The dangers of opening suspicious emails: Crowti ransomware
The Microsoft Malware Protection Center (MMPC) has seen a spike in number of detections for threats in the Win32/Crowti ransomware this month as the result of new malware campaigns. Crowti is a family of ransomware that when encountered will attempt to encrypt the files on your PC, and then ask for payment to unlock them. These threats are being distributed through spam email campaigns and exploits.
Crowti impacts both enterprise and home users, however, this type of threat can be particularly damaging in enterprise environments. In most cases, ransomware such as Crowti can encrypt files and leave them inaccessible. That’s why it’s important to back up files on a regular basis. Cloud storage technologies such as OneDrive for Business can help with features such as built-in version history that helps you revert back to an unencrypted version of your files.
We also recommend you increase awareness about the dangers of opening suspicious emails – this includes not opening email attachments or links from untrusted sources. Attackers will usually try to imitate regular business transaction emails such as fax, voice mails, or receipts. If you receive an email that you’re not expecting, it’s best to ignore it. Try to validate the source of the email first before clicking on a link or opening the attachment. There is more advice to help prevent an infection from ransomware and other threats at the end of this blog.
The graph below shows how Crowti ransomware has impacted our customer during the past month.
Figure 1: Daily encounter data for Win32/Crowti ransomware
Computers in the United States have been most affected with 71 percent of total infections, followed by Canada, France and Australia.
보다 자세한 정보는 아래링크를 참조하세요.