The UK’s National Cyber Crime Unit(NCCU) has issued an alert about mass email spamming in which people are receiving emails that are allegedlyfrom banks and other financial organisations.
Apparently tens of millions of people in the UK could have received the emails with small and medium businesses in particular being targeted. The chances are that variants of this email will also begin appearing across the rest of Europe in due time.
The emails contain an attachment that is malware designed to install Cryptolocker, a well known piece of ransomware.If the attachment is clicked on Cryptolocker encrypts, as its name suggests, all the files on the person’s computer and the local network the computer is attached to.
Email spam from “banks” :The great freeze
For a small business it could cause great disruption by essentially freezing up the network so work can’t be carried out. It infects systems running Windows 8, Windows 7, Vista and the ageing but still popular XP.
Once it’s done its dastardly deed the computer displays a splash screen with a countdown timer demanding the payment of twoBitcoins in ransom for the decryption key. At today’s exchange rate that’s about $1,000 or €752 or £630.
The NCCU said it is working to try and establish the source of the email address where the ransomware is being sent from. When they do nail it, in all likelihood it’s going to be well beyond UK borders, either in wider Europe or somewhere further east.
The mechanism behind Cryptolocker
Cryptolocker is particularly fiendish. It uses something called AES 256 encryption. Without getting too technical it was developed by the US government and is used around the world. It’s the digital encryption equivalent of Mike Tyson; hard as nails and virtually unbreakable.
For every file on a computer it discovers it generates a new AES 256-bit key and uses it to encrypt the document. This key is then also encrypted so you’ve effectively got a double door lock on documents. Only when the victim pays up is a key automatically downloaded to unlock the files.
However, even if the ransom payment is made, there’s no guarantee that it would be honoured.
How do you protect yourself from email scams from banks or other trustworthy parties?
The immediate and obvious step is to not open the attachment. The body of the email message varies, referring to details of a suspicious transaction or invoices for payment. The attachment is connected to the email copy.
A secondary step is to back up your files. There’s nothing more frustrating than losing everything if you don’t have backup copies. Online back-up is particularly useful;it holds your data on a remote server so you can easily access it in the event of some kind of loss.
And of course make sure you’ve got some decent anti-virus software on your computer. BullGuard Virus Scan would have picked this up like a laser-guided missile homing in on its target. In fact, BullGuard Antivirus, the big brother of Virus Scan, provides double protection by fusing signature based detection with behavioural-based detection. It’s an innovative approach that lets you know there are very good defences against the many email scams out there.
Hopefully, if you do receive this particular email nasty, you won’t fall for it but there are a lot more lurking out there and no doubt many others in the pipeline so it pays to protect yourself.