A spam campaign delivering CTB Locker is targeting employees from French companies, Bitdefender researchers found.
The Â spam e-mails Â carry an attachment,aÂ .cab file and a message claiming to be from a co-worker of the victim . The e-mails look like authentic bills and Â are allegedly sent to management departments.
The e-mails invite people toÂ open the .cab file, an auto-executable Microsoft archive. Once accessed, the CTB Locker cryptoware executes itself on the user’s computer and Â ciphers any file found on the computer, along with everything itâ€™s connected to â€“ including external hard drive disks, file servers and backups.
The company is urgedÂ to pay a ransom to recover the encrypted files, within a very short period of time â€“ Â usually 72 hours.
How can users and companiesÂ protect themselves?
The e-mails usurp the identity of the victim’s co-worker, which adds a layer of trust and credibility to the scamÂ . They are well-written, in the language of the user, making it even harder toÂ identitfy the scam. Users are advised to be extremely careful when opening Â e-mails from unknown senders, especially if they carry an attachmentÂ â€“ itâ€™s quite unusual to receive a .cab document.Â Itâ€™s also critical to use an anti-malware solution that proactively protects against threats, and to perform external backup of the companyâ€™s data on a regular basis in order Â to avoid losing valuable data with aÂ double-click.
This article is based on informationÂ provided courtesy of Profil Technology and Bitdefender researchers.