%PDF-1.3 1 0 obj << /Type /Catalog /Outlines 2 0 R /Pages 3 0 R >> endobj 2 0 obj << /Type /Outlines /Count 0 >> endobj 3 0 obj << /Type /Pages /Kids [6 0 R ] /Count 1 /Resources << /ProcSet 4 0 R /Font << /F1 8 0 R /F2 9 0 R /F3 10 0 R /F4 11 0 R >> >> /MediaBox [0.000 0.000 612.000 792.000] >> endobj 4 0 obj [/PDF /Text ] endobj 5 0 obj << /Creator (DOMPDF) /CreationDate (D:20250715110729+00'00') /ModDate (D:20250715110729+00'00') /Title (Report 07-2025) >> endobj 6 0 obj << /Type /Page /Parent 3 0 R /Contents 7 0 R >> endobj 7 0 obj << /Length 7841 >> stream 0.702 0.800 0.816 rg 34.016 34.016 543.969 723.969 re f 1.000 1.000 1.000 rg 45.266 200.291 521.469 546.443 re f 0.773 0.773 0.773 RG 0.75 w 0 J [ ] 0 d 45.641 200.666 520.719 545.693 re S 0.773 0.773 0.773 rg 61.016 216.041 m 550.984 216.041 l 550.984 216.791 l 61.016 216.791 l f 0.200 0.200 0.200 rg BT 61.016 693.716 Td /F1 14.4 Tf [(RANSOMWARE ATTACK USES FAKE SA POST OFFICE E-MAILS)] TJ ET 0.400 0.400 0.400 rg BT 61.016 664.909 Td /F2 9.0 Tf [(Posted on )] TJ ET BT 104.045 664.909 Td /F3 9.0 Tf [(January 01,1970)] TJ ET BT 173.588 664.909 Td /F2 9.0 Tf [( by )] TJ ET BT 188.096 664.909 Td /F3 9.0 Tf [(IT Communications)] TJ ET 0.153 0.153 0.153 rg BT 61.016 637.420 Td /F4 9.0 Tf [(Be aware that a ransomware attack using fake SA Post Office e-mail has made its appearance recently on the Tygerberg )] TJ ET BT 61.016 626.431 Td /F4 9.0 Tf [(network.)] TJ ET BT 61.016 606.442 Td /F4 9.0 Tf [(The hacking attack, originating in Russia, uses fake e-mails from the SA Post Office to inform the victim of a parcel )] TJ ET BT 61.016 595.453 Td /F4 9.0 Tf [(intended for delivery. The mail contains a link which downloads malicious software – in this case a nefarious variant of the )] TJ ET BT 61.016 584.464 Td /F4 9.0 Tf [(Cryptolocker malware.)] TJ ET BT 61.016 564.475 Td /F4 9.0 Tf [(Crypto ransomware is a type of malware used to extort money from victims by preventing access to their computer or files. )] TJ ET BT 61.016 553.486 Td /F4 9.0 Tf [(Recovery of infected systems is virtually impossible without clean backups.)] TJ ET BT 61.016 533.497 Td /F4 9.0 Tf [(When the victim opens the malicious e-mail attachment, the virus attacks the target PC system, encrypts victim's files and )] TJ ET BT 61.016 522.508 Td /F4 9.0 Tf [(displays a ransom note, which informs the victim that in order to restore access to their files, a ransom of between $100 )] TJ ET BT 61.016 511.519 Td /F4 9.0 Tf [(and $500 must be paid. Victims have only a certain amount of time to pay a ransom or they will lose access to their files )] TJ ET BT 61.016 500.530 Td /F4 9.0 Tf [(forever.)] TJ ET BT 61.016 480.541 Td /F4 9.0 Tf [(If you have been backing up your data and have extra copies of your photos, documents, and other files, you won't need )] TJ ET BT 61.016 469.552 Td /F4 9.0 Tf [(to pay a ransom. Reformatting your drive, and restoring the drive from backup is the only reliable way of undoing the )] TJ ET BT 61.016 458.563 Td /F4 9.0 Tf [(damage.)] TJ ET BT 61.016 438.574 Td /F4 9.0 Tf [(Cryptolocker ransomware is a nasty infection. Criminals only seek to earn easy money and frequently manage to do so. )] TJ ET BT 61.016 427.585 Td /F4 9.0 Tf [(For victims of this ransomware, I want to emphasise that paying the ransom will not solve the problem. There is no )] TJ ET BT 61.016 416.596 Td /F4 9.0 Tf [(guarantee that your data will be restored. Making the payment will not help to remove Cryptolocker ransomware.)] TJ ET BT 61.016 396.607 Td /F4 9.0 Tf [(Here is some advice to prevent becoming a ransomware victim:)] TJ ET 0.153 0.153 0.153 RG 85.866 379.434 m 85.866 379.846 85.696 380.256 85.404 380.548 c 85.113 380.839 84.703 381.009 84.291 381.009 c 83.878 381.009 83.469 380.839 83.177 380.548 c 82.885 380.256 82.716 379.846 82.716 379.434 c 82.716 379.022 82.885 378.612 83.177 378.320 c 83.469 378.029 83.878 377.859 84.291 377.859 c 84.703 377.859 85.113 378.029 85.404 378.320 c 85.696 378.612 85.866 379.022 85.866 379.434 c f BT 91.016 376.618 Td /F4 9.0 Tf [(Use spam filters and be cautious when opening e-mails, especially if there are attachments.)] TJ ET 85.866 368.445 m 85.866 368.857 85.696 369.267 85.404 369.559 c 85.113 369.850 84.703 370.020 84.291 370.020 c 83.878 370.020 83.469 369.850 83.177 369.559 c 82.885 369.267 82.716 368.857 82.716 368.445 c 82.716 368.033 82.885 367.623 83.177 367.331 c 83.469 367.040 83.878 366.870 84.291 366.870 c 84.703 366.870 85.113 367.040 85.404 367.331 c 85.696 367.623 85.866 368.033 85.866 368.445 c f BT 91.016 365.629 Td /F4 9.0 Tf [(Make sure you are using