Stop and think before you click on anything. Xavier Mertens of the SANS Internet Storm Center has released information on a clever phishing attack designed to look like a voicemail message from someone at a company the victim is familiar with.
Often, phishing attempts will be disguised as documents like bills or reports. The victim is caught when they open an attachment that executes malicious code. This new voicemail spoof attack is a little more insidious, presenting a .zip archive file supposedly containing a .wav audio file. When the .zip is opened, the ransomware contained in the archive infects the computer. Then the victim is made to either pay a ransom or lose their files.
The KnowBe4 blog says that it looks like this attack is currently targeting users in the UK, posing as a message from a company that sells home internet equipment. Here’s the thing: the UK is often the place where kinks are worked out of malware campaigns before they’re unleashed in the U.S.
Do not click to listen to “voicemails” or to open any other files from people that you do not recognize. Always think before you click.
Now you understand the risk, but do your employees? Your business’s IT protection is only as strong as its weakest link, and your employees are the ones accessing your network more often than anyone else. Liberty Technology can help you determine how safe your business network really is with a free phishing test.