최근 호주 우체국에서 이메일을 발송한 것처럼 꾸며 악성 프로그램을 설치하게끔 유도하는 사기성 이메일이 발송되고 있다고합니다.
이 사기성 이메일에 대한 내용을 살펴보면 소포가 도착했으니 선적 정보가 기재된 첨부파일을 출력할 것을 요청하고 있는데요, 문제는 이 첨부파일을 클릭하면 악성 프로그램의 일종인 랜섬웨어(ransomware)가 컴퓨터에 설치되고 컴퓨터에 있는 문서들이 암호화가 되어 악성코드 제작자에게 돈을 지불해야만 문서를 풀 수 있다고 하네요.
호주 우체국은 위와 같은 이메일을 절대 발송하지 않으며 동 이메일을 받으면 첨부파일을 클릭하지 말고 호주 사이버범죄 온라인 네트워크(Australian Cybercrime Online Reporting Network)에 알려줄 것을 요청하고 있으니 교민 여러분께서는 동내용을 참고하여 피해를 당하는 일이 없도록 유의하여 주시기 바랍니다.
Criminals use social media details in sophisticated ransomware attack
Criminals are using information from social media websites to trick people into opening malicious attachments in emails that appear to come from Australia Post.
People who do open the attachments risk downloading ransomware called 'Locky' to their computer. This ransomware locks targeted files on the computer and demands that victims pay a ransom of hundreds of dollars for the digital key to unlock them. The criminals demand the payment be made in the digital currency bitcoin.
The ransomware captures personal details from social media, such as name, location, workplace and job description, and incorporates them in the fake message to mislead users into believing the email is legitimate.
The email claims that a package has arrived for the recipient at an Australia Post store, and asks them to print out the attachment that it describes as a 'shipment confirmation'.
Australia Post warned in February this year that it would never send users an email asking them to click on an attachment. If you receive one of these emails, you are advised not to open the message or any attachments and to advise the Australian Cybercrime Online Reporting Network.
This Stay Smart Online Alert incorporates some tips that may help you recover in the event of a ransomware attack. You should also review the personal details you make publicly available on social media networks and consider limiting the number of people who can access sensitive data that may be misused.
More information
The Stay Smart Online website has information on protecting your computer.
The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.