Tag Archives: locky

SRSU OIT Security Advisory – Virus in Email Attachment 8/12/2016

Sul Ross is receiving email messages that contain a harmful virus.  The Locky virus encrypts all the files on your computer’s hard drive and these files cannot be recovered.  The only mechanism we have to clean up the virus is to reformat your hard drive.

The email message indicates it is coming from a @sulross.edu account and contains a Microsoft Word document (*.doc, *.docx, *.docm) that when clicked, spreads the virus to your local machine and any attached devices, including thumb drives, external hard drives, and any other physically attached devices.

Our advice is that you never click on any attachments in an email message unless you are specifically expecting the attachment.  We also suggest you look carefully at the sender, the subject line, and the body of the message for indications the email is not legitimate (poor grammar, invalid references, etc.).

In the instances we are seeing today, the email purports to come from Dorothy, Gwendolyn and other common names (e.g. Dorothy@sulross.edu).  We do not use only first names in our email addresses, although some individuals have an alias that includes their first and last, e.g. david.gibson@sulross.edu.

If you receive an email from a peer, we suggest you take a moment, call the individual that supposedly sent the email and verify they did so and that they included an attachment.

Attacks on all institutions are on the rise.  Our best line of defense is you.  Be aware.  Don’t click.  Call us if you need help or are unsure at 432-837-8888.