Today I met with a customer who recently I had pointed to my blog posts about ransomware. He sort of poo-pooed my words and pointed me to his safe habits.
With his permission I looked in his (very big) Inbox with about 1,000 emails. I looked only for mails with attachments and found quite a few.
I grabbed randomly one of the attachments, a ZIP file by the way, and saved that file to the computer.
Then I went to Virustotal.com, uploaded the file and had it tested. The results speak for them selves, here they are:
Clearly this file contains a downloader and a variant of the encrypting ransomware Locky. And who knows what the downloader would do to the machine if it ever gets to run.
Currently DO NOT directly open ANY attachment from an email, no matter how "good" you think you know the sender or what ever excuses your brain comes up with.
Always save the attachment to a place on your computer you can easily access like the desktop.
Then in your web browser go to virustotal.com, browse to the file - in this example on the desktop, upload the file and if virustotal.com comes up with anything then delete the file AND the email it came from!
Better safe than sorry!
And before you ask, some of my previous articles about ransomware are here, here, here, here and here.
As usual I welcome comments and suggestions right here in the blog. Thank you in advance.
Stay safe.
No comments:
Post a Comment