MySwag.org The Off-road Camper Trailer Forum
General => General Discussion => Topic started by: pajamajero on April 21, 2015, 07:17:02 PM
-
Hi Folks
There are nasty emails around at the moment, my company at a different location to me made a mistake in opening an attachment. It was ... resume.zip. Unfortunately they were accepting job applications at the time, so the attachment looked normal. Here is a copy of an email I sent to all staff members, friends and customers.
There are dangerous emails spreading across North Qld and beyond.
They will come often from people or customers you know.
The suspect emails contain RANSOMWARE, which will take over your files and encrypt them, then demand money to restore the files.
The files we have seen are all *.ZIP.
We have received so far
resume.zip
electronic.zip
invoice.zip
We have suffered an attack at Mareeba, and today received 2 more infected emails here in Innisfail, one from a local company, and one from a real estate company in Cairns.
DO NOT double click or open these ZIP files, it will activate the RANSOMWARE which is trouble for you and everybody on your contacts list
Advise everyone you can
The ransomware is called CRYPTOWALL, a google search will return more information.
It encrypts every file it can find on you hard drive, and leaves files telling you how to pay them US$500.
It even encrypted files on our company Dropbox. It also searches out your 'contacts' and sends them all an email with the*.zip file. You can see how quickly it can spread. Your contacts are not expecting a contaminated email from you. If caught you will quickly learn how a fairly current backup of your hard drive can save your *ss. You made need professional help to sort your computer out. If you are not really a computer person but own and use a computer, the key word here is BACKUP.
These emails are not an issue unless you double click the attachment !! Just delete them.
Not sure - Don't risk it, even from friends.
If you are unfamiliar with some of the terms I have used - please ask and will do my best to explain them
Cheers
Paj
-
Yeah too true.
My IT guy has told me to delete any email that comes in with a ZIP file attached. He reckons its just rife at the moment.
:cheers:
-
Hi pajamajero,
thanks for the heads up.
cheers duggie
-
I received a few of them today. I got sus as soon as I read that the e-mail that it came from was from Letitia@ my company!?!?
-
theres that much Shit going on at the moment, its no wonder some companies have got rid of email all together....
-
When I was working in I.T last year one of our users in Sydney opened one. Infected 2 servers in Sydney before they noticed it. Thankfully we took the VPN down between Melb and Sydney so the servers I was looking after didn't get infected. Took the Sydney boys 2 days to recover the data from back ups. Very very nasty stuff ransomware!!
-
The funny thing is that they're ethical crooks. If you pay the ransom, they do actually give you the unlock key.
-
We are really well protected at work, but we still had a few machines at work taken out by ransom-ware a while ago. People got an email from Energy Australia saying "You owe money. Click here to see the bill". Funny thing was, no-one who clicked the link was actually with Energy Australia. No one thought to question it.
We just flattened the machines and they lost all their data because you can't really recover from the cryptotography. But seeing as our company policy is specifically to not store any company data on your local hard-drives because they're not backed up (all other systems are) the responses were along the lines of "Sucks to be you". "Lost your Bali holiday photos? Tough"
-
The advice is never pay, no matter how bad your issues are.
The other thing is they want payment by bitcoin, which would prove difficult at best
Paj
-
The funny thing is that they're ethical crooks. If you pay the ransom, they do actually give you the unlock key.
no sadly its all just business as usual in Scumville....
If they didn't go to the bother of sending you the unlock key - then I guess pretty soon social media and a gazillion web based forums such as this; would be warning victims not to pay ... "because you are screwed in any case"...
This is very different from a person hostage situation because you WILL pay the ransom (if possible) - to get your loved one back; but its a once off deal; (with high risk to victim-returning so called "ethical crook"...)
AKA - most times they will just kill em and dump the bodies somewhere
-
My wife's work had the same last week, resume.zip
One of the employees got it and deleted it then thought they better check it, not that he was in a position to read resumes anyway. Lucky they back up regularly.
Never open zip files unless you know where they are from. virus scanners don't scan them as viruses
-
Buy a portable hard disk, connect it up one a month, backup all of your important stuff then unplug it. In my opinion its a cheap insurance policy.
-
Erm , I opened one this morning ....... I know - goose alert !
But , it was from the AFP , as in Australian Federal Police , a driving infringement. When you clucky clicky it takes you to the official AFP site .
I rang the AFP and the answer was "oh yeah that started this morning "
No announcement that they have been hacked ..........
If you can't trust our police , who do you trust ?
And yes , the it guy hates me !
Q
-
Did it have the real AFP Site. afp.gov.au?
What was the address it came from? ????@afp.gov.au, Or more like. .????@afp.au.dodgy-country-code
Same rules apply,
- NEVER open zip files.
- Check the from address.
- Check the county codes at the end of any website links.
- If it is not personally addressed to you, by name.
- No bank etc EVER asks for you to log into your account via email links
-
Yep , genuine AFP site - I rang them using the contact details ......
Our it guy has re or is that un buggered my computer , he is still shirty with me !
-
Erm , I opened one this morning ....... I know - goose alert !
But , it was from the AFP , as in Australian Federal Police , a driving infringement. When you clucky clicky it takes you to the official AFP site .
I rang the AFP and the answer was "oh yeah that started this morning "
No announcement that they have been hacked ..........
If you can't trust our police , who do you trust ?
And yes , the it guy hates me !
Q
Do you live in the ACT? Or have you driven through the ACT lately?
KB
-
No , in Vic - drive past Melbourne airport every morning and night .
Also apparently AFP don't do traffic infringements.....
So I'm a double goose ! Or is that a super goose .
-
No , in Vic - drive past Melbourne airport every morning and night .
Also apparently AFP don't do traffic infringements.....
So I'm a double goose ! Or is that a super goose .
i
So long as you're not a cooked goose!