A new type of ransomware has come to our attention in the last week or two.  We have seen a new wave of emails, some may seemingly come from within your company, possibly from your own email address, with files attached.

These files contain a new type of RANSOMWARE called “Locky” that encrypts the files on your computer and files on any devices that your computer is connected to (such as your company server, other PCs, and external hard drives that you may be using for back-up.)

Once Locky encrypts your files, the files can only be unlocked if you pay the ransom in the form of Bitcoin.  This malware works very similarly to the CryptoWall ransomware that we have written about to you in the past.

Below are samples of emails that very likely contain the dangerous malware. The attachments come in many forms, ZIP and RAR compressed files, and now familiar MS Office formats – XLSX, DOCX and PPTX files.

The best defense against these and the best advice we can give you is still the same – never open an attachment unless you are expecting it and are absolutely sure it is safe. Even if the email came from a trusted friend, brave the uneasiness – call up your friend to confirm that it was an intended attachment. A five-minute phone call can save you hours of aggravation and hundreds, even thousands of dollars in ransom and technical support costs.

CryptoWall imageCryptoWall 2 image

If you inadvertently open an attachment, turn off your PC immediately. Pull the power plug if you cannot push the power button fast enough! Then call a reliable and knowledgeable IT support company for help. They can help you determine whether it was a real infection, assess the extent of the damage, clean your computer, and help recover the files if you have good backups.  Once you are back up and running, they also can help implement safeguards to minimize the possibility of being victimized in the future.

This alert was authored by Chamber member John Kalli from Trinity Worldwide Technologies.  Trinity has vast experience in computer security, server and network implementation and IT support. To inquire about their services, you can reach John at 732-780-8615 or