • My camping buddy
Re: Warning about Ransomware
« Reply #13 on: August 23, 2016, 08:13:22 AM »
There are ways of removing these programs. Google it.
I had this one time and it was as simple as starting in safe mode and restoring to a point a few days earlier.
2018 Thor Miramar 35.2
2015 F-350 CC short box 6.7l 3.55 axle
2015 Alpine 3510RE-sold

Glen,Nene
Mickey & Jayco (yorkies)

scottydl

  • Admin assist
  • ---
  • *
  • Posts: 7655
  • Central IL
Re: Warning about Ransomware
« Reply #14 on: August 23, 2016, 09:54:03 AM »
I know this seems obvious to Bill (OP) so I'm not trying to add insult to injury.  But as John mentioned, NEVER open an attachment that you are not expecting, from any e-mail address / person that you do not know.  These days, NO business, banks, etc. will send you attachments or request your login credentials over e-mail.  They should direct you to go to their website, log in as regular, and check whatever details need to be checked there.  If the e-mail provides the clickable link (odd but still sometimes happens), be very careful to ensure it is the actual website and not a fake mirror site that is used to farm usernames and passwords.  The actual URL will usually give away the fakers, i.e. instead of www.fedex.com the site link might be www.fedmex.com.hk or something like that, slight misspellings and/or a site based out of another country's URL suffix.

All that said, ransonware can invade through less intrusive means than tricking you to open an attachment.  A couple years ago, my work computer (a hardwired desktop at the office) ended up being infected and I (nor our IT people) ever figured out how.  Luckily the network regularly backed up all files every week or so, but I had to go through hundreds of individual documents and restore to their pre-infected versions.

For home computers, get an external hard drive and copy/backup all your important folders/files at least once a month... then you're only a few weeks behind if you do lose everything somehow.  Windows makes this pretty easy with almost everything directing to Documents/Photos/Videos/Downloads folders now (and you can add custom folders), if you leave those defaults in place.  I would assume Macs have a similar setup?  I don't worry about system images or copying programs anymore, since almost everything is internet based now and can be re-downloaded or re-installed as needed.
« Last Edit: August 23, 2016, 10:45:44 AM by scottydl »
Scott, wife, 3 boys... and the dog
- 2008 Forest River Wildwood 32BHDS
- 1995 Chevrolet Suburban C2500 tow vehicle
- 1994 Thor Residency motorhome... owned 2007-2012

HueyPilotVN

  • ---
  • Posts: 1171
Re: Warning about Ransomware
« Reply #15 on: August 23, 2016, 10:36:33 AM »
I completely understand what you are saying. 

I have been receiving all kinds of delivery notifications for internet purchases this last month and I did click on the attachment without proofreading the email address.

What actually bothers me even more than the psychology behind getting me to allow a malicious program past the basic defenses by clicking on it is the lack of any easy way to report and assist in finding these criminals.

I called the FBI office in Minneapolis and eventually got thru to the cyber crimes division.  I offered them the actual laptop which I had turned off after verifying that the encryption had actually happened.  My thought was that it had the evidence including the IP address of the originator of the email.  I know that one person's ransom demand is not the crime of the century.  However the cumulative effect on many does make it a crime worthy of finding the perpetrators.

The lady I talk with simply referred me to the IC3.gov website where you can fill out a report online.

This reminds me of an incident a few years ago when my Credit Card number was used to purchase about $3,000.00 in merchandise and the police would not even take a report because they said that the credit card companies would not prosecute and it was a waste of their time even though the perpetrator was on camera at Sears.

Sorry if this seems like a rant, but I hate crooks.

