OK! Folks heed this warning, if you have been receiving malicious emails with various lures including subject lines payroll or package tracking from UPS, and FedEx; as well as bank correspondence and voicemail notifications. Some identified keywords used in these emails include:
Payroll Received by Intuit ADP RUN: Payroll Processed Alert Payroll Manager Payroll Invoice ADP RUN Payroll Processed Alert Annual form ACH Notification Annual Form – Authorization to Use Privately Owned Vehicle on State Business DNB Complaint – (Number) DO NOT OPEN ANY ATTACHED .ZIP FILE!!!!!!
These .zip files contain the Cryptolocker ransomware. Basically this infection will scan through your PC looking for documents and other data and it will encrypt those files, the criminal will show an amount of money between $100 – $300USD to decrypt your data.
The encryption used is virtually impossible to crack leaving you with no documents, this will also scan mapped network drives encrypting all documents on servers.
You can watch to give you an idea what you are up against or check or blog explaining how the works.
Just removing the infection will NOT get your files back!
My advice is keep a regular backup and please, DO NOT OPEN ATTACHMENTS from any of the above described subject lines, I have come across a couple cases of this now and had to be the bearer of bad news that the encrypted documents are not retrievable. The only way to get back your documents is to pay the ransom and have the thieves decrypt your files – or go to your backups if you have them.
I have seen quite a few of these coming through my own spam filters, Back up those files and keep your virus software up to date!
Safe Computing,