Comodo Threat Research Labs just posted an alert that a massive campaign of phishing emails have been sent with a spoofed "from" address: firstname.lastname@example.org. The subject is “Your Amazon.com order has dispatched (#code)" and there is no body text in the email, just a Microsoft Word attachment.
In the Word files again is no copy, just macro codes, and people that receive the email are social engineered to "enable the content" of the documents, which kicks off the macros which in turn start an executable that downloads Locky ransomware. The number of infected machines is not yet available, but it looks like a massive campaign.
That’s worrisome, since new research data from Kaspersky Lab shows that almost half (43%) of consumers do not know what ransomware is, despite the plague that is going on. Almost the same number (44%) admitted they did not know what data or information could be encrypted in a ransomware attack.
And the last concerning point is that many respondents would not know how to respond to a ransomware attack. The survey found that 15% of Americans and 17% of Canadians think unplugging the computer or turning off the mobile device could stop it, which is patently incorrect. The survey also showed (not surprisingly) the percentage people who would not know what steps to take in a ransomware attack grew with increasing age, from 37% of those aged 16-34 to 54% of those aged 55+.
“Right now, ransomware is an epidemic. Although it has been around for more than a decade, we have seen a recent explosion of new ransomware families that is cause for serious concern,” said Ryan Naraine, head of the Global Research and Analysis team in the US for Kaspersky Lab. “With this epidemic, the need for increased consumer awareness about ransomware is essential. Consumers today must not only learn about ransomware, but also use solutions to protect themselves against it, including installing internet security, making sure all devices are updated with available software patches, routinely backing up all important digital assets and implementing better user habits.”
I could not agree more with Kaspersky! Effective security awareness training is a must these days.
Ransomware Hostage Rescue Manual
Get the most complete Ransomware Manual packed with actionable info that you need to have to prevent infections, and what to do when you are hit with ransomware.
Don't like to click on redirected buttons? Cut & Paste this link in your browser: