The CryptoLocker ransomware continues to plague PC users in the United States and throughout the western world, with spear-phishing techniques now used to spread the payload. Specifically, companies with CraigsList postings that receive emails with attached files are being compromised, as CryptoLocker is infecting company executives, company owners, or human resources personnel.
CryptoLocker has proven to be extremely successful for cybercriminals, with forty percent of those affected reportedly paying the ransom. Unfortunately, simply removing the malware once it has been installed doesn't work - CryptoLocker is installed, but the encrypted files remain in control of the criminals.
Here is what Stu Sjouwerman, KnowBe4 CEO, said in a statement: "These methods pose a high risk for companies looking to hire as well as for individual Internet users. The cybergangs running these Crypto-variants will try any number of things to outdo each other and extort your hard earned money. Since the weakest point in any security model is the person who touches the keyboard, it is vital to educate users what to look for. Stepping them through effective Security Awareness Training will make them think twice before clicking on a link, or open a possibly infected attachment."