 
« Last Edit: August 23, 2016, 10:38:09 AM by HueyPilotVN »
Bill Waugh
40' Country Coach DP
34' Stacker Trailer, Trailer Toad
Jeep Commander
Mustang Bracket Race Car
35 years on the road

Corky

  • ---
  • Posts: 260
Re: Warning about Ransomware
« Reply #16 on: August 23, 2016, 10:51:28 AM »
I ship and receive a lot of packages via USPS, and UPS. And I do a fair amount of business thru Paypal.
All 3 of these entities will send varying amounts of email during the day, and I have gotten so paranoid that I don't even use my own shortcut icons to go to these respective web sites. I type each one in. So far this has proven to be the safest way to avoid these dastardly deeds.

Hope you recover your files, send the the crook to jail.

Corky
'05 Itasca Meridian 36G
15 Jeep Wrangler Orange toad
'86 Suzuki Samurai Camo dirt toad

kdbgoat

  • ---
  • Posts: 3977
Re: Warning about Ransomware
« Reply #17 on: August 23, 2016, 11:09:20 AM »
I agree with the PayPal thing. It seems like every time I use PayPal, I end up getting one or two scam emails.
I know you believe you understand what you think I said,
But I am not sure you realize what you heard is not what I meant


2016 Leprechaun 319DS

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #18 on: August 23, 2016, 11:11:06 AM »
I try not to use Paypal unless there is no other options. I have been scammed by Paypal twice.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #19 on: August 23, 2016, 11:11:26 AM »
Sorry you had to experience that Bill.  Had a similar credit card situation a few months back.   Not sure how but two of my credit cards were used to charge almost $4,000 several months ago.   All the charges have been reversed from my accounts but, from the little I know, no real investigation into the theft was done.  Personally I believe credit card companies have factored in a certain percentage of fraud as a cost of doing business, and as long as their usurious interest rates and obscene late fees are adequate to cover the costs, they're happy with the bottom line.     
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

Tom

  • Administrator
  • ---
  • *
  • Posts: 44404
    • RV Forum web site
Re: Warning about Ransomware
« Reply #20 on: August 23, 2016, 11:17:30 AM »
 
Quote
... it had the evidence including the IP address of the originator of the email.

Unfortunately, like email addresses, IP addresses can be spoofed.

Quote
The lady I talk with simply referred me to the IC3.gov website where you can fill out a report online.

The only time I tried filling that out, I gave up when it asked to show financial loss.
Tom.  Need help? Click the Help button in the toolbar above.

Tom

  • Administrator
  • ---
  • *
  • Posts: 44404
    • RV Forum web site
Re: Warning about Ransomware
« Reply #21 on: August 23, 2016, 11:20:49 AM »
Quote
I believe credit card companies have factored in a certain percentage of fraud as a cost of doing business ...


Yep, they have a large slush fund for fraudulent charges.
Tom.  Need help? Click the Help button in the toolbar above.

kdbgoat

  • ---
  • Posts: 3977
Re: Warning about Ransomware
« Reply #22 on: August 23, 2016, 11:24:46 AM »
I try not to use Paypal unless there is no other options. I have been scammed by Paypal twice.

I have never had a problem with PayPal, and have used it quite a bit. I'm like Corky, I don't use links, I type and go direct to site.
I know you believe you understand what you think I said,
But I am not sure you realize what you heard is not what I meant


2016 Leprechaun 319DS

scottydl

  • Admin assist
  • ---
  • *
  • Posts: 7655
  • Central IL
Re: Warning about Ransomware
« Reply #23 on: August 23, 2016, 11:30:08 AM »
Coincidence of all coincidences... after my post about 90 minutes ago, I just checked my e-mail and Walmart.com send me a message this morning that my account was possibly hacked and they changed my password as a preventative measure.  The Walmart e-mail gave me instructions to reset the password again myself, rather than providing any attachments or direct links.  I posted that example below.  Most companies will operate in this way now, if they have any information to share with you about an order, account problems, etc.

This reminds me of an incident a few years ago when my Credit Card number was used to purchase about $3,000.00 in merchandise and the police would not even take a report because they said that the credit card companies would not prosecute and it was a waste of their time even though the perpetrator was on camera at Sears.

