The National Crime Agency (NCA) National Cyber Crime Unit says that it’s aware of a mass email spamming event that is ongoing, where people are receiving emails that appear to be from banks and other financial institutions.
The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium businesses in particular. This spamming event is assessed by the NCA as a significant risk. The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment). This file is in fact a malware that can install Cryptolocker – which is a piece of ransomware.
Cryptolocker works by encrypting the user’s files on the infected machine and the local network it is attached to.
Once encrypted, the computer will display a splash screen with a count down timer and a demand for the payment of two Bitcoins in ransom (worth about £536 as at 15/11/2013) for the decryption key. The NCA says that it would never endorse the payment of a ransom to criminals and there is no guarantee that they would honour the payments in any event.
Lee Miles, Deputy Head of the NCCU says: “The NCA are actively pursuing organised crime groups committing this type of crime. We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public.”
An NCCU investigation is ongoing to identify the source of the email addresses used. Anyone who is infected with this malware should report it via Action Fraud.
Advice can be found at GetSafeOnline.
The SW1-based NCA became operational in October 2013.
