A new widely distributed scam email, that quotes recipient’s postal address, has now been linked to a dangerous form of Ransomware called Maktub.
Andrew Brandt from the security firm Blue Coat, exclusively contacted the BBC to discuss his findings after listening to a Radio 4 programme discussing the phishing scam. After investigating the scam further, he confirmed that the emails were linked to form of Ransomware.
Ransomware is a type of malware which encrypts victim’s files, demanding a ransom to be paid before they can be unlocked and retrieved once more.
The original phishing email told the recipients that they owed money to UK businesses, when opening the invoice file attached the Ransomware was then installed on the system. Unlike other Ransomware on the market, Maktub increases the fee due to be paid as time proceeds.
“It’s incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive – it happens in seconds,” Mr Brandt told the BBC.
“This is the desktop version of a smash and grab – they want a quick payoff.”
One uncommon and worrying feature within the scam email was the fact that cyber criminals managed to include the victim’s name and postal address. Experts believe that the information could have come from a number of leaked sources, but it adds legitimacy to the original claim of the recipient owing money.
This shows the importance of having a strong Disaster recovery plan in place, as cyber criminals find new and innovative ways to trick recipients into revealing data, more businesses are at risk each day.