Email threats of ransomware up their game
There is a new Ransomware attack called Goldeneye and it packs a double punch. It not only encrypts your files but also your Master File Table (MFT). The attack has two attachments, a PDF document and an Excel spreadsheet. The PDF file is a social engineering attempt to get you to open the Excel spreadsheet which pulls down the malware to infect your workstation. In this case the bad guys don’t ask that you enable macros (a clear red flag that has been communicated in multiple Cybersecurity updates) but will encourage you to change your Microsoft Office settings to a setting that will enable the embedded macros to run. At that point Goldeneye is downloaded and launched and your files and file system become unusable.
In related news:
Ransomware….with payment options! Some ransomware is now being delivered with the option to pay for the key to unlock your files with bitcoin or the option to pass the infected files to two additional people. Why? Because everyone is being taught to be cautious of e-mails from senders you don’t know but not people you do know, or might be expecting something from. Question every email. Email is, and will continue to be, the number one way to deliver malware to your computer.
Stay alert and question attachments in email from both known and unknown senders.
If you suspect that you have been infected with ransomware and your computer is part of a network, remove the infected computer from the network immediately. From another computer or mobile device, do a web search using the phrase I might have ransomware, what do I do now? and look for articles that are less than 6 months old and from a reputable source (i.e.: Microsoft, Sophos, PCWorld) for instructions on what do to next.