Ransomware: What Bank Marketers Need to Know

The "Ransomware" of Hector

Depiction of Priam ransoming Hector’s body on an Attic kylix.

In a recent New York Times op ed, Alina Simone tells the story of getting the call that no kid wants to get: Her mom had been hacked and she needed her daughter’s help.

Her mom was targeted with a ransomware virus. This type of malware infects a computer by encrypting files so that they can no longer be accessed. Photos, PDFs, spreadsheets: All made totally inaccessible until a ransom is paid. The specific version of the virus that hit Ms. Simone is known as CryptoWall 2.0.

“CryptoWall 2.0 is the latest immunoresistant strain of a larger body of viruses known as ransomware. The virus is thought to infiltrate your computer when you click on a legitimate-looking attachment or through existing malware lurking on your hard drive, and once unleashed it instantly encrypts all your files, barring access.

[I]t appears to be technologically impossible for anyone to decrypt your files once CryptoWall 2.0 has locked them.”

But it isn’t just unassuming individuals like Ms. Simone’s mom who are being targeted.

“[T]he Sheriff’s Office of Dickson County, Tenn., recently paid a CryptoWall ransom to unlock 72,000 autopsy reports, witness statements, crime scene photographs and other documents.”

“[R]ansomware hackers have tested the market with prices as low as $100 and as high as $800,000, which the city of Detroit refused to pay in order to have its database decrypted[.]”

For both the individuals and professional organizations affected, the best defense is often a good offense. That is, unless files are backed up on separate storage drives or in the cloud, there’s no way to retrieve the locked files without paying the ransom. As such, CryptoWall attacks have proved lucrative for hackers.

“Some experts estimate that CryptoLocker hackers cleared around $30 million in 100 days in 2013. And more than a million PCs worldwide have been hit with the CryptoWall virus.”

One of the easiest ways for hackers to infect a PC is through illegitimate emails that pose as real and recognizable emails. They might download a bank’s logo (as easy as ‘Right-click, Save As’) and contact a customer at that institution with an email designed to look like a credible correspondence. What they’d also include is an attachment that, when clicked on, downloads the CryptoWall virus.

There’s no cure for CryptoWall, but bank marketers can put themselves in place to help deliver a preventative vaccine. It’s as easy as educating customers on what is and is not safe to open. Banks have the authority of their institution behind them and are seen as trustworthy sources. Their frequent contact with customers – especially on digital channels – means that they can deliver this education at a low cost and on a consistent basis.

The right education and knowledge would have prevented the situation in which Ms. Simone found herself. Her mother didn’t know the signs of malware. She didn’t know to be suspicious.

In order to combat these hackers with a strong offense, financial marketers can help to train their customers to recognize threats. As cybercrime becomes a bigger business, financial marketers should work to educate customers regarding what is and is not safe to open. By owning this responsibility, financial institutions establish a safer and more trustworthy digital marketing pipeline. They can better and more confidently communicate with customers across channels.

Learn more about how banks can help keep their customers safe