It’s an uncomfortable truth, but the number 1 cause of ransomware attacks is human error. However, that means the majority of ransomware attacks can be prevented if employees follow a few simple steps. To help keep your business safe from ransomware attacks, we’ve outlined 4 easy things your employees should start doing today if they aren’t already. 

1. Require strong passwords.  

When we say these steps are simple, we mean it. One of the first things you can do is institute a company policy that requires employees to use strong passwords. 

For strong passwords, there are two easy rules to follow. For websites and applications that recommend passwords, employees should use the recommended password and then save it in a password manager. 

For passwords they have to remember, like their computer password, we recommend using a passphrase. A passphrase is a string of words that is longer than a traditional password, easy to remember, and difficult to crack. An easy formula is to use 4 random, common words like correcthorsebatterystaple, which is easy to remember but hard to crack. 

2. Don’t download software from the internet.

Again, this is a bit of a no-brainer, but you’d be surprised how often people download software from the internet that they have not vetted. Some internet applications are designed to gather personal information which they then might sell. 

 In general, unless it comes from a trusted source (like Google or Microsoft), employees should not download any applications from the internet. Without setting up complicated configurations, it can be hard to prohibit employees from doing this. Therefore, we recommend educating employees on the policy and why they shouldn’t download applications from unknown sources. 

3. Be wary of clicking on links or downloading attachments from emails. 

Phishing is one of the most common types of scams that lead to ransomware attacks. In order to avoid this scam, employees should always err on the side of caution. In general, they should avoid clicking on links or downloading attachments from emails. 

Scammers will use links and attachments to trick employees into giving away their passwords or downloading malware onto their computers. 

Scammers have gotten very good at creating emails that imitate emails from someone you might trust. For example, a scammer might look up the name of your HR person and create an email designed to look like it came from them. 

Again, there’s no easy way to physically stop employees from clicking links or downloading attachments in emails. That’s why it’s important to educate them about the risk. 

4. Don’t share personal information on social media.

If you’re on Facebook there’s a good chance you’ve seen a post that was designed to gather your personal information. These posts are often copy-and-paste questionnaires that ask about personal information.

Photo courtesy of the Plymouth Police Department

Scammers will use this information to try and crack passwords or sell it to other scammers. We know these types of posts can be fun to read and answer, but it’s best to avoid them altogether.  

Prodatix Are Ransomware Experts

Need help protecting your company from ransomware attacks? We’re here to help. Contact us online or give us a call today for a free consultation.