Ransomware Warning !!!
When infected with ransomware, a computer’s files are locked and often encrypted.
Infinet would like to notify readers about ransomware emails that we have seen recently in the hopes that it may help to prevent you from falling prey to them too.
When infected with ransomware, a computer’s files are locked and often encrypted. The distributors of the malware then display a message to the user, informing them of the price that must be paid to regain access. The ransom is often hundreds of dollars and the price goes up if you don’t pay within a certain amount of time. There is no guarantee that if you pay the ransom, that you will be able to decrypt your files because the decrypter may never be sent to you or it might not work anyway.
Therefore the best way to recover is to clean the infection and then restore your files from backups. This highlights the importance of taking regular backups and preferably syncing your data to a cloud service where possible. Your local disk backups could still be encrypted if the disks were connected at the time.
Prevention is the best strategy. Be vigilant and cautious of opening emails or links from unknown sources or that seem suspicious. The latest one we have seen was an email which appeared to come from the AFP regarding a traffic infringement but it could look like it was coming from various other authorities. It is always changing but they will always try to get you to open a link to a website or open an attachment because that’s where the malware will be. If you are unsure, you can always call the company directly to confirm if the email is legitimate. Alternatively, you could check with Infinet’s Service Desk team.
In addition to this, there is a free utility that will help prevent your computer from becoming infected with this malware called CryptoPrevent. This is designed to supplement your existing anti-malware software.
If you have seen any examples of ransomware recently, please get in contact.
Bonus points to you if you didn’t click the link above and instead searched for the program using your favourite web browser.
Thank you and please share this information with your staff internally.