This does seem odd, as I know agencies in my area will gladly arrest/charge people caught in the act of committing credit card fraud or theft... even if the charges are refunded.  But I suppose it depends on your local agency resources and how many violent crimes that are also trying to solve (which will generally rank higher on the priority list than property/financial crimes).  Don't worry, I hate crooks too.  And so do police officers and investigators, who unfortunately now have volumes of limitations and restrictions on their enforcement activities in modern society.

Hope you recover your files, send the the crook to jail.

Sadly, this likely will not happen... but it's a nice thought!
Scott, wife, 3 boys... and the dog
- 2008 Forest River Wildwood 32BHDS
- 1995 Chevrolet Suburban C2500 tow vehicle
- 1994 Thor Residency motorhome... owned 2007-2012

Corky

  • ---
  • Posts: 260
Re: Warning about Ransomware
« Reply #24 on: August 23, 2016, 12:03:19 PM »
Back in the early '80's someone stole a van from my driveway. As soon as I discovered that it was missing I went on a discovery mission throughout my neighborhood, just for the fun of it. I found the van about 8 blocks away in the back lot of a supermarket. So I went back home (pre cell phone era) and called the coppers. They showed up, and not very stealthy either, as I communicated to dispatch that I was camouflaged and ready to spring into action as soon as backup arrived  ::). Two patrol car, one detective, and not one of them interested in any prints that may have been left behind by the thieving bas---ds. Man was I bummed. I was already to observe all of the sleuthing techniques in action that I had seen for so many years watching Colombo.   

I guess the point is --- nobody cares :-[

Corky
'05 Itasca Meridian 36G
15 Jeep Wrangler Orange toad
'86 Suzuki Samurai Camo dirt toad

SargeW

  • Forum Staff
  • ---
  • *
  • Posts: 6307
  • Life is better on the road!
Re: Warning about Ransomware
« Reply #25 on: August 23, 2016, 09:19:26 PM »
I guess the point is --- nobody cares :-[

They care, it is just a matter of prioritization.  With auto thefts, unless you can prove an intent to permanently deprive, like stealing parts or changing the VIN#, it will be handled like a "Joyriding" case.  You get the car back, they close the case. 

With Credit cards, they do build in a certain amount for expected losses. What they have gotten better at is catching unusual activity on credit card accounts. I have been called numerous times  as we have traveled around the country if they see a charge that seems unusual.  A common one for thieves is to steal a CC number, then run a small charge on it to see if it goes through.  Then if it does they hit it with a big charge.  That is when I get called.  Sometimes they stop a legitimate charge though. Like filling the RV at a truck stop. That can be a bit frustrating.
Marty--
2017 Tiffin Allegro Bus 40SP
Cummins ISL 450 HP/Powerglide chassis
Visit our new travel blog! http://www.mytripjournal.com/rvnchickTNG
Support your local Police Officer, Fire Fighter and Military!

John From Detroit

  • ---
  • Posts: 19639
  • ^My New Home^
    • Diabetics Forum
Re: Warning about Ransomware
« Reply #26 on: August 24, 2016, 09:39:54 AM »
I am expecting a call later today if Ryan ever gets here with my new A/C.

Have had one bank call twice, E-mail once and text twice on a tank of gas... I confirmed every time  (NOTE: all contacts were via known paths so I was sure they were legit) The first call I was still standing at the register!!!!!!!

Have also had 'em call when it was not legit.   For example someone tried to use my Credit Union account to buy olike $500 worth of stuff (Charge denied even before they called to confirm)  I run "Zero balance checking" so that account (A debit card) only had money in it for a couple of days... There was only about 5.00 in the account when the scammers tried to empty it... They goofed.


True story: Co-worker got the call from her Credit card company.. So when UPS delivered,  The "helper" took the packages to the door.
The suspect signed for the goods and the UPS Trainee explained that she had a real job, She was just playing UPS trainee.. her real job was Michigan State Police Trooper and you have the right (Of course his signature was the evidence that convicted him so it was a bit late for him to do anything other than name his accompliace (Brother) who copied her credit card info when she rented a car)

More credit card theft stories should end that way.
Nothing adds excitement like something that is none of your business
My Home is where I park it.

