Ransomware attacks turned out to be the biggest digital threat of 2016, with victims paying nearly $1 billion in ransom, according to an FBI estimate. One of the most horrifying and successful ransomware campaigns has been Locky. Surprisingly, Locky has been relatively nonexistent this year … until now.
Why Locky ransomware is scarier than ever
We recently told you Cerber has taken over as the ransomware king. One reason it’s spreading so quickly is that it’s ransomware-as-a-service (RaaS). RaaS is a user-friendly type of ransomware that can be deployed by anyone, even if they have very little technical ability.
The distribution method for Locky, however, has changed, making it harder to detect. Scammers now send phishing emails to their targeted victims, hoping to trick them into clicking on a malicious PDF. Over 35,000 such emails were recently sent in just a few hours.
The phishing email purports to be a receipt for a recent payment you supposedly made. To see the receipt, you’re instructed to open a PDF. Don’t open this file. If you open the PDF, you’re asked to give the PDF reader permission to open another file. The second file is a Microsoft Word document that requests permission to run macros. If you give this file permission to run these macros, Locky ransomware is downloaded to your gadgets, encrypting your data.
The scammer will then demand a ransom from you so you can regain access to your data. The currently demanded payment is 1 Bitcoin, or approximately $1,250 USD.
How to protect against Locky ransomware
This new version of Locky is more devious than ever. Since it incorporates a phishing scam to infect your gadgets with ransomware, you need to know how to prevent both types of attacks. Let’s start with phishing:
- Be cautious with links — If you get an email or notification you find suspicious, don’t click on its links. It’s better to type the website’s address directly into your browser. Before you ever click a link, hover over it to see where it’s going to take you. If the destination isn’t what the link claims, don’t click it.
- Do NOT enable macros — You should never download files attached to unsolicited emails to begin with. If you do open one and it says you need to turn on macros, close the file and delete it immediately.
- Do an online search — If you get a notification about something that seems shady, do an online search. If it’s a scam, there are probably people online complaining about it, and you can find more information there.
- Watch for typos — Phishing scams are infamous for typos. If you receive an email or notification from a reputable company, it shouldn’t contain typos. Typically, there are signs an email is fake. Can you spot one? Take our phishing IQ test to find out.
- Use multilevel authentication — When available, you should use multilevel authentication. This is when you have at least two forms of verification, such as a password and a security question, before you log into any sensitive accounts. Click here to learn more about two-factor authentication.
Obviously, not having your gadget infected with ransomware would be ideal. For help, read these tips on boosting your safety online.
Since ransomware attacks exploded in 2016, the U.S. government is trying to help prevent them. Here are some tips from the FBI on handling ransomware attacks:
- Back up data regularly — This could be the best way to recover your critical data if you’re infected.
- Make sure your backups are secure — Don’t connect your backups to the computers or networks they’re backing up.
- Never open risky links in emails — Don’t open attachments from unsolicited senders.
- Download only trusted software — Make sure the software you download comes from trusted sites.
- Have strong security software — This will help prevent the installation of ransomware on your gadgets.
Backing up your critical data is an important precaution against ransomware. We recommend using our sponsor, IDrive. You can back up all your PCs, Macs and mobile devices into one account for one low cost! Click here to receive a special discount.