One of the worst malware you can get and how to spot it!

CryptoLocker is one of the worst computer attacks you can have.  Not only does it infect your computer, but it effectively destroys your data and holds the copies for ransom!  I’m going to show you how to spot CryptoLocker before it has a chance to nail you!  I’m also going to tell you a little bit about how it works.

It is most commonly spread by this technique.

1. Attacker compromises many peoples email accounts and waits
2. Attacker sets up attack servers on new URLs (like: www.ups.ymm234kyUPS.com).  These new URLs are not yet blacklisted.
   Notice how the domain is actually www.ymm234kyUPS.com… a crazy domain.  The attacker just uses the prefix “ups.” to trick you
3. Attacker logs into all compromised email accounts and send a spoof email from many accounts at once to everyone in their address book.  This makes the email come from a “friend” or “family”.  Blacklist services will not have time to blacklist the site until after people have already visited it.
4. The recipient of the email clicks the link and BAM!!!  Hacked….
5. The program searches for files on your hard drive, your external drive and for other computers on your network!

Below is a list of all currently known email subjects for CryptoLocker.  If you see these, don’t follow any links in the email!  Its important to note that people using a good content filter, like the one included in all versions of QuickWatch, will find that the vast majority of these infectious URLs are blocked!  If you try to visit even day-old URLs from suspicious servers, you will receive a message telling you that this domain is not safe.  A content filter is SUPER-IMPORTANT for anyone who has valuable data.