There are a million in-depth technical guides out there on the internet that can try and walk you through the complexities of removing particular types of infections from machines, but by and large – that’s not what most business owners are wanting to know.
FAQs
I think I’ve got a virus… What should I do?
Frequently Asked Questions
I think I’ve got a virus… What should I do?
First things first – is it a virus and, if so, how bad is it?
Well, let’s run through a couple of the common scenarios here and see where your particular problem fits into the fray.
REMEMBER:
– If in doubt, call your IT guy.
– If it’s a mission-critical machine, call your IT guy.
– If it is connected to your work network, call your IT guy.
I think you can see where we’re going with this. If you are unsure about an email attachment or link, it’s imperative you seek professional advice before opening any attachments, as suspicious attachments and “Click this link” buttons in emails are the primary way that cyber criminals will infect your machine.
Let’s take a look at the most common situations you might face.
THE ANNOYING
Random Popups & Ads, Strange Alerts, Lots of Warnings and just sloooow everything.
TECHNICAL TERM
Malware, Junkware, Adware, Spyware… Lots of negative sounding words ending in ‘ware’.
SYSTEM THREAT
Medium
FINANCIAL THREAT
Medium
ANNOYANCE
Medium
WHY DO THEY DO IT?
To make money, by either showing you ads or getting you to buy upgrades to their fake programs. If it is spyware, it may also include keyloggers which make money by stealing your banking details and clearing out your accounts (see “The Sneaky”).
THINK OF IT AS…
“Pay me to stop annoying you” virus.
HOW TO FIX OR AVOID IT
Step 1: Don’t install stuff with really dodgy sounding names.
- Found a download for “Ultimate YouTube Ripper & Free Music Downloader 2019 Pro”? Yeah, that’s probably a virus.
Step 2: Ask your IT guy to do a system clean-up.
- It’ll probably take an hour or two and the difference in your system performance will be night and day.
Alternatively… If you want to try your hand at this yourself, here are a few tools that might come in handy. Each of these tools are free, though the first two have paid upgrade options.
Active Scanners (Programs you install) – pick one:
Scan when you’ve got a problem (Use all of them. Yep, all of them):
Get a decent (paid) antivirus.
- There are plenty of free ones out there (Windows 10 actually comes with a pretty good one), but the paid ones are generally better. We recommend Webroot SecureAnywhere or ESET Antivirus.
- You can download a trial of ESET from their website: link
- If you want to organise a license for you/your business, give us a call and we’ll organise one for you.
- We like Webroot and ESET because they’re fast, don’t slow your machine down a bunch, and both generally just ‘stays out of the way and does its job’ without making a fuss about everything.
THE SNEAKY
Fake links or online forms, identity theft, and hacking the human.
TECHNICAL TERM
Phishing attack, Social Engineering, Fraud.
SYSTEM THREAT
Medium
(they’re not normally going for your computer. They are, however, going for your email server.)
FINANCIAL THREAT
High
ANNOYANCE
Low
(unless you fall for their con, then very annoying to clean up.)
WHY DO THEY DO IT?
To make money by stealing your banking details when you enter them into a fake bank website, by impersonating you over email and telling your clients you have ‘new bank details’, by stealing your email password when you enter your mailbox password into that fake Microsoft link, and to steal just about anything else they can think of by convincing you to give them your details.
THINK OF IT AS…
Automation means even Nigerian scammers are out of work now…
HOW TO FIX OR AVOID IT
Step 1: Assume that no billion-dollar company will email you about ‘this thing they found that they want to help you with’. An easy question to keep in mind is “why would they actually email me this – and how would they really know, anyway?”
- Australia Post sending you an email about a parcel you weren’t expecting, but they need you to open a zip file or click on a link? Delete it.
- Microsoft warning you that you need to log into a website to keep your email account active? Unlikely.
- Some random you’ve never heard of sending you an invoice? Nah, mate.
- A client or supplier emailing you that they’ve just got new bank details? It’s probably fake. Call to confirm.
- A colleague or family member sending an email asking for a large transfer to a specific account? Call them first, and tell them to call their IT guy (because they’ve probably been hacked).
Step 2: Check the ‘from’ address and ‘mouse over’ the links.
- If you hover your mouse over a link in an email, a little box will pop up that says where the link goes. If you hover over a link that says http://www.microsoft.com and the little box reads http://something.not-actually-microsoft.info/something-weird-like-this.php then it’s probably fake.
Step 3: If in doubt, don’t click it! Confirm with the person who reportedly sent the email (but be sure to do so via PHONE and not email). Or, alternatively, ask your IT guy.
- Did we mention asking an IT guy? Pretty much any IT guy worth his salt will answer this for free over email. Just forward it to your IT guy with the subject “Is this legit?” and ask them to tell you if the email is safe.
Step 4: If you clicked a fake link, if you opened a dodgy attachment, if you filled your details into something you realised afterwards is fraudulent, then you will need to make a few calls.
- Call your bank or email admin or whoever’s service it was that you just gave away your login details for. They will need to change your credit cards, update passwords, and do whatever else is needed to make that information not valid anymore.
