A New Twist on Ransomware Delivery: Watch Out for Fake Voicemail Messages!
When it comes to voicemail message notifications delivered to our inbox, we haven’t usually thought of these as dangerous – until now. Hackers have figured out a way to include malicious code in this email notification. In this case, the attachment is a .ZIP file that is supposed to be the voicemail message. Downloading the attachment will unleash code that will encrypt all of the files on your computer or smartphone along with a demand for payment to unlock your device. Messaging platform, MS Outlook appears to be particularly vulnerable because “missed call notification emails are enabled by default”.
How Do You Protect Yourself?
- If you receive an email with a Missed Call Notification that is not from your normal voicemail service provider, don’t open it.
- Best practice: Don’t download or try to open any files that you did not directly request from a trusted source.
- Typically, the voicemail file in a legitimate Missed Call Notification is not in a .ZIP format. Most are in a simple .WAV file.
- Make sure your firewall is turned on along with anti-virus and anti-malware protection – and that they are up to date. Anti-exploit software may also provide additional protection.
- If your computer of smartphone is ever compromised by ransomware, take it directly to a computer professional. Don’t try to fix the device yourself.
- Source: KnowBe4.com.
For more information on this new type of ransomware, check out Heads-up! Voice Message Notification Email Warning Could Be Ransomware and Ransomware & Voicemail Notifications, Redux.