Get us to call you

Fill in your details below to receive a call back quickly.

Business IT Support

Book Your IT Audit

Fill in your details below to receive a call back quickly.

IT Audit Popup form

Get us to call you

Fill in your details below to receive a call back quickly.

Book Now Popup Form

Receive our Newsletter for Top Tips
on Getting the Most Out of Your IT

Watch Out for Ransomware Pretending To Be A Windows Update!

Imagine you’re working away on your PC and see a Windows update prompt. Instead of ignoring it, you take action. But when you install what you think is a legitimate update, you’re infected with ransomware.Cybercriminals are constantly devising new ways to infiltrate systems. They encrypt valuable data, leaving victims with difficult choices. One such variant that has emerged recently is the “Big Head” ransomware
Big Head Ransomware

The Big Head Ransomeware Deception

Big Head ransomware presents victims with a convincing and fake Windows update alert. Attackers design this fake alert to trick users. They think that their computer is undergoing a legitimate Windows update. The message may appear in a pop-up window or as a notification. The deception goes even further. The ransomware uses a forged Microsoft digital signature. The attack fools the victim into thinking it’s a legitimate Windows update. They then unknowingly download and execute the ransomware onto their system. From there, the ransomware proceeds to encrypt the victim’s files. Victims see a message demanding a ransom payment in exchange for the decryption key.

Here are some strategies to safeguard yourself from ransomware attachs like Big Head:

Keep Software and Systems Updated

Big Head ransomware leverages the appearance of Windows updates. One way to be sure you’re installing a real update is to automate. Luckily for SouthEast IT customers under Priority or Partner support agreements we manage all Windows updates on a weekly basis for you. If you would like this for your business contact SouthEast IT today.

Verify the Authenticity of Update

Genuine Windows updates will come directly from Microsoft’s official website or through your IT service provider or Windows Update settings. Make sure you are not being directed to a 3rd party website or requested to download the update yourself and run it. If you are a customer of SouthEast IT you can contact the Helpdesk and ask us to verify the update on your behalf.

Backup Your Data

Regularly back up your important files. Use an external storage device or a secure cloud backup service. Backups of your data can allow you to restore your files without paying a ransom. SouthEast IT do offer a regular cloud based backup option for your desktop and Microsoft 365 account.

Use Robust Security Software

Install reputable EndPoint Detect and Respond (EDR) software, such as SentinalOne that SouthEast IT recommends, on your computer to scan for any threats even if they are registered as a know virus or not.

Educate yourself and Others

Stay informed about the latest ransomware threats and tactics. Educate yourself and your colleagues about this threat and make sure they do not execute the link. SouthEast IT do offer Security Awareness Training options to train your busienss to identify and prevent staff accidently clicking on links that might have malicious code in them.

Use Email Security Measures

Put in place robust email security measures. Be cautious about opening email attachments or clicking on links. Again SouthEast IT do offer ProofPoint Email security that will scan all of your businesses incoming emails and filter out malicious emails into a quarentine.

Enable Firewall and Network Security

Activate your computer’s firewall. Use network security solutions to prevent unauthorized access to your network and devices. Also SouthEast IT’s EDR software has a firewall security product builtin to protect against these types of threats.

Be Wary of Pop-Up Alerts

Exercise caution when encountering pop-up alerts especially those that ask you to download or install software. Verify the legitimacy of such alerts before taking any action. Some malicious code is know to show pop-ups that look exactly like the microsoft alerts and can be very deceptive.

Keep An Eye on Your System

Keep an eye on your computer’s performance via the task manager and see if there are any mistery processes taking up RAM and CPU. If you notice anything suspicious, investigate immediately and close any rogue processes that you are unsure about.

Have a Response Plan

In the unfortunate event of a ransomware attack, have a response plan in place. Know how to disconnect from the network. Report the incident to your IT department or a cybersecurity professional. Avoid paying the ransom if possible.
SouthEast IT EDR solution will automatically disconnected an infected machine from the network and notify the admin and all remote remediation if required without infecting the rest of the network.

If you are unsure about any of the areas above please contact one of the friendly technicians at SouthEast IT for further information.
Google Rating
Based on 22 reviews
Google Rating
Based on 22 reviews