The Pharmacy Guild has issued an alert outlining ways for pharmacies to protect themselves from ransomware attacks
The Wannacry ransomware attacks hit hospitals, companies and government agencies in dozens of countries over the weekend.
“It is expected that this ransomware attack will cause significant impact on Australian computer networks very shortly,” the Guild says.
It advised proprietor pharmacists to immediately deploy the security update if this has not already been done, and to use Microsoft’s free Safety Scanner to help detect any threat.
It also offers advice on recognising a suspect email message:
- Be aware that the sender’s address does not guarantee that the message has been sent from a trusted source
“Suspect email messages may be identifiable by a suspicious sender’s address (such as an email from a Gmail account purporting to be providing you with instructions from your bank), but it is quite likely that the sender’s address may be falsified to fool the receiver into believing that the message has been sent to them by someone they can trust (for example, an attacker may send you an email with a falsified sender’s address to indicate that the message has been sent to you by ‘firstname.lastname@example.org’),” the Guild says.
- Be wary of alarmist language
“A suspect message may use alarmist language to encourage you to act quickly – such as by making threats of account suspension, or indicating ‘final chance’ to take up an offer.”
- Be wary of offers of financial or other rewards
Suspect messages may offer rewards for completing surveys or providing personal or corporate information, or for assisting foreign people to make financial transactions (such as the now infamous “Nigerian Prince” scams).
- Be wary of emails asking you to click on links to perform actions such as updating your details or submitting personal information.
“Links may often not be to the actual website they purport to direct to,” warns the Guild. “Furthermore, links may direct to websites that have been designed to look like websites of trusted organisations, such as well-known banks, charities, online shopping sites, or social networking sites. You can check the links in emails prior to clicking on them by holding your mouse cursor over the link. This will present a dialogue box showing the actual address of the link.”
The Guild says links may also direct computer users to sites with addresses closely matching the website of the company you are expecting to go to, such as ‘www.comonwealthbank.com.au’ instead of ‘www.commonwealthbank.com.au’.”
- Be wary of emails requesting that you to perform tasks that are out of the ordinary or circumvent normal procedure – even if the request appears to come from a person with authority.
“The sender’s address in a message can be falsified to trick the receiver into believing the message has come from someone they can trust,” the Guild says. “Attackers may conduct some research on their target to ascertain for example who their manager is (this information is often available on company websites), and then send a message purported to be from that manager, with instructions to perhaps make a financial transaction or disclose some sensitive information.”
- Be wary of emails containing attachments which you are not expecting to receive – even if they appear to be from someone you would trust.
The Guild warns that proprietors need to be particularly wary of .zip files. “The sender’s address in a message can be falsified to trick the receiver into believing the message has come from someone they can trust. Attackers may send emails with dangerous attachments. The attachment may have been emailed to you by a complete stranger (in which case be especially suspicious), but may also purport to be from someone you know. Unless you would be expecting to receive the attachment in your ordinary course of business you should treat it as suspicious.”
It warns that attackers commonly place dangerous files into .zip files, and claim that information computer users need is contained within the .zip file.
- Be wary of any email you receive if it is unclear why the email should have been sent to you
“If an email message you receive is asking you to perform a task that is not applicable to your role; is providing you with information irrelevant to your role; or is from an organisation you do not deal with, you should treat it as suspicious,” says the Guild.
“You may even go by gut instinct – if something about the message just seems wrong, you should treat the message as suspicious until you can verify its authenticity.”
The Guild also offered advice on responding to emails that users believe may be suspicious:
- Do not reply to it
- Do not click on any links within it
- Do not open any attachments within it
- Do not follow any instructions contained within it
Do move it to your ‘Junk E-mail’ folder immediately if your assessment deems it to be definitely a scam. “After about a day you should then delete it from your Junk E-mail (doing this, rather than just deleting the message outright, will have the effect of logging that message in your email provider’s SPAM filter, and reduce the likelihood of similar messages being delivered in future).”
Lastly, it advises that if users are suspicious of an email but uncertain of whether is it definitely a scam, they should contact their IT support. They should also do this if they have opened any attachments or clicked on any links contained in a suspicious email.
Also on ransomware: