The Locky ransomware, a piece of malware which encrypts a user’s local data until they submit to the authors’ extortion request, has been in the news since it hit the internet around February 16th.
A number of emails distributing the Locky software were sent to Fairfield, but our email security appliance blocked the delivery. Our Palo Alto devices also have the ability to block Locky malware that makes it past the email appliance.
Fairfield University community members who are not onsite or who are onsite using 3rd party emails whose encryption blocks the Palo Alto scanning will need to rely on their local anti-virus installed and recognize suspicious emails to avoid infection. The malware is distributed in an email that reading “Attn: Invoice J-<series of numbers>” and will usually be from an unknown sender.
If you receive an email with the above subject or any other suspicious email from an unknown sender, please delete the email.