In recent years, ransomware —more than viruses, worms, Trojan horses, and other kinds of malware— it has become the great digital threat for many large companies and public institutions. Let them tell him, without going any further, to the Hospital Clínic of Barcelona.
However, in the heat of this threat, new ones are emerging that, although they do not pose a threat to the integrity of corporate data, yes they are for your bank accounts. And it is that a new extortion campaign has been detected via e-mail that copies the techniques of groups of expert ransomware cybercriminals.
The Avast Threat Lab, responsible for identifying this campaign, states that
“All indications are that this is simply a scam to scare corporate managers into paying money to avoid further consequences. The scam is designed to look like it is coming from a ransomware or data extortion gang and is sent via e-mail. -mail to employees of different companies, addressing them by their full name”.
DO NOT BE FOOLED! The main SCAMS in ONLINE SHOPPING and HOW TO AVOID THEM
How are the e-mails of yore?
In these emails, These employees are informed that their company has suffered a security breach and that they have stolen a large amount of informationand they are ordered to contact their bosses, who will have to respond to their message if they don’t want to see how their data ends up being sold to the highest bidder, and the news of the security breach ends up reaching the authorities (with the possible fine risk).
Senders will claim to be from a ransomware group with a terribly similar name to some well-known group in the security arena (such as “Lockffit”, which aims to make one think of the aggressive attacks of the “LockBit” group), and they will give instructions on how to attach a specific numerical code to the attackers’ email response from the attacked company.
“While victims might think this is an extortion campaign launched by cybercriminals after they have perpetrated a data breach, all indications are that this is simply a scam to scare company managers into paying money to avoid downstream consequences such as your data being sold on the black market, huge fines, customers finding out their data has been stolen, etc.”
And why “everything indicates” that it is a mere scam? Well, first of all – and yes, also the most important – because In a real-world ransomware attack, criminals first encrypt the victim’s data, making it clear to the victim that their security has been breached even before they receive any emails. In this case, they offer no more proof of data theft than an email address and the name of the recipient of the message.
To this is added that multiple shipments have been detected, signed by different groups of alleged cyber attackers, to various companies… that everything indicates that they have been generated from the same template (removing the names of the attackers and those attacked), since the text is identical even in its misspellings.
What to do if we receive one of these messages
Here are Avast’s recommendations if we end up receiving one of these scam emails:
- Don’t panic: Scammers always use fear and a sense of urgency to force us to make hasty decisions.
- Don’t reply to the message: communicate it to the department of your company in charge of computer cybersecurity. “There is nothing more to do, since there is no malware involved and your computer is not at risk,” they say from Avast.
Image | Gerd Altmann on Pixabay
In Genbeta | I have negotiated with the crackers in a ransomware attack: they asked us for 1 bitcoin or we lost all our information