FAQ

Do not panic. Follow the rules of conduct below.
‍

If you suspect that you have fallen victim to a cyberattack and your data is encrypted:
‍

• Inform your organization's Security / IT Department about the incident.
• Disconnect the infected computer from the Internet and disconnect from removable drives.
• Do not turn off the power.
• Do not close running applications and the system because restarting them will be impossible.
• If the applications and the system have already been closed, do not restart them. This will allow us to increase the chances of data recovery.
• Put the infected device in hibernation mode.
• Take a picture of the message or record a video of the notifications displayed on the screen.
• Format the disk in case you suspect your computer has been infected with a type of malware other than ransomware (which encrypts the disk).
• In case of a ransomware attack, keep the encrypted drive and the ransom note. A decryption tool may appear in the future.

If you suspect that you are a victim of a cyberattack and your login details have been extorted:
‍

• Change passwords to systems (social media, e-mail, etc.) through which data theft may have occurred.
• Let us know via: https://zglosincydent.pl/ or contact PREBYTES directly.

Phishing is a type of fraud where a cybercriminal impersonates another person or institution to obtain personal information (e.g., credit card details,login details) or infect a computer with malware.
‍
Phishing poses a threat to all internet users, both private individuals, and businesses. A phishing attack is dangerous to companies due to the risk of financial losses and a negative impact on their brand image. Cybercriminals use malicious messages to encourage the recipient to click on a link contained in the message. Usually, redirects to a website that is confusingly similar to the actual website of the institution such as bank, court, courier, or telecommunications company. However, the website is already prepared made by scammers. A user is convinced that the website is legit and types in login and password that hackers are actually stealing.

A common practice of hackers is sending fake-mail messages that encourage recipients to download malicious files added as attachments. Cybercriminals can also proliferate spyware, keyloggers (malware that records keystrokes), or Trojan (malware) by using fake messages.

Phishing attacks are the subject of over 50% of all security incidents in Poland.

The consequences of a successful phishing attack are:
‍

• Identity theft.
• Loss of savings.
• Leakage of internal company documentation.
• Loss of control over the computer or the entire IT system.
• Loss of customer trust.
• Loss of company reputation.
• Financial losses related to incident handling.
• The necessity to implement preventive solutions for threats.

Malware is malicious software designed to infect a device, computer networks, and corporate networks. There are many types of malware, including viruses, adware, scareware, worms, ransomware, trojans, rootkit, fileless malware, spyware, keyloggers, cryptojacking or even camjacking.
‍
Malware usually reaches devices via e-mail or the Internet (hacked websites, demo versions of programs, games, or other files downloaded to a device with insufficient security. All users are at risk of attacking malware. However, entities with essential files and public or private systems are particularly vulnerable to hacking (government agencies, healthcare institutions, HR departments, manufacturing companies, etc.).

The damage caused by malware attack can be as follows:
‍

• Blocking access to a computer system or encrypting files stored in it (ransomware).
• Stealing data from a computer or deleting it (Trojan).
• Displaying unwanted advertisements (adware).
• Computer camera takeover (camjacking).
• Change or hijack device functions (rootkit).
• Spying on user activities on the device (spyware).
• Using the infected device to mine cryptocurrencies (cryptojacking).