July 15th 2014
We have been alerted to a new type of ransomware known as Cryptowall – a similar type of malware to CryptoLocker which has been the subject of much attention recently.
If your computer is infected with Cryptowall, the malware will encrypt all of your files in a way which is difficult or impossible to remedy. You will be presented with a pop-up screen informing you that you can pay a fee (often in Bitcoins) to obtain the encryption key to unlock the machine, but this key is rarely returned and the files will remain locked, effectively rendering it useless because you have lost access to all of your files..
Cryptowall poses a significant threat both because of the damage it can cause and because of the range of ways in which users can become infected, including:
– emails containing attachments which seem authentic but which are in fact executable files containing the malware
– emails containing links to websites which, once visited, will automatically download Cryptowall on to the machine.
– Links within reputable websites (for instance embedded links to videos or adverts) can cause damage if the user does not have an up-to-date version of the plug-in they are using.
– Ensure that you have reputable internet security software installed, updated and switched on.
– Make sure that your internet browser and any plug-ins (for example Flash, Java, Silverlight) are up-to-date.
– Do not click on links or open attachments from unknown email addresses. Even authentic addresses can be spoofed by fraudsters to make them seem genuine. If in doubt, check the email header to identify the true source of any such attachment or link.
– Beware of links contained within websites – for example advertisements or video files on sites which look trustworthy.
– Backup your files to a location not directly linked to your machine or network.
– Close unneeded connections on business networks – this will help to prevent the spread of the virus from infected machines.
To report a fraud and receive a police crime reference number, call Action Fraud on 0300 123 2040 or use their online fraud reporting tool.