Locky is ransomware targeting PCs in small businesses. Avast detects and protects you from this ransomware. Read more about how it works.
Beware of emails from random email addresses with subject lines like “Upcoming Payment – 1 Month Notice”. These emails typically come with a zip attachment that attackers have created to run a script that downloads and runs the now well-known ransomware, Locky. These phishing emails prove that Locky is not going anywhere anytime soon.
The emails are written in typical phishing style. The attacker tries to entice a potential victim to read the email and subsequently download the attachment. Attackers seem to be targeting small and medium sized businesses, to gain access to valuable company data.
Content of the email.
After decrypting the malicious Javascript file that downloads the exe file, we discovered the URLs above.
Some URLs just point to a nice message instead of malicious files
We advise everyone to never open attachments from unverified sources. Most companies, banks, agencies, etc., don’t request personal information via email. If in doubt, give them a call (but don’t use the phone number contained in the email—that’s usually phony as well).
If you are an Avast user, don’t worry - we protect against Locky! We monitor new mailing campaigns on a daily basis and based on that create new URL detections to protect our consumer and business users.
1988 - 2024 Copyright © Avast Software s.r.o. | Sitemap Privacy policy