Imagine you’re working away on your PC and see a Windows update prompt. Instead of ignoring it, you take action. But when you install what you think is a legitimate update, you’re infected with ransomware.Cybercriminals are constantly devising new ways to infiltrate systems. They encrypt valuable data, leaving victims with difficult choices. One such variant that has emerged recently is the “Big Head” ransomware
The Big Head Ransomeware Deception
Big Head ransomware presents victims with a convincing and fake Windows update alert. Attackers design this fake alert to trick users. They think that their computer is undergoing a legitimate Windows update. The message may appear in a pop-up window or as a notification. The deception goes even further. The ransomware uses a forged Microsoft digital signature. The attack fools the victim into thinking it’s a legitimate Windows update. They then unknowingly download and execute the ransomware onto their system. From there, the ransomware proceeds to encrypt the victim’s files. Victims see a message demanding a ransom payment in exchange for the decryption key.
Here are some strategies to safeguard yourself from ransomware attachs like Big Head:
Keep Software and Systems Updated
Big Head ransomware leverages the appearance of Windows updates. One way to be sure you’re installing a real update is to automate. Luckily for SouthEast IT customers under Priority or Partner support agreements we manage all Windows updates on a weekly basis for you. If you would like this for your business contact SouthEast IT today.
Genuine Windows updates will come directly from Microsoft’s official website or through your IT service provider or Windows Update settings. Make sure you are not being directed to a 3rd party website or requested to download the update yourself and run it. If you are a customer of SouthEast IT you can contact the Helpdesk and ask us to verify the update on your behalf.
Backup Your Data
Regularly back up your important files. Use an external storage device or a secure cloud backup service. Backups of your data can allow you to restore your files without paying a ransom. SouthEast IT do offer a regular cloud based backup option for your desktop and Microsoft 365 account.
Use Robust Security Software
Install reputable EndPoint Detect and Respond (EDR) software, such as SentinalOne that SouthEast IT recommends, on your computer to scan for any threats even if they are registered as a know virus or not.
Educate yourself and Others
Stay informed about the latest ransomware threats and tactics. Educate yourself and your colleagues about this threat and make sure they do not execute the link. SouthEast IT do offer Security Awareness Training options to train your busienss to identify and prevent staff accidently clicking on links that might have malicious code in them.
Use Email Security Measures
Put in place robust email security measures. Be cautious about opening email attachments or clicking on links. Again SouthEast IT do offer ProofPoint Email security that will scan all of your businesses incoming emails and filter out malicious emails into a quarentine.
Enable Firewall and Network Security
Activate your computer’s firewall. Use network security solutions to prevent unauthorized access to your network and devices. Also SouthEast IT’s EDR software has a firewall security product builtin to protect against these types of threats.
Exercise caution when encountering pop-up alerts especially those that ask you to download or install software. Verify the legitimacy of such alerts before taking any action. Some malicious code is know to show pop-ups that look exactly like the microsoft alerts and can be very deceptive.
Keep An Eye on Your System
Keep an eye on your computer’s performance via the task manager and see if there are any mistery processes taking up RAM and CPU. If you notice anything suspicious, investigate immediately and close any rogue processes that you are unsure about.
Have a Response Plan
In the unfortunate event of a ransomware attack, have a response plan in place. Know how to disconnect from the network. Report the incident to your IT department or a cybersecurity professional. Avoid paying the ransom if possible. SouthEast IT EDR solution will automatically disconnected an infected machine from the network and notify the admin and all remote remediation if required without infecting the rest of the network.
If you are unsure about any of the areas above please contact one of the friendly technicians at SouthEast IT for further information.
SouthEast IT helped us with technical support on short notice for a really important project! They provided reassurance, fast communication and delivered our data back within days. Highly recommend!
I was put in charge of a project for the Family Law firm I work for, CFLS, to migrate our emails to Microsoft 365. I dealt with Darcy mostly and the other team at SouthEast IT. I was very impressed with the email migration, it went off pretty much with zero issues, and was quick and easy for us. Also they were always happy to help any of us with any issues that we had that other IT firms would have charged for. Also the quote was very competitive and Darcy and his team didn't want to put us on a contract where we paid monthly for IT services, like all the other companies I contacted about the email migration. Darcy and his team understood all of our business needs very intuitively, and were a pleasure to work with. I highly recommend SouthEast IT and we will certainly be using them for any IT issues in the future. Great job done!
This place has to be the friendliest MSP around. Everyone is in a perpetual state of happiness, knowing that they have helped their customers to the best of their ability. Very knowledgeable and efficient service and support. I would highly recommend them.
Fantastic and responsive service, would recommend to all. Jackson is always considerate, thoughtful and knowledgeable, especially in times of crisis.
Excellent customer service for all IT needs. I've been blown away with the support given by SouthEastIT as I needed help with my laptop not booting properly. One call and I was able to take it to their office and have it fixed like new by the end of the day! Would highly recommend.
Recently had Rob come around to set up our new internet service.He was incredibly helpful and problem solved a few issues quickly without fuss.Great work from the South East IT Team
When our emails crashed on a Friday it was pretty stressful considering we had just terminated a support plan with our previous IT companyI contacted the company who had been handling our IT through the day but no luck...When it got to 5:30pm I thought I would try someone locally and gave South East IT a call, what a great decision that turned out to be! Within 10 minutes of talking to Chris I knew this company was the company I wanted handling our IT Support.He was about to walk into a meeting and told me he would have someone call me asap, within 30 mins not only had they called me they had fixed the problem completely.Since then we have had them Migrate our email server to 365 and every single time I've emailed or called Craig for support no matter how big or small the query he has been fantastic. He always returns calls and emails in a timely, polite and professional manner and goes above and beyond to make sure the customer is happy.I would highly recommend this company
Great place to have all your IT work done. I have been working with SouthEast IT sometime now. They are great to work with and are prompt at responding to my requests. They certainly know what they are doing when it comes to all things IT, including stuff like business emails, Cloud work, office 365, networking, file-sharing, and even MYOB services, etc... If you're in the Melbourne area and need these types of services for your business, then I'd give them a call. Thanks.