Fraud Happening in the EPCOR Footprint: Ransomware

Amy Donaghue

By: Karen Sylvester, AAP, APRP, CAMS, CRCM, NCP, Senior Director, Compliance Education


Imagine trying to access your system and these (scary) words pop up on the screen. You know you have typed the correct username and password, and hope that maybe it’s just not your day and you typed something incorrectly. Except, you begin to look around and everyone has the same message. AND THEN…. A more detailed message pops up stating the system has been encrypted and a ransom must be paid to decrypt the information.

These situations are much more common than you think and only continue to grow in popularity. In fact, we’re hearing reports of this fraud throughout the EPCOR footprint. So, how does Ransomware happen?

Ransomware attacks can begin in several ways including:

  • Software Downloads – Downloadable games and file-sharing applications can be a hotspot for possible attacks. A simple download can become one of the most complex problems you or your organization has ever experienced.
  • Pop-up Windows – You’re cruising the web and your computer pauses and a window pops up with a link that must be clicked for the window to go away. The window is also possibly missing the typical X in the corner or the X is there, but it also starts the download. Doomed either way.
  • Spear Phishing – Determining who the top management of a company are and directly sending them targeted emails is another way the criminals use to infiltrate systems. In many cases, top management may have more access and more information available to them.

What can we do to minimize the risk?

We can’t live in a secure box and bubble wrap our information, but we can bring awareness to our company, ours staff and ourselves. Recurring reminders to keep these threats top of mind are beneficial to all. We are inundated daily with different situations and those tough times remind us we must be even more cognizant of the websites we are visiting, links we click on and the information we have available on our websites.

It takes a village to fight fraud and keeping up with the latest threats is a daunting task. Be sure to watch our newest Did You Know video on Ransomware (available on YouTube and our website) and share it forward with your co-workers and clients.