The National Fraud Intelligence Bureau (NFIB) has received the first reports from victims of a new type of malware, known as “Cryptowall”. This is similar to older malware which can encrypt all files on infected machines.
Awareness is being raised of this malware type in order to help people to stop themselves from becoming victims.
Cryptowall is the latest in a line of viruses which, once they are on an infected machine, encrypt all files in a way which is difficult or impossible to remedy. A pop-up screen will inform victims that they can pay a fee (often in Bitcoin) to obtain the encryption key to unlock the machine, but this key is rarely returned.
Therefore, becoming infected will generally result in the victim losing access to all their files permanently.
Cryptowall poses a significant threat both because of the damage it can cause and because of the range of ways in which users can become infected. These include:
· Emails containing attachments which look innocent but which are in fact executable files containing the malware
· Emails containing links to websites which, once visited, will automatically download Cryptowall onto the machine
· Links within reputable websites (for instance embedded links to videos or adverts) can cause damage if the user does not have an up-to-date version of the plug-in they are using.
Having up-to-date virus protection is of course essential, but it will not always prevent you from becoming infected. Please consider the following tips as well:
· Make sure that your internet browser and any plug-ins (e.g. Flash, Java, Silverlight) are up-to-date
· Don’t click on links or open attachments from unknown email addresses. Remember that fraudsters can “spoof” an email address to make it look like one used by someone you trust. If you are unsure, check the email header to identify the true source of any such attachment or link
· Beware of links contained within websites – for example adverts or video files on sites which look trustworthy
· Back-up your files to a location not directly linked to your machine or network
· Close unneeded connections on business networks – this will help to prevent the spread of the virus from infected machines.
If you do become a victim of this type of crime, report it: www.actionfraud.police.uk