Wed, Nov 13 2013 21:47
Batten down the hatches for CryptoLocker
Passing this along from Derek Knight:
"It is going to get worse. We saw a massive increase in the last 2 days of new ransom ware droppers in attacks that are very likely to succeed with typical social engineering tricks
Yesterday for example we saw thousands of emails sent by botnets with plausible tricks to get them to open the attachments.
They ranged from Amazon delivery notices ( how many users will order from Amazon each day, if 5% fall for it, that is hundreds of thousands of potential victims ) to the perennial tax notice and the latest one is http://blog.dynamoo.com/2013/11/important-new-outlook-settings-spam.html
All ones that unwary users in a corporate environment will fall for easily as well as home users
The other big run yesterday was the old “here is the photo I promised you “ and if your system is set to hide file extensions as most are all you see once you unzip is photoname.jpg ( the .exe suffix goes missing)
The email appears to come from someone you know with a single name like Fred or Janet or other common name
All of these should be so well known by now that we hope that users don’t fall for them but we know that a high proportion of users will blindly open any file sent to them if it gets past either the corporate firewall/application control or the home users AV "
Filed under: Security