Locky ransomware – Spamvertised ransomware – Are you protected?

In light of the many news reports, the Locky ransomware is being distributed through a new spam campaign as a .vbs (VBScript) file and many customers have reached out and asked if they are protected from this, so we figured we’d let all of our customers know!

First, our mail server does not accept any emails that contain attachments with dangerous file extensions, such as .vbs, so this stops the current primary attack vector. However, the ransomware can also be distributed through more “trusted” sources such as .doc (Microsoft Word) document, which are not blocked. With this, we have reached out to Cyren, our cloud-based anti-spam and anti-virus filtering service and they have confirmed to have detection algorithms and signatures for the Locky virus, including its variants. Since Cyren has very good Zero-Hour protection, our customers should be protected from even the newest outbreaks.

We highly recommend that customers never open attachments from sources they do not know and always make sure that local anti-virus software and signatures are kept up-to-date. And of course, having a full backup of your PC at all times is the best solution, things do happen and it is a great idea to be prepared! And remember just because you may have files backed up to a local USB drive, this does not mean your data is safe! 

As always, if you have any questions or concerns, please feel free to contact us!