SargeW

  • Forum Staff
  • ---
  • *
  • Posts: 6307
  • Life is better on the road!
Re: Warning about Ransomware
« Reply #27 on: August 24, 2016, 10:48:00 AM »
I love stories with a happy ending!
Marty--
2017 Tiffin Allegro Bus 40SP
Cummins ISL 450 HP/Powerglide chassis
Visit our new travel blog! http://www.mytripjournal.com/rvnchickTNG
Support your local Police Officer, Fire Fighter and Military!

8Muddypaws

  • ---
  • Posts: 2240
Re: Warning about Ransomware
« Reply #28 on: August 24, 2016, 11:25:29 AM »
This would be a good time to plug the habit of making a full disk backup to an external disk once a month, or even more often.

If you had made a full disk backup you would not have lost much.  Restoring from a backup would have overwritten the cryptolocker or whatever and had you back in business in less time than it took to buy a new computer.

External disks can be found in a varitey of sizes and styles for not a lot of money and the software that does the backup is free in most cases.  I use a disk dock I bought for $19 and standard SATA disk drives that mount into the dock.

I use two most of the time.  ToDo Backup and Clonezilla.  Both are free at www.majorgeeks.com.  ToDo is more user friendly while Clonezilla is faster but requires a little knowledge of Linux and PC file systems and commands.  I use Clonezilla to install a pre-licensed images on dozens of computers a month at my volunteer job.  It's very reliable.
Retired computer professional
Musician, songwriter and music director
2006 Bounder 34H, 2008 CR-V Toad

HueyPilotVN

  • ---
  • Posts: 1171
Re: Warning about Ransomware
« Reply #29 on: August 24, 2016, 11:31:39 AM »
I agree.  That was the main reason I posted about the ransomware incident.

Wish I had a redo button.  I do have several external hard drives.  Sometimes we just get lazy and complacent.

I am getting most of the old files back by doing a selective copy of files from other computers and external hard drives.
Bill Waugh
40' Country Coach DP
34' Stacker Trailer, Trailer Toad
Jeep Commander
Mustang Bracket Race Car
35 years on the road

Sun2Retire

  • Photo moderator
  • ---
  • *
  • Posts: 1867
Re: Warning about Ransomware
« Reply #30 on: August 24, 2016, 12:00:13 PM »
Wish I had a redo button.

Oh man, that's a whole nuther topic!  ::)
Scott
2005 Newmar Dutch Star 3810, Spartan, Cat C7 350 "OURVEE"
Eezrv TPMS, VMSpc, 800W Solar
2002 Dodge RAM 1500 Quad Cab "RTOAD"
Stowmaster towbar & Brakemaster

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #31 on: August 24, 2016, 12:58:38 PM »
Oh man, that's a whole nuther topic!  ::)

I think that's a whole new forum.   ;)
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #32 on: August 24, 2016, 01:05:18 PM »
We keep an external hard drive plugged in most of the time.  Would the Ransomware contaminate the files in the hard drive if it were running at the time?  We're MAC users and don't have any virus software.  Been thinking it's about time to spend a few dollars.  Suggestions for MAC. 
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

8Muddypaws

  • ---
  • Posts: 2240
Re: Warning about Ransomware
« Reply #33 on: August 24, 2016, 02:58:32 PM »
It might.  Depends upon how smart and determined the criminal who put the code together is.
Retired computer professional
Musician, songwriter and music director
2006 Bounder 34H, 2008 CR-V Toad

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #34 on: August 24, 2016, 03:35:21 PM »
Sounds like the safe approach is to not keep the external drive plugged in and only update periodically.  For example, when the DW downloads  500+ pix.   
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

Lou Schneider

  • Forum Staff
  • ---
  • *
  • Posts: 7312
Re: Warning about Ransomware
« Reply #35 on: August 25, 2016, 12:27:08 AM »
The No More Ransomware Initiative says they've cracked Wildfire's cipher and posted the unlock codes online.

