NewsPage address: http://www.mnsu.edu/news/read/?id=1401224455&paper=its
ITS Security Alert: CryptoLocker data virus
Protect your devices and data from CryptoLocker virus.
Due to recent CryptoLocker data virus attacks, ITS urges all users be on alert to protect your devices and data. The CryptoLocker data virus has the potential to lock you out of your files, cause damage to your device and/or your data, and infect others.
The malware is often delivered via an email attachment. The fraudulent email looks like a message from a legitimate organization (like a shipper or the post office) and asks you to click on a link. By clicking on the link, your device can become infected. Once infected, your files may become encrypted and inaccessible, essentially “locked up.” You will know you have been infected when you receive a “ransom note” demanding payment to retrieve your files.
Find out more about CryptoLocker here: http://www.us-cert.gov/ncas/alerts/TA13-309A
To protect your computer and your data from the CryptoLocker and other malware, take these simple safety precautions:
- Be wary of emails from people and organizations that you don't know or trust. They may contain malware that can harm your device and/or your data. Immediately delete suspicious emails without opeing them.
- Do not click on links. Instead, type the URL into the browser then navigate to the information you need.
- Back up your data. On a regular basis, back up your data to an external hard drive such as MavDISK.
- Do not download files or email attachments from unknown sources.
- Avoid cross-contamination. Do not use thumb drives that have been used off campus without first running anti-virus scans on them.
NOTE: To back up your files, ITS recommends using MavDISK. MavDISK is a secure file storage system for the students, faculty and staff of Minnesota State Mankato. For information on how to use MavDISK, visit http://www.mnsu.edu/its/started/mavdisk/
Remember: ITS will never ask you to tell your password, in person, over the phone, or over email. This is called phishing and it is always malicious. Don’t fall for it! The only safe way to use your password is for you to type it into a computer yourself in an encrypted form field where the letters are replaced by dots or asterisks, where no one can see your hands while you’re typing.