Menu

IRS Warns of Ransomware Attacks

This week the IRS issued tips to prevent ransomware attacks warning they are on the rise stating a handful of tax practitioners who have been victimized. Ransomware is used to lock users out of their files until they pay a ransom. The most common method is using emails to lure you or your employees to open a link or an attachment.

In May the infamous ransomware, WannaCry, targeted computers running older unsupported systems such as Windows XP demanding $300 in Bitcoin.

If you are attacked:

1) Don’t pay the ransom. “Remember, you’re dealing with criminals,” according to Christopher Budd, a global threat communications manager with the digital security firm Trend Micro.

2) Disconnect from the network.

3) Save all important files you’ve been working on.

4) Reboot your computer in safe mode. You run a system restore from safe mode by choosing Advanced Boot Options and selecting Repair Your Computer. Choose the option for System Restore to restore your system back to a previous period, prior to the ransomware attack.

5) Once you’ve rebooted, run download a copy of the Microsoft Safety Scanner using a clean, non-infected PC. Copy the downloaded file to a blank USB drive or CD, and then insert it into the infected PC.

6) Reinstall your files from a backup.

If none of that works, you may need to consider your files gone forever. Reformat your hard drive, reinstall your operating system and set up an automatic backup. Going forward, make sure your operating system and anti-virus software is automatically updated and verify the integrity of regularly data backups.

Tax professionals should immediately report attacks to their IRS stakeholder liaison and to the FBI at the Internet Crime Complaint Center, www.IC3.gov.