We take care of your website security and email security but there is always a possibility you open an email via your ‘work’ email or a private email account that contains a virus that hasnt been removed / identified as Spam or a Virus. Here is an example conversation we had with a client about 5 years ago when Bitcoin was $15.
[Website Owner] As a result of our system falling foul of the infamous ‘Cryptolocker’ virus, which cost us a lot of money to have our files decrypted, we are now having an overhaul of our computers. We have an IT company making some changes to make us more secure and to update our computers. To enable some of these changes to be made, I have been asked to get an MX Record change from you.
You can liaise with our IT man if you require any further information. Can you also confirm that we already have a static IP address please?
[Website Designers] Have heard about this virus – How did you get the infection? I assume you or someone got an email from ‘companies house’ and you opened the attachment. Simple virus checking software would have detected this virus and I hope the IT company you have now hired are ensuring you cant get infected again.
Its strange to request an MX record change and assume they have suggested you use a different mail server. I believe this is not necessary and your current mail server is perfectly secure and not the cause of your infection. Happy to do what you want / ask but also have your best interests at heart and want the best for you. Yes, you have a static IP address
[Website Owner] We believe we got the virus from either an Amazon or an RBS email that one of our employees opened. We have been receiving loads of emails from Companies House, Sage, Final Invoices, and various banks, but we all knew not to open them. However, the employee, opened the Amazon one believing it to be about something he’d ordered, he also seems to have opened one from RBS that is also suspected.
We had an anti virus (Comodo) on our system, but the virus still got through! Apparently it’s a really clever and vicious virus. The virus itself was easy to get rid of, but all our files had been encrypted and the only way to decrypt them was to pay the ‘ransom’ of $1000 which, in itself, was actually very difficult to do. There were only two methods of payment given – Bitcoin (which our IT man didn’t recommend) or to get a pre-paid card, which could only be purchased in person in America. Fortunately we have family in the US, who kindly purchased the card for us. They then had to give us the card number, which we had to enter onto the cryptolocker message and then wait, with no guarantees it was going to work! It took 48 hrs before all our files were decrypted, but it looks like we’ve got everything back.
Our IT man is now upgrading everything for us, new pc’s, server and more importantly – virus protection! He has suggested getting our emails via the new server and has asked us to get the MX record change – which he will need when the new server is connected.
Thanks for your assistance.
[Website Design Company] Thanks for the info. its very interesting to me and believe a better virus checker would have not allowed the virus to be opened / copied your machines (the best paid for solution at the moment is Bit Defender which is rated number 1 by PCPro Magazine recently. I saw a video about an infection of cryptolocker and think you are lucky to get your files back – did it get on the network and encrypt all the files on all your work machines. For interest we now have an upgraded virus checker on our Server for all incoming emails so before you get it delivered to yourself its scanned for viruses.
Your email is hosted with an award winning / secure and reliable UK host and I really don’t see the point or advantage of changing and the obvious hassle that this will cause you. Happy to discuss further or talk with your IT company. Again my only interest is your security as we can change your MX settings in 10 minutes. For interest only one client prior to yourself decided to have his own mail server – it caused him huge problems and he told us to put it back to ‘normal’ after 2 weeks.
