Locky Ransomware emails using information of user from their Facebook profiles.
The email appears to originate from Australia Post, DHL, Fedex, Blue Dart or similar and informs the recipient about a package that has supposedly arrived for them at a local collection point. The email then directs people to download and print the attached shipping information, which contains ransomware known as ‘Locky’.
Once the ransomware is downloaded, users are prevented from accessing their files until a ransom fee has been paid.
“The email is directly addressed to the recipient, using their first, last name, location, job title and company name, all included within the email content,”
By using highly advanced scraping software, cyber criminals are able to scan and acquire this information from readers’ public profiles on social media sites
It’s more likely recipients of an email would download an attachment if email mentions personalised information about them.
Good Work Npav To All Team.