The UK National Crime Agency’s National Cyber Crime Unit are warning computer users to beware of opening attachments from emails apparently from banks and courier companies.
One prevalent source at the moment in Andover is from emails appearing to come from “Royal Mail Group” and with Christmas approaching and people ordering online, this is likely to continue.
A computer user in Andover that has been affected by Cryptolocker said: “It locked up all the letters, spreadsheets and photos on the computer including a memory stick that was plugged into it. Thankfully we have copies of everything off the computer but imagine all your family photos being locked. Not nice at all”.
The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment). This file is in fact a malware that can install Cryptolocker – a piece of ransomware.
Cryptolocker works by encrypting the user’s files on the infected machine and the local network it is attached to.
Once encrypted, the computer will display a splash screen with a count down timer and a demand for the payment of 2 Bitcoins in ransom (Approx £536 as at 15/11/2013) for the decryption key.
Sound advice can be found at GetSafeOnline and this is a case where prevention is better than cure.
- The public should be aware not to click on any such attachment.
- Antivirus software should be updated, as should operating systems.
- User created files should be backed up routinely and preserved off the network.
- Where a computer becomes infected it should be disconnected from the network, and professional assistance should be sought to clean the computer.
- Various antivirus companies offer remedial software solutions (though they will not restore encrypted files).