CryptoWall 4.0 Scam
This is a TAS notification alert from CCR Technology Partners. CCR’s Security team has received reports of a new variant of ransomware being spread by a variety of email scams including, but not limited to, phony FedEx and UPS couriers emails, forms claiming to be Authorization for usage of privately owned vehicles, and phony voicemail emails. These emails contain an attached file, usually claiming to be a pdf or word file that in actuality downloads and executes the virus.
This particular type of ransomware, primarily known as CryptoWall 4.0, but may also appear under various names including, but not limited to, TeslaCrypt and CryptoFortress WILL encrypt user data on the PC and demand a ransom payment to unlock it. Unlike previous versions of Cryptowall, the new version will encrypt files names in addition to file contents. If the PC has access to network shares that have been mapped, that data is at risk as well.
It’s important to note that deleting the virus will NOT decrypt the data. The only sure way to recover encrypted data is to restore from a previous backup.
CCR advises anyone who receives these messages to delete them immediately without opening.
If you believe that you have been infected by any form of ransomware or cryptomalware, power down your PC immediately and disconnect it from the network to minimize any damage that has already been done.
The CCR TAS Notification System was created to keep you informed of possible threats to your corporate network environment.
Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.