Executive Summary

Research shows that 95% of mid-career employees in Canada own a smartphone. At the same time, nearly 85% of companies currently permit a Bring Your Own Device (BYOD) policy in the workplace.

In recent years, iPhones and related smart devices have transitioned from nice-to-have tech accessories to essential office tools. That’s why it can be disheartening to learn that there are certain types of ransomware specifically targeted toward iPhone users.

The good news? There are steps you can take to protect yourself.

Today, we’re sharing a guide on how to prevent ransomware on your phone so you and your teams always prepared.

We will first cover the origins and basics of mobile ransomware. We’ll share what it looks like, how it works and the implications it can have on personal security and workplace productivity. Many times, ransomware can appear as a legitimate file, website or attachment. For this reason, it’s important to understand its distinguishing characteristics.

Then, we will share six important steps you can take to safeguard your device from a potential attack and ensure your important files are always intact and accessible. Keeping up with the latest software versions, backing up your device, and thinking twice before opening an attachment all top our list.

Read on to learn more.

What is Ransomware?

In short, ransomware is a special type of malware software. It works as its name implies: Once it infects a device, it restricts access to certain files, prohibiting users to decrypt them until they pay a ransom of money. 

How does it get onto the phone in the first place?

Ransomware is usually disguised as a legitimate file or online advertisement. Once a user downloads the file or clicks on the ad, it’s revealed that the link was indeed a Trojan.

The links will normally lead to a rogue website, which then exploits unsecured browser plugins on the device to download and activate the ransomware. After activation occurs, the ransomware begins to encrypt files on the systems’ hard drive. 

The only way to regain access to the important, often mission-critical, files is to for the user to pay the displayed ransom. Once that payment goes through, the cybercriminal will release the encryption key.

The user can then deploy this key to recover critical file access on the compromised device.

An Underreported Crime

Despite the malicious nature of ransomware, industry research shows that this remains one of the most underreported crimes in the cybersecurity space.

With so much at stake, why aren’t more of these cyber crimes reported?

The simple answer is that a majority of ransom demands are for minor amounts whereas the price of replacing indispensable business files could be astronomical. Moreover, the impact on a company’s reputation could be equally substantial if the ransomware attack becomes public record.

As such, most impacted users choose to pay the ransom and restore access relatively quickly rather than report the crime and lengthen the process. 

Still, the effects of ransomware are serious and can have myriad long-term, negative consequences. That said, let’s take a look at a few of the things to look out for as your workforce seeks to protect its iPhone devices. 

How to Prevent Ransomware on Your iPhone

The good news is that Apple has a range of safety features built into every iPhone to help protect users against the threat of cybercrimes. Still, they are not impenetrable.

Ransomware can infect an iPhone, just as it can an iPad or similar device. Here are eight of the top ways you can help keep yours as protected as possible. If your office supports a BYOD policy, share these tips with your employees today.

1. Open E-mail Attachments Cautiously

Before downloading any email attachments, check to make sure that the sender is credible.

If it’s from someone you don’t know or trust, it’s best to stay on the safe side. Most ransomware attacks originate in phishing emails, so even if the email appears valid, it might not be. 

2. Be Wary of Requests for Personal Information

One way to discern whether the email or page that you’re looking at is from a scammer?

Be wary of any message that requests your personal or confidential data, from your name to your home address. In most cases, a reputable web user won’t require you to share these details over the internet, so double-check before complying. 

3. Stick to the App Store

Another way that ransomware can infect your iPhone? On malicious apps disguised as real ones. To avoid this risk, only avoid apps directly from the official App Store.

This is especially important for any users who have jailbroken their iPhone or iPad. All apps available on the App Store have been approved and vetted for legitimacy. While some rogue ones manage to slip through, they’re normally caught very quickly.

Still, it’s best to read app reviews and stick to familiar ones as a precaution. 

4. Back-Up Your iPhone

Those familiar requests to initiate your iCloud backup are there for a reason, so use them!

Doing so can help ensure that if your iPhone does become infected by ransomware, you can still restore your data right away. Visit “Back Up Your iPhone” to get started.

5. Use the Latest Version of iOS

Apple is always on guard to identify and eradicate cybersecurity threats. Often, it will release important fixes within routine iOS updates. 

If you’re still using an outdated operating system, your phone could be more vulnerable to ransomware than others. Make sure yours is up-to-date by going to Settings > General > Software Update > Automatic Updates.

6. Pay Special Attention to File Extensions

Before you download any file on your phone, take a second look at its extension and make sure it matches the content type. If it doesn’t, it could be ransomware.

Examples might include a PowerPoint with a .jpg, an image file saved as a .mov or a document saved as .gif.

IT Solutions You Can Trust

Wondering how to prevent ransomware? It begins with a fortified IT infrastructure along with policies and procedures that keeps your on-premise systems as secure as possible. 

Yet, it’s no secret that keeping up with such requirements can be overwhelming. This is especially the case for busy law firms.

That’s where we come in. Our experienced team provides skilled, managed IT services with unmatched expertise in helping Canadian law firms protect their sensitive data and infrastructure. Contact us today to learn more about what we do and how we can help.