Last year you may remember hearing about the WannaCry ransomware. The virus spread like wildfire and ended up infiltrating large organizations like the UK’s NHS and some areas of Nissan. Even a year later, mention of the attack makes some professionals wince. Playing on the fear the attack brought, a group of hackers brought the ransomware back. However, this time no systems are impacted; instead, the attackers are attempting to phish users, playing on past fear.
First reported in London UK, the city’s Action Fraud Unit says they received almost 300 reports about the phish in a two-day span. The Unit sent an official message regarding the email saying
“The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry ransomware…In reality, the emails are just a phishing exercise.”
Within the email, the attacker demands BitCoin for the safe return of your documents, which, just like last time, have supposedly been encrypted and can only be salvaged by following through with the 0.1 BTC ransom demands.
Security company Sophos reports that the email reads,
“Hello! WannaCry is back! All your devices were cracked with our program installed on them. We have improved operation of our program, so you will not be able to regain the data after the attack.”
This attack is particularly effective because it prays on the fears people have on the virus. However, there are many indicators that prove it is a phishing attack. The most obvious one comes from the sense of urgency the email brings, most of the time phishing emails pray on users acting on the irrational thoughts brought in a time-pressured situation.
To ensure that similar attacks don’t affect you make sure to reach out to see how we can help.
To read more articles about ransomware or phishing click the links below:
Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how we can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.