365 Users are the latest targets of ransomware viruses such as Cryptolocker and it’s various mutations. You may even see the term “Cerber Attack” used in the media to describe these ransomware infections.
This latest threat was received by 365 users as spam or phishing emails and the file attached contained the virus. When the attachment was opened it had a message at the top of the screen asking you to “Turn on the Edit mode and click on Enable Content” similar to the below images.
Image 1 is similar to a message we have all seen on Microsoft products.
Image 2 is not a normal Microsoft warning and should be an indication that there’s a problem with the file.
By clicking enable content the virus was activated. Once activated, the virus acted like all other Cryptolocker viruses and started locking up files it determined as being “important” to the user and displayed a ransom note. However, this virus also broadcasted a message over the users speakers telling them about their files being locked up “encrypted” as well as read the ransom note to them.
Microsoft have since blocked this particular virus, however, it is important to note that we shouldn’t rely solely on a programs built in security tools or antivirus as the only protection against Cryptolocker attacks. Especially when Cryptolocker virus attacks are sadly becoming a daily occurrence.
What you can do
- Always keep your antivirus up to date
- Always backup your data files, photos (anything you don’t want to lose) to another location and regularly
- Do not open attachments to emails from sources you don’t know
- If you are waiting for an email with an attachment, check the sender and other information in the body of the email (such as grammar and spelling) prior to opening
- Check with Consulting IT if you are not sure of the files legitimacy, it’s better to be safe, than sorry.
We can help you!
We are constantly upgrading our own security and testing new products that may benefit your security. We can provide you with a tailored solution to suit your businesses security needs such as:
- Backups / Disaster Recovery
- Hardware to improve overall security