Skip to Content

Watch out! Massive ransomware phishing scheme detected

We’re constantly warning you about new ransomware attacks. That’s because ransomware is one of the biggest digital threats in the world and we want to keep your data safe. The FBI said victims paid nearly $1 billion in ransom in 2016.

One of the largest ransomware variants ever is dubbed Locky. It seemed to be on hiatus for a while, but it’s making a come back in a huge, scary way.

Watch out for a new version of Locky ransomware

A new variant of Locky ransomware was discovered this week by researchers at AppRiver. It’s one of the largest malware campaigns this year. Over 23 million messages that contained Locky were sent in less than 24 hours on August 28, 2017.

The threat is being distributed through phishing emails with a subject line that reads either please print, documents, photo, images, scans, or pictures. Each of the messages includes a ZIP attachment that contains a Visual Basic Script (VBS) file.

If the attachment is clicked, the VBS file initiates a downloader and infects the victim’s gadget with Locky ransomware. A ransom message then takes over the screen and looks like this:

Image: Example of Locky ransomware note. (Source: AppRiver)

Victims are told to pay .5 Bitcoins in ransom, which is roughly $2,150. After the ransom is paid, the cybercriminals say they will redirect the victim to a decryption service so they can recover their files.

The problem is, there’s no guarantee that criminals will actually return access to your encrypted data. The FBI recommends not paying ransomware for this reason.

Your best defense is to backup all of your critical files before your gadget is infected with ransomware. That way you don’t have to rely on the word of criminals to recover your files.

Protect yourself from ransomware

Encryption-based ransomware is constantly evolving. Cybercriminals are always developing more complicated variants that make it harder for anti-malware software to detect. Once your gadget is infected, there is no guarantee that you will recover your data even if you pay the ransom.

That’s why you need to backup all of your critical data. We recommend our sponsor IDrive.

With IDrive, you can backup all your PCs, Macs and mobile devices into ONE account for one low cost. Also, it has recently added a new feature called Snapshots.

Snapshots is a historical view of user data stored in IDrive accounts, which allow users to perform point-in-time recovery of their critical files. If user data get infected with encryption based ransomware, all they have to do is select a timeline before infection and restore it. Go to and use promo code Kim to receive an exclusive offer.

Click here and remember to use promo code Kim to receive the special discount.

Note: If you are reading this article using the App, click here to see an example of Locky ransomware.

More stories you can’t miss:

How to spot disguised malicious files before they infect your computer

Use public Wi-Fi without getting hacked while traveling

DHS warns of Hurricane Harvey-related cyberattacks

Komando Community background

Join the Komando Community

Get even more know-how in the Komando Community! Here, you can enjoy The Kim Komando Show on your schedule, read Kim's eBooks for free, ask your tech questions in the Forum — and so much more.

Try it for 30 days