A spam campaign delivering CTB Locker is targeting employees from French companies, Bitdefender researchers found.
The spam e-mails carry an attachment,a .cab file and a message claiming to be from a co-worker of the victim . The e-mails look like authentic bills and are allegedly sent to management departments.
The e-mails invite people to open the .cab file, an auto-executable Microsoft archive. Once accessed, the CTB Locker cryptoware executes itself on the user’s computer and ciphers any file found on the computer, along with everything it`s connected to ” including external hard drive disks, file servers and backups.
The company is urged to pay a ransom to recover the encrypted files, within a very short period of time ” usually 72 hours.
How can users and companies protect themselves?
The e-mails usurp the identity of the victim’s co-worker, which adds a layer of trust and credibility to the scam . They are well-written, in the language of the user, making it even harder to identitfy the scam. Users are advised to be extremely careful when opening e-mails from unknown senders, especially if they carry an attachment ” it`s quite unusual to receive a .cab document. It`s also critical to use an anti-malware solution that proactively protects against threats, and to perform external backup of the company`s data on a regular basis in order to avoid losing valuable data with a double-click.
This article is based on information provided courtesy of Profil Technology and Bitdefender researchers.
tags
Alexandra started writing about IT at the dawn of the decade - when an iPad was an eye-injury patch, we were minus Google+ and we all had Jobs.
View all postsNovember 14, 2024
September 06, 2024