Protect against CryptoLocker & other malware
There has been a recent resurgence of a type of malicious ransomware software known as "CryptoLocker." The CryptoLocker family of malicious software arrives as an email message that is intended to look like legitimate email from a known sender. The message includes a .zip attachment containing a Windows program disguised as a PDF that, when opened, will encrypt files on the victim's hard drive as well as any mapped network drives where the victim's account has write permissions. The victim is then prompted to send an electronic ransom payment to the attacker in order to get a decryption key.
- Exercise caution with unexpected email attachments and their contents, and be aware that they can be disguised as other types of files.
- Remember that sender information on an email message can be falsified.
- Maintain up-to-date backups. A good backup is critically important if you've already been affected.
- Using an unprivileged (non-Admin) account for routine computing.
Implementing a Software Restriction Policy to confine program execution to specified hard drive locations, rather than allowing program execution from arbitrary locations such as mail folders.
Note: IMSS Managed Computing systems use both of these measures to help protect against infection.