Beware of bogus attachments

      Comments Off on Beware of bogus attachments

Laptop on desk Showing Red Screen with Padlock icon.Computer has been blocked access to Data with RansomwareThe latest burst of malspam is using PDFs featuring bogus receipts to spread a new strain of ransomware called GandCrab.

First an email arrives with a PDF attachment that contains a captcha to prove the recipient is a human being. A click on this will release a rogue Word document. If the unsuspecting user opens this, they will be invited to enable macros. Anyone who follows this instruction will activate a PowerShell script which, in turn, will release the GandCrab ransomware, triggering the process of encryption.

Hopefully any reasonably savvy recipient will have smelled a rat at some point before their files become encrypted. However, this latest exploit does highlight the importance of treating unsolicited attachments with extreme caution.