Spam Mails Impersonating O2 Deliver CryptoLocker Ransomware

In yet another instance, dangerous spam mails are circulating, warns Information Technology Security's Federal Office. The e-mails notify of one telephone bill which is actually a fake. Further, pressing on an embedded button inside them opens possibility of a perilous malware's installation. Network World posted this online dated February 3, 2017.

While disseminating the warning message on the social site twitter.com, the said Federal Office informs of one fresh spam wave. These junk messages masquerade as telecommunication provider O2 while carry details regarding the recipients' phone bills.

Along with certain billing period, the message body also has one customer number as well as the amount due. Moreover, there is one red button in the e-mail that should be enabling downloading of the bill. However, pursuing the red button, rather than produces the above bill, loads malware onto the host machine.

The malware is the notorious ransom software CryptoLocker that encrypts the entire lot of files on the PC. Therefore, it is advised that the button shouldn't be pressed. But in case one has done so and his PC becomes contaminated with the ransomware then he mustn't pay any money at least. Paying the ransom demanded normally doesn't help in decrypting the files. So instead one must take his computer offline immediately followed with shutting it down.

Now for retrieving the lost files, a separate computer should first invite the victim for Avira Rescue System while open one USB flash drive that can be restarted, alternatively one boot CD. A first online hunt should begin from the USB stick or the CD.

After this the PC must be started within safe mode. Subsequently, the PC may be reset for a time prior to the infection through one restoration point. In case this fails to retrieve the files then the end-users should take help of a technical expert.

An Onlinewarnungen.de research shows that all spam mails delivered contain incorrect salutations. Moreover, the customer no. as well as the so-called bill amount differs from one spam message to another. In addition, the domains that help for the contaminated files' downloading are seemingly registered with illicit intentions.

» SPAMfighter News - 2/9/2017