You work hard to keep your business running smoothly, so we want to keep you informed of things that could potentially be detrimental to your work. There’s a new type of ransomware virus called Locky that has been making it’s way to thousands of computers over the past few weeks.

It’s one of many viruses that have been targeting businesses, hospitals and police departments in recent years—and it doesn’t seem to be slowing down anytime soon. What would you do if your law firm, doctor’s office, or personal computer got hacked? Here’s what you need to know about Locky to inform your teams and keep your business safe.

What is ransomware?

Ransomware is type of virus that prevents users from accessing their files. The creators of the virus demand money in return for getting your files back, which means getting a virus like this can be extremely costly.

If you hire a professional to try to piece your information back together, the process can be just as lengthy and sometimes even more expensive than paying the ransom—which many sources say you shouldn’t do.

How computers are getting infected

The virus arrives in your email inbox and looks like an invoice. When you click on the Word document that is attached and enable your computer to open the file, the virus takes over.

Here’s an example of what one email’s subject and message line contained:

The subject line: ATTN: Invoice K-56463223

The message: Please see the attached invoice and remit payment according to the terms listed at the bottom of the invoice

A Word document with the file extension .DOC is attached.

How to protect yourself and your business

Talk with your team about this. Ransomware is becoming fairly common. Just last month, a hospital in Los Angeles was locked out of their patient medical records for more than a week. The hackers wanted $3.6 million in Bitcoin, a virtually untraceable form of payment, in order for the records to be returned.

Have a meeting with your team to talk about the dangers of ransomware and other computer viruses. Let them know that this type of crime is happening to businesses often and that it could have profound effects if it were to happen at their own workplace.

What to look out for

Tell everyone to be extra careful about opening any attachments in their inbox and to never open an attachment from someone they don’t know. If the file format of the attachment is any of the old formats for Microsoft Office (.doc for Word, .xls for Excel, and .ppt for PowerPoint) then don’t open it at all. These extensions were replaced long ago with .dox, .xlsx, and .pptx and any old file formats are a red flag.

Back things up… then back them up again

Make sure you’re keeping your files backed up at all times. Even if you don’t get a virus, you never know when your computers could be stolen or destroyed in a fire or natural disaster, so back up your items before it’s too late.

For businesses, you should have an on-site equipment back-up system that is offline and not tied to your netowork. External hard drives are a good option because the are relatively inexpensive and you can easily store them in a fire-proof safe. If your office is relatively small, you could get away with buying a 2 terabyte drive—which you can get for about $150.

It’s always best to have a back up to your back up as well—especially if your business deals with confidential data. One major breach can be enough to ruin a small business if you can’t afford to get your files back. Cloud storage allows businesses to back up their company information to a secure site online.

The Takeaway

 In Locky’s case, victims have to open the email, open the attachment and then enable macros in Microsoft Word for the virus to take over. You won’t automatically get this virus just by receiving the email, so just trust your instincts and make sure everyone at your workplace knows what to look for. If an email or an attachment looks fishy, don’t open it. And if you haven’t backed up your data yet (or haven’t done it for a while), do it now!