Just before the school year began, the Gadsden Independent School District’s files were blocked, forcing it to rebuild its email system, recover email data and repair network security.
The State Auditor’s Office says it cost the district more than $1.2 million to recover from the attack.
Gadsden Superintendent Travis Dempsey told the Las Cruces Sun-News he would refuse to pay a ransom to have the files unlocked.
State Auditor Brian Colón, who said he is increasingly concerned about the sophistication of such attacks, equates ransomware to “data terrorism.” While there is a nationwide debate over whether to pay ransoms, Colón said, “The minute you negotiate with terrorists, you’re on shaky ground.”
Ransomware viruses are often activated when someone clicks on a link or attachment.
Colón said he wants to get the word out to government officials, as well as New Mexico residents, to avoid clicking on links or attachments in emails purporting to be from higher-ups or colleagues.
In March, his office issued an alert about a payroll scam in which a bogus employee asks an office administrator to redirect a direct deposit paycheck to a different bank account. The new account actually belongs to the scammers, who then collect the real employee’s paychecks.
Here are some ways to avoid getting locked up in a ransomware scam, courtesy of the Auditor’s Office:
• Change passwords frequently and use different passwords for different purposes.
• Use pop-up blockers and close unwanted pop-ups (use Ctrl + X) instead of clicking on the box.
• Safeguard important files and back up often.
• Be wary of suspicious emails and use caution before clinking on a link or downloading attachments.
• Government agencies should not send money when faced with ransomware. Instead, they should report to local law enforcement and inform the State Auditor’s Office.
• • •
It may seem premature to talk about tax season, but it’s never premature to talk about tax season scams.
Sure enough, the Internal Revenue Service has issued a warning about unsolicited emails from IRS imposters. Subject lines say, “Automatic Income Tax Reminder” or “Electronic Tax Return Reminder,” but be aware that these kinds of scams can have a variety of subject lines.
The emails contain links that “show an IRS.gov-like website with details pretending to be about the taxpayer’s refund, electronic return or tax account,” the agency’s alert says.
The emails also offer a temporary or one-time password that supposedly will provide access so the person can submit a refund request. Instead, it’s a malicious file, the IRS says.
Such malware can allow the malicious perpetrator to get into your computer and gain control. In some cases, software is secretly downloaded that can disclose passwords to financial accounts and other sensitive information.
Contact Ellen Marks at firstname.lastname@example.org or 505-823-3842 if you are aware of what sounds like a scam. To report a scam to law enforcement, contact the New Mexico Consumer Protection Division toll-free at 844-255-9210.