Email MalWare Warning
A number of CSU campuses have experienced instances of an email malware campaign that has surfaced and appears to be spreading through fake emails designed to mimic the look of legitimate emails from campus users or businesses. Cryptolocker comes through the campus as a social engineering attack. Usually the virus payload hides in an attachment to a phishing message. An example of this type of email is below.
What To Look For
Attachment to a phishing message. An example of this type of email is below.
If you become infected, you may see the following:
This attack is associated with an increasing number of CSU campus ransomware infections that demands the victim provide a payment to the attackers in order to decrypt and recover their files.
What’s Required of Me?
The U.S. CERT and the Department of Homeland Security suggest the following:
- Do not follow unsolicited web links in email messages or submit any information to webpages in links
- Use caution when opening email attachments. Refer to the Security Tip Using Caution with Email Attachments for more information on safely handling email attachments
- Maintain up-to-date anti-virus software
- Perform regular backups of all systems to limit the impact of data and/or system loss
- Apply changes to your Intrusion Detection/Prevention Systems and Firewalls to detect any known malicious activity
- Secure open-share drives by only allowing connections from authorized users
- Keep your operating system and software up-to-date with the latest patches
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams
- Refer to the Security Tip Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks
If you have any questions regarding any questionable email that you have received recently, please contact the IT Helpdesk at 657-278-7777 or