Cyber criminals are currently trying to rip off good-natured Swiss people with a new mean net. They receive an e-mail with the message that the users have received a fax. With trustworthy brand names like "Bluewin", they should be made to click on the attachment with the supposed fax message.
Who does that, downloads the ransomware Sodinokibi on the computer. This program is a so-called encryption Trojan. This encrypts the PC of the affected user and blocks all files. Who wants to have access to his data, should pay around 1500 to 2000 francs.
Do not go blackmail
The federal computer emergency response team (GovCERT) is now warning of the new threat posed by the Fake-Fax together with the reporting and analysis office Information Assurance (Melani). The authorities write: «Do not open the attachment and delete the mail.» Suspicious mails can be reported on Antiphishing.ch.
The covenant advises against entering extortion. Firstly, it is not sure if the data will be decrypted after that and you have access again, secondly if the malware is really completely removed from the system – or if no further blackmail attempts are made. In addition, criminal organizations would be strengthened.
You can do that
If a user has captured the ransomware Sodinokibi, the computer system must be reset. Melani recommends immediately disconnecting the PC from all networks, reinstalling the system and changing all passwords. In such cases, it is important to periodically back up all important data that can be restored after the computer has been rebuilt.
To protect yourself from attacks, there are the following general tips: Windows system and all installed programs always up to date and import updates. Use good virus protection and a firewall and update regularly. Regularly secure all important data, always disconnect the medium with the backup afterwards from the computer. And finally be careful with unexpected emails from unknown, but also known senders. Do not follow any instructions in the text, do not click on links, and do not open any attachments.