It's time to start worrying about another round of ransomware attacks that could cost you big time. Locky ransomware is back after a brief hiatus. We've warned you before about the danger it presents. Locky is one of the fastest spreading forms of malware out there, which is what makes it so scary. Click here for a detailed breakdown of how Locky typically infects your computer.
After being MIA since the end of May, security experts say Locky has been found in millions of malicious email messages dating back to June 20. The new campaign of illegal activity is designed to steal money from their victims by tricking them into opening an infected email attachment.
Reports indicate that the email includes a message stating the following:
[Coworker name] asked that I send you the attached Word document, which contains the final version of the report.
Please let me know if you have any trouble with the file, and please let [coworker name] know if you have any questions about the content of the report.
Due to the language, recipients of these emails can be easily tricked into opening the attachment. Even if the email seems out of place, they may be curious to see what the CEO of their company is asking them to look at. It's a good disguise for the hacker's payload, hidden in the attached Zip file.
Why is Locky so hard to detect?
Windows machines typically block .exe and .bat files from running automatically, however, .js files are not blocked. This means that if you're using Windows on your computer, the mere act of opening the file is enough to set the code into action and immediately encrypt your files.
Although hackers primarily target businesses with the Locky strand of ransomware, it's not impossible that you might encounter an email like this too. If you're forwarded an infected email, or if it's sent to you by mistake, your personal computer could be at risk too.
What can you do to protect yourself?
Ransomware is such a growing problem that the Federal Bureau of Investigation is getting involved. The FBI recently issued a public service announcement in an effort to crack down on ransomware. Here are some recommendations from the FBI to prevent ransomware attacks:
- Back up data regularly - this could be the best way to recover your critical data if you are infected.
- Make sure your backups are secure - do not connect your backups to computers or networks that they are backing up.
- Never open risky links in emails - don't open attachments from unsolicited emails.
- Download only trusted software - make sure the software you download comes from trusted sites.