Cryptolocker Is Alive And Well In Post Office Email Scams

Padlock-black-300pxHeimdal Security put out a recent blog about the ongoing Cryptolocker campaign that has spread worldwide to the United States, the UK, Australia, and now Denmark. Apparently, there’s no stopping this lucrative criminal enterprise.

Most infections are precipitated by a spammed email often spoofing a well know and trusted name, such as the Post Office, DHL, etc. These emails look like the real thing and criminals have gotten much smarter about their contents too. It used to be that grammatical mistakes were a sure sign that the email was a phony—not any more.

Cryptoware-criminals are now localizing their attacks to specific countries, making sure that emails are grammatically correct and using exact replicas of logos, etc. to spur action by their victims. Spoofed emails from a country’s Post Office are favored among criminals because they are so effective.

Once a victim clicks on a bogus link, they’ll be directed to an infected site where the malicious file will automatically be downloaded, encrypting files and holding them for ransom.

Antivirus detection rates are very low as Cryptolocker has evolved using advanced evasion tactics making it extremely dangerous for business networks. Take important precautions:

  • Backup your data and keep copies in multiple locations utilizing onsite devices as well as the Cloud. Make sure you retain backups for a bit so you can go back to a pre-infected state should you become a victim.
  • Make sure your PCs and servers are up-to-date.
  • Always have an up-to-date and active antivirus program and run it daily.
  • Stop clicking on email links from unknown sources and be cautious even if they appear to be from trusted companies. Always verify their origin before clicking on them. Click here to learn how.

Awareness and proper planning are the keys to avoid becoming a victim. Companies should make sure that they have a Business Continuity solution in place and not mere data backups. Data backups alone do not ensure a quick recovery; only a Business Continuity solution can do that.

When we mention the word disaster, most business owners think of hurricanes and tornadoes but catastrophic data loss can be caused by malicious infections such as Cryptolocker that can put an unprepared company out of business. Don’t be one of them.

 

XSolutions is a Managed Services Provider (MSP) and provides 24/7/365 remote monitoring, scheduled workstation and server maintenance, Help Desk Services, Business Continuity Solutions, Cloud & Hosted Services and IT Consulting. Call us at (845) 362-9675 and see how we can help your company.