I have a Mac. I thought I was safe. I wanted to see Smokey the orphaned lamb. I clicked the link in my newsreader.
The next thing I knew a horn was blaring and a woman’s voice was telling me that my computer had a virus and I needed to call a number NOW to get rid of it. My screen filled with pop-up windows. The horn kept blaring and the woman’s voice became more insistent. When I tried to close my browser, more pop-up windows appeared instead.
I handled it the best way I knew how. I screamed, “I have a Mac! I have a Mac! These things shouldn’t be happening to me!” and clicked randomly and wildly. (It is at this point I feel I should inform you that I have a degree in Information Systems.) My husband, who has a cooler head, advised me to disconnect from the Internet, close my browser, and reboot. That worked.
As it turns out, having a Mac did protect me to an extent, but I was not quite as bulletproof as I believed. I clicked on a legitimate link, but it appears that I was dealing with a browser redirect issue which can have numerous causes. I was redirected to a site that attempted to install the Tech Support Scam pop-up adware infection into my browser. If I had a PC, I would have continued to see the pop-up message over and over again until I had finally found some way to remove it. The pop-up message was trying to get me to buy a useless piece of virus removal software when it was the software itself, of course, was the actual virus. I find that particularly evil and twisted.
However, even more evil and twisted is something new we all need to be aware of and guard against, particularly if you have files that you cannot afford to lose on your computer: Ransomware.
Ransomware is also a form of malware, which does mean that you are protected to an extent if you have a Mac, but it’s disturbing enough that you should guard against it no matter what kind of computer you have. One day, you turn on your computer and find a message that all of your files have been encrypted and if you want the decryption key, you’ll need to pay a ransom, often in bitcoins. The price can be anywhere from $500 on up. There’s no way to decrypt your files; if you want your files back, you really and truly must pay. Alina Simone’s story of how her mom got hacked at the New York Times would be funny if it wasn’t heartbreaking and disturbing: her mom finally decides to pay , using the handy guide to paying in Bitcoin her criminals have provided but due to fluctuation in Bitcoin valuation her payment is not enough so her daughter tries to add money using the one Bitcoin ATM in Brooklyn, but it’s broken! It all ends happily though after her Mom pays out a shitload of money. Hooray!
So how can you protect yourself? Scooter McFlurry offers this condescending list of what not to do in the comments of an otherwise helpful NPR article:
You have to do all of these things before this could happen to you:
Don’t keep offline backups.
Don’t keep cloud backups.
Don’t run a spam filter.
Don’t run a virus checker.
Don’t look at the “from” header in your emails.
Open emails you don’t expect from weird addresses you don’t recognize
Don’t configure your computer to show you file extensions.
Don’t learn what the .exe file extension means.
Click on executable files attached to an email, any email, even from people you know.
Override the warnings that always show when you click on an executable from an email.
Don’t pull the plug immediately when you realize something is wrong.
No, it couldn’t happen to just anybody.
First, you don’t have to do all those things before something like that could happen to you. Second, expecting every person who uses a computer to know how to configure their computer to show the .exe extension is unrealistic and yes, they still should be allowed to use computers. So, turn that list into something that’s actually helpful, why don’t we?
Helpful Tips to Protect Your Files
- External 2TB hard drives are under $100 on Amazon and tiny now. Definitely get one and use the software included to schedule regular backups. And don’t keep it attached when you’re not using it. And really do regular backups, not just that one time when you get the hard drive.
- And yes, for real, get a Dropbox account and back up to that too, because we both know you’re not going to do the regular backups to the external hard drive. You say you will, but you won’t. You’ll just do it the first time. But if you do the external drive and the cloud, you’ll hopefully be covered. (I am, in most respects, the laxest person alive, and I actually back up to an external drive and to a dropbox account. It’s primarily my photos that I care about, but I care about them a lot.)
- If you have a PC, get a reputable virus checker and use it. I used to use AVG products and I paid for the full suite, but I’m not qualified to tell you what to get. If you have wisdom to share in this regard, please let us know in the comments. A good resource for Mac security information is The Safe Mac.
- Scooter’s tip about the “from” header in emails is a good one, but I don’t have time to go into it in this post. Just be aware that what you see in the “From” field of an email can be faked fairly easily, so if an email says from:email@example.com, it may not be. All emails have an email header, which does not display automatically, but which is harder to fake. If you get an email and it doesn’t feel right, here is some information about how to check the email header.
- Be careful about what you click on, including warnings that say “Click on me to fix your problem”, unfortunately.
- If you think bad things are happening disconnect from the Internet immediately. If you’re connected with an Ethernet cable, pull it out. If you’re connected wirelessly, and you have a PC laptop, you have a wireless switch somewhere that can easily switch off. The easiest way to find it is to google that model of your laptop plus the phrase “wireless switch”. Do that now!
- And lastly, if it happens, don’t beat yourself up if it happens to you. You’ll live. It can happen to just anybody.
- Ransomware: When Hackers Lock Your Files, To Pay Or Not To Pay?
- E-mail: Obtain the E-mail Header Message (By Client)
- The Safe Mac
- How My Mom Got Hacked