Targeted users receive an email asking users to update their Netflix account details by clicking a link in the message. This link redirects to a page that appears to be a legitimate Netflix page requesting a user log into their Netflix account.

This is a CTAS notification alert from CCR Technology Partners. CCR's Security team has received reports of a new phishing targeting users of Intuit Quickbooks. The scam works by sending users emails with the Subject Line: “Quickbooks Support: Change Request”, claiming that the sender has changed their business name. The recipient can supposedly cancel the request by clicking on a link in the email. However, the link instead redirects users to a web page where malware is hosted and downloaded to the user’s PC or device. This malware can be used to steal password or other personal information. CCR advises users to delete suspicious emails immediately without responding to the message. Users can also check the hyperlinks included within the email by hovering their mouse pointer over it, without left clicking on the link. The CCR CTAS Notification System was created to keep you informed of possible threats to your corporate network environment. Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.

Cerber Ransomware Scam This is a CTAS notification alert from CCR Technology Partners. CCR's Security team has received reports of a new variant of ransomware being spread by emails that claim to be legal documents requesting a signature or claiming to be tracking a package. These emails contain an attached Word file, which when opened, will execute a macro that downloads and runs the virus. This particular type of ransomware, primarily known as Cerber, WILL encrypt user data on the attacked PC and demand a ransom payment to unlock it, which can range into the thousands of dollars for payment. If the PC has access to network shares that have been mapped or to cloud file storage services such as Dropbox, that data is at risk as well. It’s important to note that deleting the virus will NOT decrypt the data. The only sure way to recover encrypted data is to restore from a previous backup. CCR advises anyone who receives these messages to delete them immediately without opening. If you believe that you have been infected by any form of ransomware, power down your PC immediately and disconnect it from the network to minimize any damage that has already been done. The CCR CTAS Notification System was created to keep you informed of possible threats to your corporate network environment. Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.

This particular type of ransomware, primarily known as Locky, but may also be known as Cryptolocker.AF, WILL encrypt user data on the PC and demand a ransom payment to unlock it. If the PC has access to network shares that have been mapped, that data is at risk as well.

Amazon Scam This is a CTAS notification alert from CCR Technology Partners. CCR's Security team has received reports of spam emails claiming to originate from Amazon that requested targeted users to confirm their address by clicking on an external link. In actuality, this link is then used to phish personal information and may also spread malware. It's important to note that Amazon requests a shipping address prior to placing an order and will not send an email confirming an address.  CCR advises that these emails be deleted immediately without opening. It is also recommended that users activate the new Amazon Two-Factor Authentication feature using a mobile phone to provide additional account security.CCR advises that these emails be deleted immediately without opening. The CCR CTAS Notification System was created to keep you informed of possible threats to your corporate network environment. Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information or believe you may have been affected by this malware.  

CCR's Security team has received reports of a new variant of ransomware being spread by a variety of email scams including, but not limited to, phony FedEx and UPS couriers emails, forms claiming to be Authorization for usage of privately owned vehicles, and phony voicemail emails. These emails contain an attached file, usually claiming to be a pdf or word file that in actuality downloads and executes the virus.

This is a CTAS notification alert from CCR Technology Partners. CCR's Security team has received reports of spam emails claiming to report that a child predator has moved into your community. These emails urge users to visit a linked website that claims to list registered offenders in the local area.

Spam emails claiming to offer free Windows 10 upgrades to users of eligible copies of Windows 7 and 8. The attached file contains crypto-malware, and the emails appear to be from update@microsoft.com, but are actually sent by a non-Microsoft personnel.

2