Virus Alert - "Urgent Announcement from Bank of Jamaica" Ransomware called Locky
A Sample of the Malicious Email Message
From: Bank of Jamaica mails@ jm.boj.com
Subject: Urgent Announcement from Bank Jamaica
Please find enclosed the New Transaction Guidelines set by the Bank of Jamaica for Individuals and Companies, effective from Tuesday, 1st March 2016.
Bank of Jamaica
One of the easiest ways to get a malware infection is simply by opening an email message or an attachment. One of such malware is Ransomware. Presently ransomware has been impacting various organizations in Jamaica.
What is Ransomware? - It is a type of malicious software designed to block access to a computer system until a sum of money is paid.
The present Ransomware making its round is Locky and it arrives via the following methods:
- You receive an email containing an attached document (Troj/DocDl-BCF).
- You receive an email with a link
- The document advises you to enable macros "if the data encoding is incorrect."
What To DO - Best Practices
For optimum security when using email, please follow these best practices:
- Think Before You Click: Delete suspicious emails without opening them, such as those from unknown users with attachments, or with embedded links;
- Do not open attachments that end in an unrecognized or potentially harmful file format (Examples: .vbs, .exe,.com, .shs, .bat, .cmd,.inf, .sct, .vbe, and .vb);
- Use antivirus software with an up to date signature file and the "Auto-Protect" feature enabled to ensure all files are automatically scanned;
- Ensure your email application does not automatically download pictures when you open or preview email messages or RSS items;
- Never forward emails that you think may be infected with malware; and
- If you suspect that your computer is infected with malware, contact your Help Desk immediately for assistance.
Remember, hackers use intriguing email messages that seem to come from someone you know to encourage you to open infected attachments (an example of the email that is circulating is attached). Pay close attention to the sender which says Bank of Jamaica <email@example.com>, which looks realistic, however it is not as BOJ's domain is actually <boj.org.jm.>
Check the comment section below for additional information, share what you know or ask a question about this article by leaving a comment below. And, to quickly find answers to your questions, use our search
Click here help maintain Online Threat Alerts (OTA).
Note: Some of the information in samples on this website may have been impersonated or spoofed.
Comments, Questions, Answers, or Reviews
To protect your privacy, please do not post or remove sensitive information in or from your comments, questions, or reviews.
Write Your Comment, Question, Answer, or Review
NB: We will use your IP address to display your approximate location to other users.
Recommendations / Ads