6/17/2014

Increasing Cryptolocker Email Traffic

Baroan Technologies recently received the following email from AppRiver, our email filtering service, regarding the Cryptolocker malware. We have written a few blog posts on Cryptolocker, which we began seeing in November 2013 and are still seeing it occur in our clients' environments as recent as this month.
URGENT MALWARE ALERT: INCREASING CRYPTOLOCKER TRAFFIC

AppRiver is currently seeing a lot of malicious email traffic containing the Cryptolocker malware that can encrypt your business's data. The bulk of this traffic is coming through trusted free file share programs disguised as voicemail messages or faxes. AppRiver is blocking all known variants of this traffic but the spammers are changing up the messages rapidly. It is incredibly important that you let your users know not to open unsolicited emails and download files without confirming their sources. It's also important that you back up your files frequently and, if you use a third-party back up system, make sure it will not overwrite your backup with the encrypted files.

As a reminder, Cryptolocker is an especially destructive virus that will encrypt all of your data. Cyber criminals then force you to pay to get the data back, with no assurance they will actually follow through if you do. For more information, please see this blog article: blogs.appriver.com

Sincerely,
Brian Haynes
Director of Channel Sales
One of the common Cryptolocker emails they've been seeing contains a DropBox link to retrieve a Zip file. AppRiver's blog post advises, "If something appears wrong or out of place avoid it!" We cannot stress this enough.