ZD Net has a new article giving the particulars:

http://www.zdnet.com/article/wildfire-ransomware-code-cracked-victims-can-now-unlock-encrypted-files-for-free/?ftag=TRE49e8aa0&bhid=19724681974700635514865380622813

Irover

  • ---
  • Posts: 359
Re: Warning about Ransomware
« Reply #36 on: August 25, 2016, 12:39:03 PM »
I also installed Malwarebytes AntiRansomware from Major geeks on my computers!
And the clever sons of B's try all the time to get in through my email. had one this morning in Spanish language except the, to: Me; From Me in English. Still trying to figure out how they did that!!!  >:( >:( I couldn't Block it, had to delete it!
Don't ever give up!! keep pushing toward the goal!!!
USAEUR; 1st Armored Div., E Co.123rd Maintenance Btln. 71-74

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #37 on: August 25, 2016, 01:49:52 PM »
Never tried this on a PC, but before opening an email that looks suspicious, I place the cursor over the senders name and am able to see what the actual email addy is.  If there's a disconnect or I'm not sure why I'm getting the email, I just delete it. 
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

8Muddypaws

  • ---
  • Posts: 2240
Re: Warning about Ransomware
« Reply #38 on: August 25, 2016, 06:57:45 PM »
That's a good test for links but not for email addresses.  It's very simple to make an email look like it came from another email address but unfortunately there is no foolproof way to spot them.
Retired computer professional
Musician, songwriter and music director
2006 Bounder 34H, 2008 CR-V Toad

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #39 on: August 25, 2016, 07:00:57 PM »
Fortunately I use Chromebook and Gmail. You can't get hurt by any email with that combination. I open up the occasional desperate attempt to break into my computer and laugh.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #40 on: August 25, 2016, 07:55:54 PM »
Tom, what's unique about your combination that protects you against these attacks.
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

River-Runner

  • ---
  • Posts: 6
Re: Warning about Ransomware
« Reply #41 on: October 31, 2016, 04:49:45 PM »
I have been using Carbonite.  I got infected with the Zepto virus.  This virus takes most data files and renames them with random digits, then changes the extension to .zepto.

I called Carbonite and they could replace all my files to a date about three or four days before I was infected.  I lost 3 or 4 days of data, everything else I was able to replace.

I'm just a Carbonite subscriber, but I really feel they saved my tail.  I keep up a clone of my C: drive every month or so and then keep all my data on a F: drive.  I had Carbonite backing up my C:...User folders and the entire F: drive.

Carbonite does everything in the background.  Set it up once and it just does its job.
« Last Edit: October 31, 2016, 04:52:21 PM by River-Runner »
21 foot Desert Fox Toy Hauler Pulled by 2008 Dodge Megacab Oil Burner.
Toy Hauler Carries Honda Dirt Bikes and SOTAR Rafts/Cats

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #42 on: October 31, 2016, 05:37:10 PM »
Tom, what's unique about your combination that protects you against these attacks.
Gary - Sorry it took me so long to answer your question, I did not see it until today.

Google monitors web sites and if you try to go to a site that dishes out malware Chrome will give you a large warning before you enter the site. Chromebooks cannot run an executable file so there is no way for a virus to ever inhabit a Chromebook. They don't even make anti-virus for Chromebooks because it would be redundant. Gmail has a built in anti-virus if you use it on any other platform besides a Chromebook.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

HueyPilotVN

  • ---
  • Posts: 1171
Re: Warning about Ransomware
« Reply #43 on: October 31, 2016, 05:51:40 PM »
If there is such a thing as a silver lining to a Ransomware attack it is getting a new laptop that is newer, lighter, and much much faster than the old one.

