The National Fraud Intelligence Bureau has received the first reports from victims of a new type of malware known as ‘Cryptowall’. This is similar in nature to older malware which can encrypt all files on infected machines.
VirusCryptowall is the latest in a line of viruses which, once they are on an infected machine, encrypt all files in a way which is either difficult or impossible to remedy. A pop-up screen will inform victims that they can pay a fee (often in Bitcoin) to obtain the encryption key to unlock the machine, but this key is rarely returned.
Therefore, if you become infected it will mean you lose access to all your files on a permanent basis.
Cryptowall poses a significant threat both due to the damage it can cause and because of the range of ways in which users might become infected. These include:
*e-mails containing attachments which look innocent but which are in fact executable files containing the malware.
*e-mails containing links to websites which, once visited, will automatically download Cryptowall onto the machine.
*Links within reputable websites (for instance embedded links to videos or adverts) can cause damage if the user does not have an up-to-date version of the plug-in they’re using.
Protect yourself from Cryptowall
Having up-to-date virus protection mechanism is, of course, essential but it will not always prevent the end user from becoming infected.
On that basis, Action Fraud advises the following additional prevention tips:
*Make sure that your Internet browser and any plug-ins (such as Flash, Java and Silverlight) are up-to-date.
*Don’t click on links or open attachments from unknown e-mail addresses. Remember that fraudsters can ‘spoof’ an e-mail address to make it look like one used by someone you trust. If you are unsure, check the e-mail header to identify the true source of any such attachment or link.
*Beware of links contained within websites – for example adverts or video files on sites which look trustworthy.
*Back-up your files to a location not directly linked to your machine or network.
*Close connections on business networks that you don’t need – this will help to prevent the spread of the virus from infected machines.