Information Security

Beware of Ransomware

Cybercriminals are turning to a new form of malware in large numbers. Ransomware, like the name suggests, is a new form of “cyber extortion” wherein the data on an infected computer or network is encrypted and inaccessible to the user unless a ransom is paid to the hacker. Any and all data, files, folders, or systems that the user might depend on remain in the computer or device, but are completely unusable.

Ransomware is often delivered to users through phishing attempts as fraudulent emails. But ransomware can come from other sources as well, such as pop-up ads and other online advertisements. As with other cybersecurity threats, users should:

n Be cautious when you receive communications claiming to be from “trusted entities.”

n Never respond to any spam-type emails.

n Never send your personal information via email — legitimate businesses will not ask users to send their sensitive personal information through email.

n Never input your information in a pop-up internet browser window.

n Never click on hyperlinks from unknown or untrusted sources.

n Never install software or purported updates from unknown sites.

n Regularly run antivirus and antimalware software to detect ransomware payloads.

n Back up data regularly and often so that multiple “restore points” are available if the worst were to happen.

Recognize the Signs of Ransomware Infection

Ransomwares and other malware infections can cause widespread damage to USPS® information resources. By looking for these symptoms, you can help limit the damage done by a possible infection:

n Files or data are suddenly unavailable.

n Files have been edited when no changes should have occurred.

n Files appear, disappear, or change in size.

n Systems display strange messages, contain new content, or are reorganized.

n Systems become slow, unstable, or inaccessible.

n Unexpected processes, such as email transmissions or programs running on their own.

Respond to Ransomware

Don’t wait to report a ransomware infection! If you believe your computer or device has been infected by ransomware, promptly take the following steps to respond:

n Stop work on the affected computer or device as soon as you notice a sign of infection.

n Do not communicate with any unknown individuals requesting information about the availability of data on your computer or device.

n Notify the CyberSecurity Operations Center (CSOC) by emailing or calling 866-877-7247 to report the incident.

n Alert your manager or supervisor about the incident.

Online security is a priority for USPS employees, customers, and suppliers. When you take simple steps to protect yourself online, you create a safer Internet for your family and coworkers.