Portals
Support
Contact
07 May
2015
The Australian Federal Police Are The Latest Target In Another Cryptolocker Scam
It is the responsibility of the Australian Federal Police (AFP) to protect us from crime. How ironic that in the latest fastbreak Cryptolocker email scam, cyber criminals have adopted the identity of the AFP and are using it to trick unsuspecting recipients into paying them money.
The AFP have released a statement advising the public to delete this fake email immediately.
This scam appears as a traffic infringement notice from the AFP which demands payment. To view the fake traffic infringement, recipients are asked to click the link contained within the email.
Once the recipient clicks the link to the view the traffic infringement, they are taken to a webpage which resembles the legitimate AFP website. The recipient is then asked to enter in a CAPTCHA in order to view the infringement.
Once the captcha is entered, the recipient is then presented with a .zip file containing the infringement notice to download.
While it is fortunate that this is not a genuine infringement notice, unfortunately for anyone who downloads this .zip file they will be infecting their computer and possibly their network with malware. The specific type of malware is called Cryptolocker, which is a ransomware Trojan. It encrypts all files and asks the user to pay a ransom in order to have their data returned or decoded.
The AFP has made it very clear that they never send out traffic infringement notices via email, so if you happen to receive this email don’t attempt to make a payment or provide your personal details.
The AFP has also advised that if you have received this type of email or receive one in the future, you should report it to the Australian Cybercrime Online Reporting Network (ACORN), and delete it from your inbox.
While these types of emails have been occurring quite frequently, there are a few simple things you need to remember so that you don’t become a hapless victim.
Generally, banks and government organisations will not send you emails asking for payments or personal information. If in doubt, contact them directly.
Don’t click on links contained within emails as these can direct you to fraudulent websites. Play it safe and type the company website directly into your web browser.
Don’t download any .exe or .zip files unless you are absolutely sure of their legitimacy. These files are the most common for the delivery of malware. Your business can help protect itself by locking down access to staff so they cannot download .zip or run .exe files without permission from the Network Administrator.
It is also crucial to back up your business data every day. That way, you have a safety net should your data ever be held to ransom through malware such as Cryptolocker.
User education and sharing these tips which will help mitigate risk to your business.
To educate your staff on how to identify spam, malware and more, feel free to share this helpful blog: Don’t Click That! Your Guide To Cyber-attacks And Tips For Being Cyber Safe Within Your Business.
If you don’t have a total secure backup solution, speak to us today!
sales@nextphaze.com.au
1300 761 587