The National Cybersecurity and Communications Integration Center has provided an advisory re: a new malware called ransomware, with specific reference to CryptoLocker Ransomware. This malware is spread via malicious emails, delivered with subject lines that are seemingly legitimate but are NOT.
CryptoLocker Ransomeware functions by encrypting victims computer files. Once encrypted, victims are provided a window of time in which they can pay to receive the key needed to decrypt their files. Please note that once the time limit expires, there is no known way to decrypt the files. Additionally please note that SUNY Fredonia will not agree to pay ransom. The only way to recover the encrypted files without paying the demanded ransom (reportedly on the order of $300) is by restoring them from a backup copy.
If your university-owned computer falls victim to this malware, please report it immediately to the Help Desk by phone 673-3150 or by FredQuest
Please keep the following important recommendations in mind:
- Remain extremely vigilant when opening emails, and especially email attachments.
- If an email seems suspicious, or you have received an unexpected attachment, do not open it.
- Verify the identify of the sender of any attachment, whether via a check of the sender's email address or formal communication with the sender.
- If you are not diligent about backing up the desktop hard drive, your files and information are at risk if you fall victim to this particular malware. Utilizing campus U Drives (or Shared Server space for administrative offices) is recommended due to the fact they are on a regular backup schedule.
Phishing Scams Reporting Procedure:
1. Report phishing to Google by selecting "Report Phishing" via the upper right dropdown arrow when the message is open.
2. Select "show original" using that same drop down arrow. That will open the message header information which is needed for us to investigate. Copy and paste that information into Microsoft Office One Note or other text based program and email it to email@example.com.