A new variant of ransomware referred to as Locky has been identified by Symantec. Locky encrypts files on the victim’s computer and requires the user to pay a ransom to unlock the files.
The ransomware has been spreading through emails disguised as invoices. Word documents containing malicious macros are attached to these emails. If the document is downloaded, the macro runs and installs Locky on the victim’s computer.
Additional details on this threat can be found on Symantec’s site.
Symantec has provided the following tips for protecting yourself against ransomware:
- Regularly back up any files stored on your computer. If your computer does become infected with ransomware, your files can be restored once the malware has been removed.
- Always keep your security software up to date to protect yourself against any new variants of malware.
- Keep your operating system and other software updated. Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by attackers.
- Delete any suspicious-looking emails you receive, especially if they contain links or attachments.
- Be extremely wary of any Microsoft Office email attachment that advises you to enable macros to view its content. Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.