reputable, up-to-date security products.)] TJ ET 85.866 357.456 m 85.866 357.868 85.696 358.278 85.404 358.570 c 85.113 358.861 84.703 359.031 84.291 359.031 c 83.878 359.031 83.469 358.861 83.177 358.570 c 82.885 358.278 82.716 357.868 82.716 357.456 c 82.716 357.044 82.885 356.634 83.177 356.342 c 83.469 356.051 83.878 355.881 84.291 355.881 c 84.703 355.881 85.113 356.051 85.404 356.342 c 85.696 356.634 85.866 357.044 85.866 357.456 c f BT 91.016 354.640 Td /F4 9.0 Tf [(Make sure your operating system and applications are up to date and fully patched.)] TJ ET 85.866 346.467 m 85.866 346.879 85.696 347.289 85.404 347.581 c 85.113 347.872 84.703 348.042 84.291 348.042 c 83.878 348.042 83.469 347.872 83.177 347.581 c 82.885 347.289 82.716 346.879 82.716 346.467 c 82.716 346.055 82.885 345.645 83.177 345.353 c 83.469 345.062 83.878 344.892 84.291 344.892 c 84.703 344.892 85.113 345.062 85.404 345.353 c 85.696 345.645 85.866 346.055 85.866 346.467 c f BT 91.016 343.651 Td /F4 9.0 Tf [(Run a regular scan of your computer.)] TJ ET 85.866 335.478 m 85.866 335.890 85.696 336.300 85.404 336.592 c 85.113 336.883 84.703 337.053 84.291 337.053 c 83.878 337.053 83.469 336.883 83.177 336.592 c 82.885 336.300 82.716 335.890 82.716 335.478 c 82.716 335.066 82.885 334.656 83.177 334.364 c 83.469 334.073 83.878 333.903 84.291 333.903 c 84.703 333.903 85.113 334.073 85.404 334.364 c 85.696 334.656 85.866 335.066 85.866 335.478 c f BT 91.016 332.662 Td /F4 9.0 Tf [(Set and use strong and unique passwords.)] TJ ET 85.866 324.489 m 85.866 324.901 85.696 325.311 85.404 325.603 c 85.113 325.894 84.703 326.064 84.291 326.064 c 83.878 326.064 83.469 325.894 83.177 325.603 c 82.885 325.311 82.716 324.901 82.716 324.489 c 82.716 324.077 82.885 323.667 83.177 323.375 c 83.469 323.084 83.878 322.914 84.291 322.914 c 84.703 322.914 85.113 323.084 85.404 323.375 c 85.696 323.667 85.866 324.077 85.866 324.489 c f BT 91.016 321.673 Td /F4 9.0 Tf [(Set passwords on all your hardware devices \(modems and routers\).)] TJ ET 85.866 313.500 m 85.866 313.912 85.696 314.322 85.404 314.614 c 85.113 314.905 84.703 315.075 84.291 315.075 c 83.878 315.075 83.469 314.905 83.177 314.614 c 82.885 314.322 82.716 313.912 82.716 313.500 c 82.716 313.088 82.885 312.678 83.177 312.386 c 83.469 312.095 83.878 311.925 84.291 311.925 c 84.703 311.925 85.113 312.095 85.404 312.386 c 85.696 312.678 85.866 313.088 85.866 313.500 c f BT 91.016 310.684 Td /F4 9.0 Tf [(Back up your data.)] TJ ET 85.866 302.511 m 85.866 302.923 85.696 303.333 85.404 303.625 c 85.113 303.916 84.703 304.086 84.291 304.086 c 83.878 304.086 83.469 303.916 83.177 303.625 c 82.885 303.333 82.716 302.923 82.716 302.511 c 82.716 302.099 82.885 301.689 83.177 301.397 c 83.469 301.106 83.878 300.936 84.291 300.936 c 84.703 300.936 85.113 301.106 85.404 301.397 c 85.696 301.689 85.866 302.099 85.866 302.511 c f BT 91.016 299.695 Td /F4 9.0 Tf [(Keep a backup copy of your data in a safe place, disconnected from your computer and the internet.)] TJ ET 85.866 291.522 m 85.866 291.934 85.696 292.344 85.404 292.636 c 85.113 292.927 84.703 293.097 84.291 293.097 c 83.878 293.097 83.469 292.927 83.177 292.636 c 82.885 292.344 82.716 291.934 82.716 291.522 c 82.716 291.110 82.885 290.700 83.177 290.408 c 83.469 290.117 83.878 289.947 84.291 289.947 c 84.703 289.947 85.113 290.117 85.404 290.408 c 85.696 290.700 85.866 291.110 85.866 291.522 c f BT 91.016 288.706 Td /F4 9.0 Tf [(Only visit reputable websites and online services.)] TJ ET BT 432.949 268.717 Td /F4 9.0 Tf [([ARTICLE BY DAVID WILES])] TJ ET BT 61.016 248.728 Td /F4 9.0 Tf [( )] TJ ET 0.400 0.400 0.400 rg BT 61.016 230.239 Td /F2 9.0 Tf [(Posted in:E-mail,Security | Tagged:Phishing,Security | With 0 comments)] TJ ET endstream endobj 8 0 obj << /Type /Font /Subtype /Type1 /Name /F1 /BaseFont /Helvetica-Bold /Encoding /WinAnsiEncoding >> endobj 9 0 obj << /Type /Font /Subtype /Type1 /Name /F2 /BaseFont /Helvetica-Oblique /Encoding /WinAnsiEncoding >> endobj 10 0 obj << /Type /Font /Subtype /Type1 /Name /F3 /BaseFont /Helvetica-BoldOblique /Encoding /WinAnsiEncoding >> endobj 11 0 obj << /Type /Font /Subtype /Type1 /Name /F4 /BaseFont /Helvetica /Encoding /WinAnsiEncoding >> endobj xref 0 12 0000000000 65535 f 0000000008 00000 n 0000000073 00000 n 0000000119 00000 n 0000000305 00000 n 0000000334 00000 n 0000000472 00000 n 0000000535 00000 n 0000008428 00000 n 0000008540 00000 n 0000008655 00000 n 0000008775 00000 n trailer << /Size 12 /Root 1 0 R /Info 5 0 R >> startxref 8883 %%EOF Ransomware attack uses fake SA Post Office e-mails « Informasietegnologie
Language:
SEARCH

