A remarkable increase in cryptomalware has been detected in Australia since mid 2014, growing as high as more than 1000 percent within that period and showing how highly vulnerable the nation’s citizens are to cyber threats.
Security vendor Symantec said the cryptomalware is coming from the Trojan.Cryptolocker.F family of malware, which works to extort money from its victims by encrypting that target’s computer files and the ransom will serve as an exchange for the keys to recover the affected machine.
Read also: CryptoLocker ransomware is still alive and kicking
This kind of cyber crime becomes the norm among attackers because most data stored in our computers are important files related to our work or personal lives, and losing them forever might bring about more serious damage to us than the sum that attackers are asking from their victims.
The Trojan.Cryptolocker.F is being spread worldwide using an email-based social engineering method of deception, which is adapted by cyber criminals depending on the location in which the target victims reside. For example in Australia, attackers modified the social engineering trick to make it appear as if it came from an Australian energy supplier.
The email purported that a user must click on a link and download a file to view his or her current bill. In reality, the link redirects to a fake Web page that contains malware, which will lock your computer once downloaded. Most of the time, an unsuspecting user might view the link as genuine, but it was only a nearly perfect clone of the legitimate site.
Attackers even make sure that the person is viewing the web page by asking that user to enter a CAPTCHA security code. It always works that way. The cryptomalware is contained in a zip file which the fake website will claim to contain the bill, but in truth a malware in the form of an .exe file. Once downloaded, the file then scans for sensitive data and encrypts the computer after that.
When that happens, the user will then see a prompt message saying their computer has been locked and describing how to restore the machine, which is by paying a sum as a ransom.
In order to avoid falling for this deceptive malware, you should first familiarize yourself with the trends in malware schemes, their nature and how they work. If you receive an unexpected email that seems to be good to be true or odd, ignore it and mark it as spam to help your email service provider identify which messages contain spam content. If an email contains a link, see to it that the website is legitimate. Finally, never download files with these name extensions: (.zip, .jar, .tar, .7z, .exe, .scr, .bat, .js, .jse, .vb, .vbe, .wsf, .wsh, .cmd, if they come unsolicited.
Disclosure: We might earn commission from qualifying purchases. The commission help keep the rest of my content free, so thank you!
slango20 says
ZIP, TAR and 7Z are perfectly fine, unless they have an executable within them