The older Asus laptop was not that old but the new HP runs circles around it.

Almost worth the hassle of restoring all the old data.

I am amazed at how much better this new one is.
Bill Waugh
40' Country Coach DP
34' Stacker Trailer, Trailer Toad
Jeep Commander
Mustang Bracket Race Car
35 years on the road

NY_Dutch

  • ---
  • Posts: 3343
  • Following the warm weather!
Re: Warning about Ransomware
« Reply #44 on: October 31, 2016, 06:10:19 PM »
Bill, have you installed any anti-ransomware software on the new laptop? Malwarebytes and Bitware both have well rated programs that work well together.
Dutch
2001 GBM Landau 34' Class A
F53 Chassis, Triton V10, TST TPMS
2011 Toyota RAV4 4WD/Remco pump
ReadyBrute Elite tow bar/Blue Ox base plate

HueyPilotVN

  • ---
  • Posts: 1171
Re: Warning about Ransomware
« Reply #45 on: October 31, 2016, 06:13:27 PM »
It came with Webroot Secure and McAffie.

And no I am not opening any more attachments from email...LOL
Bill Waugh
40' Country Coach DP
34' Stacker Trailer, Trailer Toad
Jeep Commander
Mustang Bracket Race Car
35 years on the road

NY_Dutch

  • ---
  • Posts: 3343
  • Following the warm weather!
Re: Warning about Ransomware
« Reply #46 on: October 31, 2016, 06:20:02 PM »
Hopefully those two will do the job then. I think Bitware's stand alone "vaccine" approach is pretty unique though. They basically install a set of small null files that fool the most common malware into thinking it's already installed so it ignores you. Their anti-virus program also has more conventional detection built in.
Dutch
2001 GBM Landau 34' Class A
F53 Chassis, Triton V10, TST TPMS
2011 Toyota RAV4 4WD/Remco pump
ReadyBrute Elite tow bar/Blue Ox base plate

JFN

  • ---
  • Posts: 234
Re: Warning about Ransomware
« Reply #47 on: October 31, 2016, 08:52:01 PM »
Gmail in itself is probably the best email as it catches most spam and ransomware, at least I have not had any in years.

But CC are another subject, just got hit again today, it seems as though I get hit just after using a card at a merchant, this is the third time this year on 3 different cards.


PayPal, I have used for years with no problems and is preferred by me for online purchases, can't beat there over $99.00  purchase 6 months same as cash..  of course YMMV.

John & Connie Neal
2006 Dodge 2500 5.9, PacBrake
Smarty Jr Tuned
2006 KZ 29.5' Durango
MaxBrake, Brake Controller
Pressure Pro TPMS
K6JFN

John From Detroit

  • ---
  • Posts: 19639
  • ^My New Home^
    • Diabetics Forum
Re: Warning about Ransomware
« Reply #48 on: November 01, 2016, 08:57:37 AM »
I've had Ransom Ware buy ads on ad supported web sites.. Thankfully it was first level Ransom ware and there was an easy way to get rid of it which I know and follow (OFF/ON, ignore it, whatever you do DO NOT CLICK a link,, Force power off and then restart, you will get an error message on restart,, Just let it boot (Takes longer than normal as it clears the error code) but not a problem.

Higher levels of Ransom ware that won't work I'm told but I've never proven it.. Got to go turn off an alarm (Clock type) now.

There alarm silenced:  My daughter once handed me a computer "If you can get it working it's yours". Her hubby, who is military trained in this kind of thing, took 2 hours to get just one file off her infected comptuer... Within Minutes I'd figured out what the virus had done, Told the computer to heal itself,  within a half hour I had a CD with all her photos on it and had eliminated the virus from the machine.. What can I say.. I used a couple of "Cryptic Dos Commands' I remembered from my 8088 days.
Nothing adds excitement like something that is none of your business
My Home is where I park it.

