Accessibility Links

Accessibility Links

Infosec
English 繁體版 简体版

Navigation Menu 1

General UsersYoungsters & StudentsParents and TeachersIT ProfessionalsSME
FAQ Search :
Change text size: Text Size: Default Size (A) Text Size: Larger (A) Text Size: Largest (A)
general user youngsters and students parents and teachers IT professionals sme

Navigation Menu 2

 

Types of Virus & Malicious Code and Protective Measures 

 
 

Scareware

Scareware, or sometimes called rogueware, comprises several classes of ransomware or scam software with malicious payloads. While pretending as legitimate anti-virus software or the likes, scareware is in fact dummy software without functions, or sometimes even a malicious software which may, for example, steal the victim's personal information and credentials such as passwords or credit card details. Ransomware makes your computer files inaccessible. The victim is then requested to pay a fee ("ransom") to regain access to their files.

Scareware usually entices victims by convincing them that a virus has infected their computer, then suggesting that they download (and pay for) an anti-virus software to remove it. Very often, the virus is entirely fictional, and the software installed is the scareware itself. In additional to the loss of money paid for the scareware, the personal details and credit card information provided by the victim during the purchase of the scareware can be used by criminals in further fraud or sold on black market forums.

Ransomware is a twisted form of scareware. One of common tactics is that the malware attacks victims through phishing emails with a malicious attachment. Once infected, the malware makers of ransomware can "kidnap" user’s computer and hold it to ransom by, for example, stopping the computer working, encrypting key system files or locking up some of the personal information. The victim needs to pay ransom to free their machines and get their files back.

Protection against scareware and ransomware would require the common best practices against malware, in particular, users must be cautious and exercise their common sense, and use of legitimate security software is of particular importance. Some best practices for protection against scareware, ransomware, as well as other virus and malicious code attacks are:

  • Backup important data frequently and keep the backup data disconnected from the computer

  • Refrain from visiting suspicious websites or downloading any files from them

  • Do not open any suspicious emails or instant messages, as well as the attachments and hyperlinks inside

  • Check and keep your anti-malware program and signatures are up-to-date

  • Install the latest patches for software in use

  • Disable macros for Microsoft Word, Excel and other office applications by default

  • Enable security features of the system and browser

  • Install software and mobile apps from trusted sources, do not install those apps if suspicious permission rights are required

  • For business operations with a higher risk of exposure to malware infection such as customer enquiry emails handling, a dedicated computer with no shared drives and restricted network connectivity to internal network should be used to minimise the impact of infection and the handling staff should keep alert of possible infection.

  • Seek advice from the Hong Kong Computer Emergency Response Team Coordination Centre if there is any doubt how to react to suspicious activities.

In case a computer device is infected, users should consider to take immediate actions to:

  • Disconnect the network cable of the computer to avoid affecting network drives and other computers

  • Power off the computer to stop the ransomware encrypting more files

  • Jot down what have been accessed (such as programs, files, emails and websites) before discovering the issue;

  • Report to the Hong Kong Police Force the criminal offence

  • Recover the data from backup to a clean computing device

To learn more about ransomware, please visit the Cyber Security Information Portal.

 
 
     
Back back to topTop
 

Footer Menu

Sitemap | Contact Us | Privacy Policy | Important Notices
 
General Users Youngsters & Students Parents & Teachers IT Professionals SME