In the spirit of keeping up to date with vital security information, there’s a new ransomware/phishing nightmare team knocking about that you’re going to want to know about. It’s extra sinister because it knows where you live; this makes it harder to detect as it looks like it’s coming from a known source. There are some steps you can take to protect yourself though, so make sure you’re keeping a beady eye out.
There’s a big ol’ phishing scam that’s going round at the moment that comes with a serious side of ransomware. The ‘ware’s called Maktub and – because scams get more sophisticated every day – this one contains your full home address in the email, making it even harder to spot the fact that it’s phishing for trouble.
However, you’ll soon realise that it is indeed a bad apple because when you click on the link, ransomware pops up. Oh, hey there. This particularly friendly piece of malware encrypts all your files and then demands bitcoins in return for the decryption key. Even better, the longer you take to pay, the more the fee goes up.
According to security expert Andrew Brandt, the emails tell you that you owe hundreds of pounds to UK businesses and that you can print an invoice by clicking on a link. That link then leads to all kinds of badness.
“It’s incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive – it happens in seconds,” Mr Brandt told the BBC. “This is the desktop version of a smash and grab – they want a quick payoff.”
It’s not known yet how the scammers got hold of people’s addresses – which seem to be pretty accurate for the most part – but could be from a database leak or something similar.
The UK’s national fraud and cybercrime reporting centre, Action Fraud, is advising people to delete the emails and report back to them.
The problem is what to do if you have already fallen victim to the attack. If you don’t have backups, Action Fraud says there may be no choice but to pay the ransom to get your files back. However, it’s important to avoid giving the criminals what they want where possible as, the more successful these scams are, it’ll just encourage the attackers to keep doing them.
As we’ve said before, ensuring you have clean, backed up versions of your system is vital and it’s important to be vigilant of emails asking you to click on links, even if they seem legit. If in doubt, don’t.
For more information on the security solutions available at UKFast take a look at our website or give us a call on 0208 045 4945.