Beware of Scam E-mails That Offer Anti-CryptoLocker Protection

Beware of Scam E-mails That Offer Anti-CryptoLocker Protection

We have all been warned about the new phishing scam that falsely claims to help protect you and combat the CryptoLocker ransomware.

There is now an e-mail going around that asks if you have a CryptoLocker infection, and will then advise you to “Use the attached tool to decrypt your files”, and wish you good luck.

RegistryCleanerKitIf you click on the link it will download a tool called ‘cryptolocker-file-de.exe’, it will install a legitimate piece of software called RegistryCleanerKit made by a Malta based company Uniblue. It then scans your registry, once finished shows you how many problems you have, to fix them you have to buy the software. At no point does it ever attempt to or is capable of decrypting the files locked by CryptoLocker.

Bullguard uncovered the scam on June 11; just nine days after the servers running the CryptoLocker and the Gameover Zeus botnet were disabled by international Police.

Over a two-week period ISP’s sent out e-mails to everyone with an infected computer, with instructions how to get rid of the malware. They also directed people to the Get Safe Online Website, were it shows you links to various products to help remove Gameover Zeus and other malware.

A bullGuard researcher said, “The scammers are just trying to exploit your fears and uncertainty”. They also said “we can expect to see more e-mails like this over the coming weeks”.

Share Button

Leave a Reply