<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1561726667408475&amp;ev=PageView&amp;noscript=1">

Our Blog

Ransomware: Don't let your business - or your team members - fall for this.

William Palfrey
August 19, 2019, Post a comment

How many clicks does it take to lose access to your Office 365 emails?

Oh, and no, this isn’t the opening line of a joke. I wish it was.

The sobering answer? Just 4.

These days a lot of businesses have moved over to cloud services like Office 365, Exchange Online and so on. The trouble is, our malicious counterparts – and their ransomware techniques have too.

Office Solutions IT - Infected Cloud Sync

What is ransomware?

If you’re unfamiliar with ransomware, it's a type of malicious software.

It typically infiltrates your computer via a phishing (AKA deceitful) email that’s been carefully designed to trick your team members into clicking on what they think is a legitimate link or attachment. Only to discover - when it’s too late - that it’s not.

Oh, and when ransomware worms its way in, it takes ownership of your computer – and your data - by encrypting your documents and all of the files that you have access to, like your corporate network drives, OneDrive folders and so on.

RansomCloud- Dont let your business - or your team members - fall for this-13

Ransomware leaves your encrypted data inaccessible unless you either:

In short, it’s a nasty bit of software. And sadly, deviant IT geeks have adapted their techniques to target your Office 365 accounts, which you can no doubt expect to see testing your inboxes – and your team members - in the near future.

Ransom Cloud example

Take a look at this video (or sequence of screenshots) below that demonstrate just how easy it is for your Office 365 emails to be infected by cloud ransomware.

 

Screenshot sequence:

 

RansomCloud- Dont let your business - or your team members - fall for this

 

An email lands in your inbox

 

RansomCloud- Dont let your business - or your team members - fall for this-2

 

This one appears to be from Microsoft and their AntiSpam service.

So, let’s open it up. (Click #1)

 

RansomCloud- Dont let your business - or your team members - fall for this-3

 

A quick look seems to suggest that this is a legitimate email from Microsoft.

And upon reading, they’re just letting you know that they are updating their Antispam service that you can enable by clicking the link.

Sounds good. After all, no one likes spam. So, lets click the link to enable the update. (click #2)

 

RansomCloud- Dont let your business - or your team members - fall for this-4

 

It prompts you to log in to your Microsoft account, which you do. (click #3)

 

RansomCloud- Dont let your business - or your team members - fall for this-5

 

and accept a bunch of permissions to access your email. Which makes sense right? After all, an AntiSpam service needs access to your email so it can filter your email. So, let’s grant permission (click #4).

 

RansomCloud- Dont let your business - or your team members - fall for this-6

 

You’re redirected to your inbox – and presumably your AntiSpam update has been enabled.

All seems well. Your emails are there.

That is, until they’re not…

 

RansomCloud- Dont let your business - or your team members - fall for this-9

 

Within a few seconds, your entire mailbox is encrypted because you mistakenly just handed access to your Office 365 mailbox over the to the bad guys – or girls.

And sure enough, your soon prompted to pay the ransom to decrypt your emails and restore access.

 

RansomCloud- Dont let your business - or your team members - fall for this-10

 

This is prime example of what can happen if you don’t stop, look and think before you open a suspicious email that could have disastrous consequences for your business.

 

But all is not lost.

Well, actually, it might be if you’re relying on the limited file restoration features that Office 365 provides.

 

RansomCloud- Dont let your business - or your team members - fall for this-11

 

But if you’ve got a dedicated Office 365 backup in place, you’ll be able to recover your emails, files or folders and get back up and running - fast. Just like this:

 

RansomCloud- Dont let your business - or your team members - fall for this-12

 

Restore your data with Office 365 Backup

There’s a common misconception that using Office 365 means your files are fully protected against data loss. The truth is, they’re not.

While Office 365 does offer limited file restoration features that are useful to fix minor user errors, these basic features should not be confused for a comprehensive backup of your data.

Using a third-party application to back up your Microsoft Office 365 accounts is highly recommended. And not just by us. Microsoft says so too, right inside your Office 365 service level agreement (section 6.b):

Screen Shot 2019-08-16 at 2.42.33 pm

 

Do you know if your business is using a third-party to back up your Office 365 data?

RansomCloud- Dont let your business - or your team members - fall for this-14

If you’re not sure, getting the business reliability and peace of mind that comes with a fully backed up copy of your Office 365 data is a quick and simple process. And it starts with a conversation with your IT support. So, give them – or us – a call and ask the question. Oh, and while you’re at it here’s 6 more you should be asking them too, before it’s too late.

If you enjoyed reading this article, please share it with your community

Turn that IT frown upside down

IT isn’t supposed to distract you from the important stuff. It’s supposed to enable you to do more of it, more efficiently. And that’s our sole purpose at Office Solutions IT – delivering IT support services that take care of the complex business of managing IT, so you can focus on your business. Get in touch and find out more.

Save-Money-on-IT---Mockup-Cover.jpg

Up your business game, not your IT spend

Your IT partner might not want you to know, but there's a host of things you can do – right now – to reduce your IT costs and headaches.

Download our eBook to discover how you can save money on IT today.