Cyber criminals have been targeting HR professionals with an email that appears to be from a candidate. They are sending a fake CV and an excel form that asks to ‘enable macros’. If this is enabled the file will generate an executable file and launch Ransomware.
If the user gets Ransomware then they will have to pay the cyber criminals a fine to get the decryption password.
This form of ransomware is being called Goldeneye, and was initially released in Germany through phishing emails, however the threat has now spread globally.
How to recognise it…
The first file received in the email (fake CV) is designed to trick users into believing that it is a regular job application. The second file (an Excel file) will contain the job request, this is where the ransomware resides. Once opened excel will ask the recipient to enable the Visual Basic for Applications (VBA) macros to load content.
Once you enable the macro, the ransomware will invisibly load on to your pc, encrypting all of your files and leaving a message with a ransomware text file. Once your pc is infected it will reboot and from that moment you will not be able to access your files. Instead you will see a ransomware message:
How to protect your business against Ransomware
As with all strains of Ransomware there is nothing you can do to protect your business 100% against this kind of attack, there are however many steps you can take to reduce the risk and ensure that your data is retrievable.
Following the recent increase in Ransomware we are continually looking into ways we can help to protect your business against cyber-attacks.
Speak to your Technical Consultant or Account Manager today to ensure you are doing all you can to protect your business against this kind of attack.