Ransomware Is Not the End


This past month we’ve covered various elements of Business Email Compromise, specifically cases where hackers utilize BEC to commit wire transfer fraud. We’ve broken down various types of scams, as well as how to identify and hopefully avoid cyber attacks aimed at your business. But what if you take all the recommended precautions and you still fall victim to a hacking scam? Don’t worry, there’s an app for that.

The type of program you download depends on the type of cyber attack. There are a wide variety of malware, including trojans, spyware, ransomware, and adware. Cyber attacks against your company will typically employ either spyware or ransomware, depending on the hacker’s goals. Wire transfer fraud scams utilizing BEC will typically use spyware, while more direct attacks aimed at halting operations will use ransomware.


Spyware is one of the most difficult forms of malware to identify, perfect for wire transfer fraud scams. As discussed in our last few articles, wire transfer fraud scams commonly involve BEC in order to pose as an employee or vendor to redirect funds to a disguised criminal bank account.

Spyware operates in the background of the computer, collecting passwords, even payment information. Hackers utilize spyware to steal their target’s email credentials, enabling them to trick other employees, vendors, or clients into wiring them money. Even if you have not fallen victim to this type of cyber attack yet, it is likely only a matter of time until you do. Here are a couple free spyware detection and removal programs we recommend you talk with your IT department about installing:

AVG Antivirus FREE – AVG offers a well-rounded free antivirus program. If you’re looking for even more coverage, they also have an advanced format available as a free trial.

Malwarebytes – This company offers a wide variety of packages, ranging from a decent free software to packages specifically built for protecting large companies.


While ransomware is typically not used in conjunction with wire fraud scams, it is very commonly used in many other forms of BEC cases. Ransomware operates by encrypting the files on your company or business computer so that you cannot access them. The only apparent route to retrieving your data is to pay the fee requested by the hackers, and even then they do not have to decrypt your information.

We recognize that despite your best efforts, you may fall victim to a ransomware attack. Common thought is that if your computer is compromised by ransomware, you have lost everything and will need to start over, but this is flagrantly untrue. While you should never try to triage ransomware yourself, there are ways to recover your information without succumbing to the hackers. The first step is to call a professional to identify any compromised computers, especially if a work computer is attacked. They will back up the compromised systems to isolate your information. From here, with the help of a professional, you can use a ransomware decryptor to attempt recovering the data. Here are a couple ransomware decryptors we recommend:

AVG Ransomware Decryption Tools – On top of their antivirus programs, they also offer various ransomware decryption tools for most of the major forms of ransomware.

Kaspersky Free Ransomware Decryptors – Just like AVG, Kaspersky offers a wide variety of ransomware decryption tools to counter common ransomware, including a good number that AVG does not cover.

While these will decrypt your data, you will also have to remove the ransomware from your devices. This can be done with the help of the antivirus programs we previously recommended.

The recommended programs will help remove malware from your devices, but will not stop the hackers attempting to attack again. If you have been the victim of an email compromise scam, call McCann Investigations at (800) 713-7670. We will provide a free consultation and outline the steps you and your response team need to take to gather and maintain the evidence you need to pursue litigation or an insurance claim. We can also explain the critical use of an licensed investigator to perform the forensic investigation and provide an objective opinion on the origination and scope of the compromise scam.

Contact Dorothy Filippov, Certified Fraud Examiner, at McCann Cyber: (346) 400-6554.


Leave a Reply

Your email address will not be published. Required fields are marked *