A massive spam campaign thought to be targeting small and medium sized businesses is responsible for tens-of-millions of emails being sent to UK residents which are tainted with the dreaded CryptoLocker ransomware.
The U.K.’s National Crime Agency’s National Cyber Crime Unit (NCA) issued an advisory late last week warning residents to be wary when considering opening any unsolicited attachments in emails that purport to be from banks and financial institutions.
“The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment). This file is in fact a malware that can install Cryptolocker – which is a piece of ransomware,” the advisory stated.
CryptoLocker malware is widely being used in an extortion scheme in which an user’s files are forcibly encrypted by the attackers who then demand payment from the victim in exchange for the required decryption key to allow access to the hostage data.
“The NCA are actively pursuing organised crime groups committing this type of crime. We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public,” said Lee Miles, Deputy Head of the NCCU.
The NCS advisory recommends:
- The public should be aware not to click on any such attachment.
- Antivirus software should be updated, as should operating systems.
- User created files should be backed up routinely and preserved off the network.
- Where a computer becomes infected it should be disconnected from the network, and professional assistance should be sought to clean the computer.
The NCS advisory comes on the heels of a US-CERT advisory that warned of a recent increase in CryptoLocker infections.
Categories: Top Security Stories