Ransomware Takes A New Approach to Infect PC Users

Ransomware is taking on a whole new approach to infecting victims…

Ransomware authors are now using voice message notifications to distribute the malware to unsuspecting victims.  This is a new, advanced approach for these cyber criminals for one major reason.  Everyone can receive voice message notifications, whether it is a business employee or a home user.  The one caveat is that they must be using some kind of unified communications method such as Cisco.

Why is this more advanced than other forms of ransomware distribution?  Hackers are able to avoid unsuccessful attempts to infect users who do not use the file types used to distribute other variants of ransomware by using the voice message notification method.

According to Internet Storm Center, the voice message notification looks like this:

voicemail ransomware

Here is how you can avoid becoming a victim to these attacks.  First, delete the email and call whoever it said the message was from, on your own.  As previously stated in other posts, do not call the number identified in the email.  It is advised you look up the phone number from another source to prevent calling a potentially falsified number within the email.

(Visited 86 times, 1 visits today)

16 thoughts on “Ransomware Takes A New Approach to Infect PC Users

  1. I swear I believe the first virus was started one day by a guy trying to make future money.
    The second day he invented anti-virus software !

  2. I have seen this one floating around a bit in my inbox recently. I find my business email address gets bombarded daily with malware attachments and links. Its just unstoppable. I have tried to do things from cPanel on my web hosting, didn’t help at all. Installed ESET which worked ok in the past to quarantine infected emails but now it is almost completely ineffective. Knowledge is the key to all this as the protective software just isn’t up to the task anymore…..none if it. Not one program blocks everything

  3. On principal, I will not open an e-mail from anyone I don’t already know. I also delete any e-mail that has an attachment and did not come from a known source.

  4. Here’s something that I use to do.
    When I’d get a suspicious email with a link I’d right click and “copy link location” then I’d paste the link in notepad to see where the actual link went. They can type anything for the wording in the link address but when you click it it would go to somewhere totally different. Now days they can make the link active even with a “right click” so now that’s not even safe to do anymore.
    Be smart – be safe.

  5. Overnight I had 65 emails in my junk mail that all had the same exact message about earning a lot of money working at home. They all had a different sender’s name but all were from an io email address (Indian Ocean). I marked as phishing scam, but could this be a part of the ransomware emails?

  6. I received an email 8/24/16 that reads:
    “Hello,
    Please sign the attached contract with our technical service company for 2016-2017.
    We would appreciate your quick response.

    King regards,
    Judson Murray”

    It even has a digital-Signature.
    I expanded the full header and it originated from Denmark. Of course I didn’t click on anything but I did do screen captures of it and sent those to my friends to be altered to watch for their emails.

  7. Blocking their emails does not work…they just send the the same email from a different server using a different email address

  8. I want to make sure I understand this risk. It looks like the ransom where is connected as part of the email message not necessarily calling a phone number from your cell phone. Is this correct or do I not understand it?

    • They payload is within the message. So when you click to “listen” to the message, you download the ransomware.

      Great question.

  9. This is a very confusing article. Where is the payload? You are reading an email….if you open the email does that mean you have just infected yourself? Is it the audio clip, that if you play it you infect yourself? Just where is the payload on this?

    • Jeffry,
      I apologize for not being clear. The payload is within the attached message. So currently, opening the email will not trigger an infection. However, opening the message would do so.

      Great question.

  10. If I don’t know you and you send an email with an attachment or a link you are immediately added to my block senders list. If I see something come in from a friend with an attachment I always check the email address of the sender before I open the attachment. Some Common sense can save you big headaches.

  11. Lately I have been receiving many emails, saying “if you can’t read this, select the line below” or something to that effect. I don’t do it as I suspect it’s a trap.

Leave a Reply

Your email address will not be published. Required fields are marked *