- Call your IT guy &/or scan your machine with the tools mentioned in the section above.
THE DESTRUCTIVE
Dodgy attachments and the potential end of your business if you’re not careful.
TECHNICAL TERM
Ransomware, cryptoware, cryptolockers, one of life’s big “oh dear” moments
SYSTEM THREAT
Apocalyptic
FINANCIAL THREAT
Also Apocalyptic
ANNOYANCE
Gigantic Pain for Everyone Involved
WHY DO THEY DO IT?
To make money by literally holding all of your data (and potentially your business) hostage until you pay. Then potentially forever if/when they don’t unlock it for you anyway.
THINK OF IT AS…
Kidnapping gone digital.
HOW TO FIX OR AVOID IT
Step 1: Have a good antivirus, regular backups, good awareness of what fake/dodgy attachments or links look like, and a general skepticism of everything that arrives in your inbox.
- These things are brutal. The best way to fix it is to avoid it in the first place. These viruses are frightening to even the most seasoned IT guy because of how simple they are to make, how quick they are to spread, and how incredibly destructive they can be.
Step 2: Backups. Multiple backups.
- You specifically need a copy of your data that is not attached to your computer… or the virus will attack and encrypt/destroy that too.
Step 3: Cyber Insurance. It’s a necessity.
- This is where Insuring theProduct teams up with Supporting theProduct. The ransoms these attackers ask for ranges from a few hundred to tens of thousands of dollars. The cost of repairing this issue can also be that amount and if you don’t have proper backups, the data may be gone forever*.
- *Technically, when I say “forever”, I mean “until the data can be decrypted”, but as it can take literally thousands of years based on current computing power to decrypt 2048 or 4096-bit encryption, for all intents and purposes, it’s gone forever.
Step 4: If you think you’ve just run a ransomware virus, act quickly and do the following:
- Disconnect your computer from the network (unplug the network cable, turn off wifi, flick off the router if you need to) and unplug any external drives or backups. It may have already spread, but hopefully not.
- Do not connect your machine to the network, internet, or backup drives until your machine is unquestionably 100% clean.
- If it literally just happened (as in “click, #InstantRegret”) and you haven’t yet received a ransom note on your screen, turn off your computer immediately (push and hold the power button) to stop it encrypting further files.
- If you’ve received a ransom note on your machine (meaning it’s probably already finished encrypting everything), take a photo of it on your phone, then shut down your computer.
Step 5: Call your IT guy.
- There are guides out there on how you might be able to beat it. You might be able to remove the infection. You might be lucky enough that the particular ransomware you got was one that someone managed to track down an unlock key for. Sadly, this is very unlikely.
- Unless this happens to be a home machine where the data means literally nothing to you and you’ve got nothing to lose, it’s imperative you call your IT guy.
- Most businesses live or die based on their data – their emails, their contacts, their client files, their intellectual property, their accounting information, their irreplaceable data. It’s best to get a professional on the case as soon as possible.
Step 6: Call your insurance broker.
- You followed step 3, right? Because now’s the perfect time to call your insurance broker. If your Insurance Broker doesn’t help you with claims, it might be worth looking for a new Insurance Broker. *cough* like Insuring theProduct *cough*
Step 7: You may actually have to pay the ransom.
- Depending on how closely you’ve followed the earlier steps, there may be no other choice than to pay the ransom.
- Speak to both your IT guy and your Insurance Broker before doing this.
- If you need to pay the ransom, it’s probably going to be in bitcoin or some other cryptocurrency, so you’ll probably need your IT guy’s help anyway.
- Depending on the specifics of the situation, it may also be worth involving the police – and they may want to be involved with tracing the payment. This is unlikely and quite uncommon, but it can happen depending on the situation.
REMEMBER: Paying the ransom does not guarantee getting your data back. We do not recommend paying the ransom. We never want to pay the ransom… but sometimes – if everything else fails, you’ve got nothing left to lose, and you need it back – well, you gotta do what you gotta do.
IN A NUTSHELL…
Wanting to never touch the internet again right now is perfectly normal…
So there you have it – the three main types of viruses and attacks you’ll probably come across, the main ways to either avoid or fix them, and enough references of “call your IT guy” that it’s probably an ear-worm at this point.
*Hops on moral soap box to talk about gender diversity for a moment*
Now, you may have noticed the specific gender reference for your IT person in this article. Mostly, this is because I’m a guy, which makes me an IT guy, which makes this my go-to term… but it’s also a heavily over-used stereotype that I often fall into myself.
However, recent reports have the percentage of women in the tech industry coming in at just 20%.
That’s just crazy. If you think so too, consider getting involved or supporting some of these groups:
Let’s face it: we all know that better gender equality improves industries and business alike.
How we can help
We pride ourselves on our cost-efficient and timely repairs and maintenance, making sure your business is disrupted for the smallest possible timeframe. Our skilled technicians are whizzes at repairing:
Virus
Attacks
Data
Recovery
Laptops
and PCs
Networking
Issues
