Crypto-Malware Attacks
May 13, 2016
Beware of suspicious email attachments
Ransomware attacks have been reported from faculty and staff over the past few days. This particular ransomware is spread through emails that have an infected attachment, but navigating to infected websites may also be a source of infection. Once a user has clicked on an infected attachment, the ransomware will encrypt all files on your computer and rename the file extensions to “.lockey”. The ransomware may also encrypt any network drives you may have mapped (J and K Drives, etc.). If you notice you have been infected by the ransomware, disconnect the computer from the network, leave it turned on and contact the UTA Help Desk at 817-272-2208.
All faculty, staff, and students are urged to
- Avoid clicking on any suspicious attachments in emails
- Never click on links in emails that you’re not expecting. Signs that an email or website is not legitimate:
- Sender’s address or website address does not match the organization listed in the content of the message.
- Grammar in the message or website is poor.
- Format of the email or website is poor or inconsistent with what you’ve seen from the organization.
- Hovering your mouse over the links reveals web addresses inconsistent with the content of the message.
- Ensure your computer has anti-malware software configured and set to automatically run updates
- Keep your computer operating system and applications (Web Browsers, MS Office applications, Adobe Acrobat, etc.) patched and up-to-date
- Ensure you have properly backed up your files.
- UTA Faculty and Staff can use CrashPlan to automatically backup files on their computers. Contact your department’s desktop support associate or Help Desk at 817-272-2208 for installation assistance.
- Other methods include copying files to Network drives, use encrypted external drives (encrypted to prevent unauthorized access), faculty and staff may use approved cloud storage like UTA box (https://uta.app.box.com). Contact the help desk for assistance in setting your box account up or go to http://www.uta.edu/oit/cs/software/box/up for more information.
- Send suspicious emails with attachments to phish@uta.edu as an attachment. This allows the Office of Information Technology and the Office of Information Security to evaluate the threat.
See the Information Security website for additional information and tips