  • Recent Posts

  • Categories

  • Archives

«
»

Ransomware attack uses fake SA Post Office e-mails

Be aware that a ransomware attack using fake SA Post Office e-mail has made its appearance recently on the Tygerberg network.

The hacking attack, originating in Russia, uses fake e-mails from the SA Post Office to inform the victim of a parcel intended for delivery. The mail contains a link which downloads malicious software – in this case a nefarious variant of the Cryptolocker malware.

Crypto ransomware is a type of malware used to extort money from victims by preventing access to their computer or files. Recovery of infected systems is virtually impossible without clean backups.

When the victim opens the malicious e-mail attachment, the virus attacks the target PC system, encrypts victim’s files and displays a ransom note, which informs the victim that in order to restore access to their files, a ransom of between $100 and $500 must be paid. Victims have only a certain amount of time to pay a ransom or they will lose access to their files forever.

If you have been backing up your data and have extra copies of your photos, documents, and other files, you won’t need to pay a ransom. Reformatting your drive, and restoring the drive from backup is the only reliable way of undoing the damage.

Cryptolocker ransomware is a nasty infection. Criminals only seek to earn easy money and frequently manage to do so. For victims of this ransomware, I want to emphasise that paying the ransom will not solve the problem. There is no guarantee that your data will be restored. Making the payment will not help to remove Cryptolocker ransomware.

Here is some advice to prevent becoming a ransomware victim:

  • Use spam filters and be cautious when opening e-mails, especially if there are attachments.
  • Make sure you are using reputable, up-to-date security products.
  • Make sure your operating system and applications are up to date and fully patched.
  • Run a regular scan of your computer.
  • Set and use strong and unique passwords.
  • Set passwords on all your hardware devices (modems and routers).
  • Back up your data.
  • Keep a backup copy of your data in a safe place, disconnected from your computer and the internet.
  • Only visit reputable websites and online services.

[ARTICLE BY DAVID WILES]

 

Email

Tags: ,

This entry was posted on Wednesday, February 22nd, 2017 at 8:53 am and is filed under E-mail, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

 

© 2013-2025 Disclaimer: The views and opinions expressed in this page are strictly those of the page author(s) and content contributor(s). The contents of this page have not been reviewed or approved by Stellenbosch University.