A new, rapidly growing ransomware threat was discovered by the Barracuda Advanced Technology Group
that is primarily delivered as an attachment via email, claiming to be from company Herbalife
. The message impersonates a ‘copier’ file delivery (i.e. email sent by a copier/scanner).
The attack appears to be spreading very quickly and just in it’s first day since it was identified, 20 million have been hit. What makes this ransomware specially dangerous is that the attackers are unable to identify the victims which means that “victims who pay the ransom will not get a decryptor because it will be impossible for the criminal to identify them
As of September 21st, two other phishing emails have been identified to be part of this ransomware attack. One impersonating a voicemail message and from one marketplace.amazon.uk
When in doubt, throw it out!
As a reminder:
- Be careful when opening emails from a sender you don’t recognize and that have a suspicious domain
- If the sender appears to be within your organization, be wary of unusual, or out of character language
- Don’t open attachments that you were not expected or that make no sense in relation to the email message
- Only click on hyperlinks after hovering your mouse over the link to make sure it does not take you to a different website
See the image below for a full list of social engineering red flags to prevent becoming a ransomware attack victim. If you have any questions, remember you can reach out to our team