Ransomware on the increase in 2017
Ransomware is criminal software, similar to a virus. Ransomware encrypts your personal files and asks a ransom in return for a digitale key to restore the files.
We strongly recommend that you do not open attachments that come with emails from persons or organizations that you are not familiar with. At this time most of this ransomware comes in the form of an email with the word ‘Factuur’ in the subject-line, followed by a number. The email has a zipfile attached which has a number as a filename. If this attachment is opened, the virus will be activated.
The current ransomware emails originate from a domain name in Austria, < aon.at>. This domain is now blocked and any email originating from it will moved to the junk mail by our spam filter. However, the domain name used in these emails can be easily changed by the senders, after which the email can pass through the filter again.
Ransomware emails cannot always be easily recognized. On the Fraudehelpdesk website (external) you can find more information and current examples. In case of doubt, please contact the ISSC Helpdesk a telephone number 8888, we are always glad to help.
Fortunately, you can prevent ransomware in the same way you can prevent 'ordinary' viruses:
• Be careful with e-mail attachments. Never open attachments from unknown senders, especially with zip-files and watch file extensions. When a file name ends with .pdf.exe it is not a pdf-file, but will almost certainly contain a virus or ransomware.
• Be careful with internet links in e-mails from unknown senders. Don't click the link, but go to sites of well known organisations or social media platforms by entering the link in the browser or using your own favorites.
Make sure you don't have to pay ransom to recover your files at home:
• Back up the files on your home computer regularly.
• Make sure that the software on your home computer is up-to-date.
• Make sure the antivirus software on your home computer is up-to-date.