Recently, internet security companies have been reporting increasing incidents of large numbers of emails being sent out with strange and distinctive subject lines. Typically they’re crafted as file names, and have image extensions like .tiff, .jpg and .png. They’re designed to lend the appearance that they’ve been sent from someone’s smartphone, which has tempted a relatively high percentage of recipients into opening them.
Unfortunately, the attachments also contain a hidden extension that’s not generally visible at a glance, and embedded within these files in a script that installs Locky ransomware. Once installed, this malware does exactly what its name implies. It locks the contents of your machine, and requires you to submit payment, generally in BitCoin, to get the code to unlock your files.
Locky is one of a number of ransomware tools currently gaining in popularity in the hacking community, and it’s not hard to see why. Unless you have a recent backup, there’s generally no way to get your data except to pay the toll.
As an attack vector, this is certainly not new. Hackers have long been in the business of embedding malicious software inside seemingly innocuous email attachments, but this recent twist shows yet another level of sophistication in how the attacks are engineered.
All of this underscores the point that IT Security personnel have been trying to drive home for years. Unless you know and trust the person sending you an attachment, don’t open it. If there’s any doubt at all, your best bet is to simply leave it alone, and report it to IT staff.
If you feel that your current level of network security is lacking, and your business may be at risk, you’re not alone. In that case, you’ll almost certainly want to talk to one of our security consultants, who can evaluate your needs, identify weak spots in your organization, and make solid recommendations to maximize your protection.