Tech Tips: Fake Email Invoices Contain Ransomware

Ransomware is still on the rise, and the Federal Bureau of Investigation has labeled it as one of the biggest dangers to businesses of all kinds. Compared to other methods of spreading malware, ransomware has a unique return on investment that keeps hackers wanting more. One new variant of ransomware uses a phishing attack that’s tailored to your real-world address, which is exceptionally concerning for victims.

This malware, Maktub Locker, spreads through an email phishing scam that appears to come from a legitimate email address. In fact, the email itself appears to be relatively clean, raising very few red flags for security-minded users. The email informs the recipient that they owe an organization money and that they’re receiving the notice because their payment is overdue for some type of service rendered.

The email informs users that they have sent a hard copy of the statement to the user’s address, which is included in the message, and that a link to the customer’s copy of the invoice is included in the email for the user’s convenience. Unfortunately, there’s nothing convenient at all about it; downloading the file triggers the ransomware, which encrypts the PC’s files until the user breaks down and pays the ransom. It’s thought that hackers obtain the street addresses of their victims through some sort of free online database, but the fact that they can easily be located has many people spooked.

Incidentally, if the user refuses to pay the ransom as soon as possible, the cost increases until it’s paid. ZDNet, which reported the appearance of the ransomware, reached out to the company whose email address was used to send the message. The answer was expected, and they had nothing to do with the phishing emails. In this sense, the hackers behind Maktub Locker are both damaging the reputations of local business owners, and making substantial threats against others.

The fact that ransomware continues to grow more popular only reinforces the fact that users of technology aren’t safe from hacking attacks. Anyone who makes the simple mistake of downloading the wrong file can instantly be cut off from accessing their important files and information. Ransomware threatens to uproot your entire business infrastructure if you don’t have a solid way to handle this catastrophe.

Ransomware is particularly dangerous for businesses and other organizations that rely on important files to keep operations moving. Some ransomware even has the potential to spread through networks and infect entire infrastructures if left unchecked. Above all else, you need to make sure that you don’t pay the ransom. Doing so might give you a sense of security that your files can be retrieved, but there’s no guarantee that hackers won’t just take your money and run.

While ransomware is next to impossible to remove from your systems, security best practices are a great way to keep your organization secure from threats of all kinds. You should teach your employees about how to identify phishing scams and other online threats. Furthermore, you can implement what’s called a Unified Threat Management (UTM) tool, which takes advantage of multiple enterprise-level solutions to maximize your organization's security.