CCR’s Security team has received renewed reports of malware being spread by a variety of scams including, but not limited to, phony FedEx and UPS courier emails, forms claiming to be Authorization for usage of privately owned vehicles, and phony voicemail emails.
These emails contain an attached file, that contains crypto-malware. This particular type of malware, originally known as Cryptolocker, is now known under various names including, but not limited to, Cryptowall, TeslaCrypt, and CryptoFortress. This malware WILL encrypt user data on the PC, demanding a ransom payment to unlock it. If the PC has access to mapped network shares, that data is at risk as well.
It’s important to note that deleting the virus will NOT decrypt the data. The only sure way to recover encrypted data is to restore from a previous backup.
CCR advises anyone who receives these messages to delete them immediately without opening.
If you believe that you have been infected by any form of CryptoMalware, power down your PC immediately and disconnect it from the network to minimize any damage that has already been done.
The CCR CTAS Notification System was created to keep you informed of possible threats to your corporate network environment.
Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.
CCR Data Center, Indianapolis, Indiana, March 17, 2015 1300 hrs