Cryptolocker / Locky Malware Scam
This is a TAS notification alert from CCR Technology Partners. CCR’s Security team has received reports of a new variant of ransomware being spread by emails that claim to be pending invoices, or question regarding contracts. These emails contain an attached Word file, which when opened, will execute a macro that downloads and runs the virus.
This particular type of ransomware, primarily known as Locky, but may also be known as Cryptolocker.AF, WILL encrypt user data on the PC and demand a ransom payment to unlock it. If the PC has access to network shares that have been mapped, that data is at risk as well.
It’s important to note that deleting the virus will NOT decrypt the data. The only sure way to recover encrypted data is to restore from a previous backup.
CCR advises anyone who receives these messages to delete them immediately without opening.
If you believe that you have been infected by any form of ransomware or cryptomalware, power down your PC immediately and disconnect it from the network to minimize any damage that has already been done.
The CCR TAS Notification System was created to keep you informed of possible threats to your corporate network environment.
Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.