Every sixth e-mail contains virus
Locky is now followed by KePanger, PowerWare and Petya: Retarus has recorded a significant increase in the occurrence of the crypto-Trojan Locky and new variations, the IT security provider writes. According to a recent evaluation, 17% of all incoming e-mail messages were intercepted due to a suspected virus, the company writes.
On average, one in six emails sent to business mailboxes in March contained a virus. In total, there were as many infected messages every hour as there were in an average month in 2015. The analysis of Retarus revealed that this was primarily due to the huge increase in crypto-Trojans. While only around three percent of all incoming e-mails were infected in February, the number of messages filtered due to viruses already rose to 17 percent in March. The reason: During this period, numerous other variants of the malware appeared after the first Locky threat wave.
Since crypto-Trojans change their structure quickly and frequently, resulting in a wide variety of manifestations within a very short time, ransomware cannot be detected immediately by every virus scanner. Nevertheless, security can be increased with the help of professional cloud services. Specialized providers of email security services access multiple scanners in parallel, thus continuously supplementing their filter rules and always offering the most up-to-date protection. Additional mechanisms, such as a quadruple virus scan, further increase the probability of identifying and blocking blackmail Trojans in a timely manner.
Increased vigilance required
In order to protect themselves as best as possible against attacks from Locky and similar ransomware, email users must be particularly vigilant. Retarus recommends deactivating the automatic execution of embedded macro code in Office programs and only executing macros if they are absolutely necessary and the corresponding documents originate from known sources. Users should only open email attachments if they trust the sender or the process described in the email. To ensure that potentially affected data can be restored quickly and without loss, important data should be backed up regularly. It is important to note that Locky can also attack external data carriers if they are permanently connected to the computer. You should also be careful if the computer's response is extremely sluggish, there is high hard drive activity for no apparent reason, or files with the extension .locky are stored on the hard drive. In order to close existing security gaps, the latest virus scanner versions should always be installed and regular patches should be applied.
Press release Retarus
