According to a recent report published by the NCC group, 40% of reported ransomware assaults for the month of May were from Lockbit ransomware. This latest scam tries to bait victims into unknowingly installing ransomware onto their company machines by scaring them into opening an email attachment.
What does the email look like?
Victims receive a copyright infringement email in their inbox, informing the victim that using media files without the creator’s permission is a copyright violation. It further threatens legal action unless the recipient removes the illegal content from their website, and claims to have more details in an attached pdf. Uh oh.
But… as soon as the attached pdf is opened the malware loads up and encrypts the device with the LockBit 2.0 ransomware.
We’ve seen variants of this scam before
Copyright violation claim emails have surfaced before over the years, distributing malware and other variants of ransomware. What makes this one so volatile is that LockBit is able to bypass many computer safeguards and successfully install its payload. Furthermore once a system is infected and begins beaconing to the aggressor, it may lead to more catastrophic attacks.
The Takeaway
Don’t open email attachments from unknown sources
I know, this sounds obvious but clearly this method is working. Most of the intrusions into our nation’s critical infrastructure have occurred by successful phishing email attacks. Employees are clicking on cleverly crafted emails and opening up their organization to malicious adversaries.
Not sure where to start? How about your Employee Cybersecurity Awareness Training program – do you have one in place? Need a refresher? Feel free to reach out. We can help.
-A