ELEVATE YOUR HIPAA COMPLIANCE: Explore Our Enhanced Toolkit Today
Access Toolkit
Purchase Toolkit
Back to Blog

Beware of images posted in Facebook Messenger

Don’t automatically click on images in Facebook Messenger. Doing so could unleash a devastating ransomware attack on your organization. Locky has increasingly targeted healthcare organizations in recent months, typically via fake email phishing scams. Earlier this week, a warning was released that it is now being deployed through Facebook Messenger.

One of the most virulent strains of ransomware, Locky can spread through local network shares, file servers and removable drives, locking all sensitive files in its path. Victims are forced to pay a ransom or restore from a backup to recover their files. On that note, Privaplan consultant Ron Bebus recommends that you always make sure that you have backups on an independent system that can’t be corrupted by ransomware.

The potential of attacks through Facebook Messenger was first discovered on November 20 by malware researcher Bart Blaze, and confirmed by Peter Kruse, another researcher that specializes in internet-based crime and malware.

According to several reports, the attack is launched through a Scalable Vector Graphic (SVG) image file that directs to a website that looks like YouTube, but it’s hosted on a completely different URL. This fake site then prompts the victim to install a Chrome extension that is actually a malware downloader called Necumod, which would be used to download the Locky ransomware.

In response, Facebook has confirmed that there are Nemucod infections spreading through Facebook Messenger, although they are not massively spreading Locky as initially reported. Even so, opening an image could still wreak havoc of varying degrees within your organization.

It’s a good time to remind your colleagues to never download attachments from unknown people, or open attachments that look like an image but contain an unusual filename extension. This goes for emails and, even more so today, with social media platforms such as Facebook and LinkedIn because cyber-criminals are constantly looking for new ways to perform their wicked work.

Want to know more about protecting your data? Let PrivaPlan help. For more information or other services PrivaPlan provides, contact our HIPAA experts at info@privaplan.com or call 877-218-7707.

Related Posts

Recent Posts

Categories
Tags
AI Articles artificial intelligence Blog board Breach business associate CISO cyber risk cybersecurity cybersecurity awareness training electronic medical records email breach executive order Federal HIPAA Changes Final Rule health care health privacy HIPAA hipaa compliance HIPAA Training Meaningful Use Medicare multi-factor authentication OCR ONC passwords PHI phishing Policies & Procedures policies and procedures Privacy Quotes Ransomware Security Security Risk Analysis security training Service Technology Testimonials toolkit Training Materials two-step authentication website analytics website trackers

Get Started Today

Email us at info@privaplan.com or submit the form below:

Sign Up for Updates

Contact PrivaPlan

Telephone Sales & Support
505-466-1432  or
Toll Free: 1-877-218-7707
Fax: 505-466-3942

E-Mail Sales & Support
Customer Support: support@PrivaPlan.com
Sales: orders@PrivaPlan.com

Mailing Address:
PrivaPlan
5 Caliente Rd, Ste 3,
Santa Fe, NM 87508

© 2024 PrivaPlan Associates, Inc, all rights reserved.

FOLLOW US

Linkedin Envelope

Access PrivaPlan Toolkit

Click here to access

Access CMA-PrivaPlan Toolkit

Click here to access

Sign up for updates

  • Be Proactive In Compliance

Sign up. Learn about Compliance

Subscribe now for up-to-date information about privacy & security compliance! You’ll receive emails regarding news about compliance & alerts for new blog posts.