I have heard of this Locky ransomware from one of my friends. His computer was attacked by this ransomware and he was asked to pay 0.5 Bitcoin for a piece of software called Locky decrypter. After hearing about his sad story, I searched on Google and found this
post. Then I know this Locky ransomware is mainly spread via spam emails. Most of these spam emails have a subject line that reads “
ATTN: Invoice J-[random numbers]” and a Word document attachment that has the same name with the subject. Below is how the email looks:
It is rather hard for people to get rid of the ransomware and get their encrypted files back. So, prevention is very important. There are some tips:
1. You should back up your personal files, such as pictures, music, and documents regularly. You can set up automatic backups or manually back up your files at any time. In case when these files are damaged, deleted or encypted by malware, you can restore them easily.
2. You should disable all except digitally signed Office macros from running. If cyber hackers send emails with a malicious Word document, the macro won’t run.
3. You should use spam filters and avoid opening spam email attachments. Besides, you can try using
Symantec Email Security.cloud to block email-borne threats.
4. You should safeguard your computer with a powerful anti-malware program. This can decrease the risk of getting malware infection.