Alert Priority HIGH – Be on the lookout for new ransomware email scams

25 September 2017

Multifaceted email ransomware campaign currently underway
A new campaign is using multiple methods to try and trick you into downloading ransomware onto your computer.
The first method uses a fake email that claims to be from eBay, with a common subject line ‘Your invoice for eBay purchases (098871971234567#)’. The ‘click’ link leads to a web page designed to download ransomware onto your computer. The invoice number changes for each email. The fake email looks extremely convincing and is almost identical to a genuine eBay email.

eBay scam email example - invoice with fake details and a SCAM ALERT stamp

The second method is a short simple email with the subject line “Voice Message from 017234512978 – name unavailable”. The email message says “Click to listen Voice Message”. The phone number changes for each email.
When you press ‘click’ to listen to the message, you will be directed to a web page designed to download ransomware onto your computer.

What to do if you receive an email
If you receive fake emails like these, delete them immediately.

What to do if you’ve paid the ransom
If you’ve given your credit card or account details to pay the ransom, contact your financial institution immediately.

What to do if you’ve been infected
  • Never pay the ransom. There is no guarantee that paying the ransom will fix your computer, and it could make you vulnerable to further attacks.
  • Restore your files from a back-up copy. Always have a recovery system in place so a ransomware infection can’t destroy your personal data forever.
  • Report the incident to ACORN.

What is ransomware?
Ransomware is a type of malicious software (malware) that makes your computer or its files unusable unless you pay a fee.

More information
To find out how to protect yourself from ransomware, and what to do if you’ve paid the ransom, go to Stay Smart Online.
The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.

Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

This information has been prepared by the Attorney General’s Department (‘the Department’). It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.