Information Security Alert: New ransomeware program discovered

Please read this important Information Security Alert regarding a newly discovered ransomware program called CryptoLocker.

Last month a new ransomeware program called CryptoLocker was discovered. CryptoLocker encrypts files on infected computers and demands the victim pay the attackers in order to decrypt and recover files. Victims are instructed to pay $300 USD within a short time to have files decrypted. If the payment is not made files are unrecoverable.

As usual, the primary method of infection appears to be phishing emails. We ask that you follow the guidelines listed below to protect your machine from a CryptoLocker infection.

  • Do not follow unsolicited web links in email messages.
  • Be wary of unsolicited attachments, even from people you know - Just because an email message looks like it came from your mom, grandma, or boss doesn't mean that it did. Many viruses can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who sent the message to make sure it's legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.
  • Trust your instincts - If an email or email attachment seems suspicious, don't open it, even if anti-virus indicates the message is clean. Attackers constantly release new viruses, and anti-virus software may not have a detection yet.
  • Be sure anti-virus software is up to date.
  • Scan files before opening them.
  • Backup files daily. It is not possible to recover encrypted files. If your machine is infected with CrytoLocker the only solution is to restore from backups.
Filed under: