What is Crypto Ransomware?
Crypto Ransomware is a type of malware that, when run, will encrypt files on your computer and any drives attached. There are also more sophisticated versions, such as LOCKY, that will not stop with just your computer, but will scan an entire corporate network in an attempt to encrypt anything that the executing user has access to. It uses very strong encryption and is difficult to decrypt without paying for the key to unlock it. Paying to unlock the files must not be an option as this will only serve validate the malicious actor’s actions.
How do I recognize Crypto Ransomware?
Crypto Ransomware can be difficult to recognize, but there are telltale signs. It generally is executed from attachments received through email such as emails claiming to be invoices or scanned documents that may even say they are coming from within your company. Some signs that these emails are malicious are as follows:
- The email seems incomplete or rushed
- The email contains spelling mistakes
- Not using your actual name such as being addressed as “Dear customer”
- An unrecognized company or sender
- The email is unexpected
If the email you have received fits any of the above, it is best to just delete it. If you think the email may be legitimate, you should contact the sender to confirm that they actually sent you the email and attachment prior to downloading and opening it.
If you do download an attachment and open it and receive a message stating that the text is unreadable and that you must enable macros to read it, stop there. Most documents will not contain a macro, especially invoices.
No comments:
Post a Comment