New Strain of Ransomware Encrypts Email Inboxes

A new type of ransomware is coming for cloud email inboxes. While this particular strain was developed by white hat hackers and hasn't been seen in the wild yet, it's a wake-up call for those who use cloud-based email services like Gmail or Exchange. According to KnowBe4, this kind of ransomware relies on social engineering to deceive users into giving hackers access to their email account.


Don't Get Hooked!ransomware gif

 
What To Look For
 
The method starts by sending a branded email that promises a Microsoft anti-spam service. When the user clicks on the email to install the service, they instead receive a ransomware payload that encrypts all of their emails and attachments in real time.
 
This attack, called "ransomcloud" will work for any cloud email provider that allows a third-party application control over the email via OAuth. With Google, this will work if you get the app past their verification process. Office 365 doesn't verify the app at this point, so it makes an attack like this much easier.
 
Do NOT click on the link in the Microsoft AntiSpam PRO email. If the link is clicked, do NOT select Accept in the app prompt.Do NOT click the link bolded in the Microsoft AntiSpam PRO email. If the link is selected, you will be asked to accept the app. Do NOT accept the app.
 
 What To Do
 
As always, it's important to educate your users to double and triple check any attachments or links before they click on them. If it seems suspicious, tell users to err on the safe side and send it to the IT department for help or delete the email.
 
For more tips on how to spot a phishing email and avoid falling victim to these common attacks, please view Phishing Attacks: How To Identify & Avoid Them and Social Engineering Red Flags. Should the worst case scenario occur, a full back-up of your environment is necessary to avoid costly business downtime. Learn how Cloud Protect for Office 365 or G Suite can help get you back to business fast after a ransomware attack in the cloud.
 
Sources:
 

Written by Taylor Clark

    Related Post

    Growth Is Just One Click Away

    Want to chat? Just share some project details and a member of our sales team will be in touch to learn more about your vision and how we can help!
     
    How can we grow together?