TonyDtorch

  • ---
  • Posts: 2022
Re: Warning about Ransomware
« Reply #49 on: November 01, 2016, 09:15:11 AM »
I've gotten that Ransonware attack 2 or 3 times now where it say it now owns everything on my computer and it won't let you do anything...

all I ever do is a hard shutdown and when my pc reboots my free Avast antivirus eliminates it......easy peasey . 

yes, I'll  defrag it later and always do Windows updates )
« Last Edit: November 01, 2016, 11:28:09 AM by TonyDtorch »

Irover

  • ---
  • Posts: 359
Re: Warning about Ransomware
« Reply #50 on: November 01, 2016, 09:25:30 AM »
I use MalwareBytes AntiRansomware and AntiExploit!  :D No problems even on WIFI!
Don't ever give up!! keep pushing toward the goal!!!
USAEUR; 1st Armored Div., E Co.123rd Maintenance Btln. 71-74

garyb1st

  • ---
  • Posts: 2087
Re: Warning about Ransomware
« Reply #51 on: November 01, 2016, 10:13:09 AM »
Gary - Sorry it took me so long to answer your question, I did not see it until today.

Google monitors web sites and if you try to go to a site that dishes out malware Chrome will give you a large warning before you enter the site. Chromebooks cannot run an executable file so there is no way for a virus to ever inhabit a Chromebook. They don't even make anti-virus for Chromebooks because it would be redundant. Gmail has a built in anti-virus if you use it on any other platform besides a Chromebook.
Thanks Tom,  I get similar messages from my Mac.  Haven't checked into it and don't have any virus software on it but so far over 8 years have not had problems.  So it's possible Mac has a program similar to Chrome.  If we upgrade the laptop, we will definitely consider a Chromebook.  Gmail also also might be a better service.  I've used Yahoo Mail for years but more and more, I find their service lacking. 

Gary
Gary B1st

2005 Pace Arrow 35G
2016 Jeep Wrangler

Bill N

  • ---
  • Posts: 1510
Re: Warning about Ransomware
« Reply #52 on: November 01, 2016, 07:38:58 PM »
Thanks Bill for posting about the FedEx ransomware scam.  The post is a few months old but I just read it today.  In the last week, I have received 3 of those phony FedEx emails.  In each case the sender address is a red light to not open it plus we have no packages coming in anyway. But now I know what happens if I accidentally open one of those scams.  Makes me more alert.  Thanks again.

Bill
Bill & Joan N in Missouri
USAF (Ret)
2002 Winnebago Adventurer 35U
Workhorse W22, 8.1L Chevy V8
2013 Chevy Sonic Toad
Furbearers:  Heidi-17(Forever), Grace-10 & Squeak-4, Winnie - 5 months

SeilerBird

  • ---
  • Posts: 10704
  • Everything I state is my opinion.
Re: Warning about Ransomware
« Reply #53 on: November 01, 2016, 07:46:51 PM »
Bill - I don't think you can get hurt merely opening an email, I think you have to download something from it. There used to be a problem with scripts running if you just opened an email but I believe they have been eliminated. However that is why I love my Chromebook. Gmail protects me and the Chromebook protects me. I never worry about viruses or malware.
I would like to apologize to anyone I have not yet offended. Please be patient and I will get to you shortly.
Life list of birds:
https://goo.gl/photos/xuP9zPD2KP2swN1g8
Grand Canyon photos:
https://photos.app.goo.gl/Nc1AT8tQp25wJwfm1
My portfolio:
https://goo.gl/photos/Cx4SaYhGfYFShSty7

taoshum

  • ---
  • Posts: 2537
Re: Warning about Ransomware
« Reply #54 on: November 01, 2016, 09:43:04 PM »
Never had to do this but our computer guy says to shut 'er down immediately and call him... so I ask, what if you're not available?  LOL... He said, try to start it up again but hit the keys to edit the bios and set it to boot from a CD or USB port where you have stored an "emergency boot file".  Once there, you can restore the files from your backup drive; restore the computer to a time prior to the infection; and, run a malware/AV program to clean the files on the normal drive. 

Hope I never have to do though.  I do the monthly backups to a set of external HDD's that we keep in a fire resistant safe though.
07 Itasca Meridian 34SH.  '08 Jeep Sahara.
Taos, NM.

Wizard46

  • ---
  • Posts: 2020
Re: Warning about Ransomware
« Reply #55 on: November 02, 2016, 08:26:28 AM »
Just last night, my wife clicked on a picture or something and i think three windows popped up on screen, she was on facebook. I don't remember all the particulars but I do remember one of the windows was saying that AVG had caught a virus that was trying to load and that I needed to call AVG at a number and they would tell my how to stop it. Well I reasoned that AVG would not do it that way so did not call. A smaller box popped up telling my that AVG had found something. When I tried to close that box with the X, it would keep coming back.

I thought for a minute and did a c/a/d. Brought up file manager, deleted the file that was running and it closed it. I immediately ran Malewarebytes and it found about 60 hits. Cleared them all and everything seems to be OK. Time will tell. I was due a backup yesterday but didn't do it, thankfully. Now I think I will wait a few days for the backup. On second thought I will Probably buy new memory sticks for this backup and keep the old ones pure. That way I will only loose a month.

Wish I had taken the time to write down all the particulars so it may have helped someone else but I guess i went into panic mode.
Jerry & Patsy Potter, Taz & Jake Jr.
2000 Winnebago Journey
2006 Ford Explorer 4X4
Home: Milledgeville Ga.

Bill N

  • ---
  • Posts: 1510
Re: Warning about Ransomware
« Reply #56 on: November 02, 2016, 07:17:28 PM »
Bill - I don't think you can get hurt merely opening an email, I think you have to download something from it. There used to be a problem with scripts running if you just opened an email but I believe they have been eliminated. However that is why I love my Chromebook. Gmail protects me and the Chromebook protects me. I never worry about viruses or malware.

I opened the email but did not open the link in the email.
Bill & Joan N in Missouri
USAF (Ret)
2002 Winnebago Adventurer 35U
Workhorse W22, 8.1L Chevy V8
2013 Chevy Sonic Toad
Furbearers:  Heidi-17(Forever), Grace-10 & Squeak-4, Winnie - 5 months

Stephen S.

  • ---
  • Posts: 958
  • Marshmallows and Irish Cream. Mmmm.
Re: Warning about Ransomware
« Reply #57 on: November 04, 2016, 03:50:37 PM »
I get a good chuckle every time a widow pops up saying that Windows Security has detected a problem with my C: drive.

I run Ubuntu Linux. Windows Security won't run on this machine, and there is no C: drive. :D

Once, the operating system popped up a message saying the browser was downloading an *.exe file. It was asking me if I wanted to save it to disk or find a program that would run it. ;)
Stephen S.
===============
'99 Winnebago Chalet
2002 VW Beetle
2007 Yamaha TW200
Home town: Mableton, GA

A Traveler

  • ---
  • Posts: 98
Re: Warning about Ransomware
« Reply #58 on: November 09, 2016, 10:02:32 PM »
I use computers every day in my business. I also do my own IT work. I learned years ago that backing up to an external hard drive is absolutely useless if the office catches fire. (Don't ask...  :( )

Now, all of my computers (9 at the office office, home, motor home and laptop) automatically back up every night to an off-site location called idrive.com. All the machines do an incremental backup every night around 2 am. The cost? $50 a year per machine.

If you set up to use idrive (or Carbonite...same thing) your FIRST backup run may take several days because you'll be uploading every file on your computer to idrive. However, after that first backup has run, subsequent backups will take only a few minutes each night. Idrive scans your computer for new and changed files and only uploads them.

I have my machines set to automatically back up every night. Those backups have saved my butt three times when hard drives failed. I replaced the failed drive, logged into idrive and download. An hour or so later, it's like it never happened.

 

Hosted by Over The Network