The Threat of Ransomware Campaigns on HR Groups

By: Nicole Cronin

Ransomware does exactly what the word describes. It is a software that blocks access to files until a ransom is paid.  We are all familiar with the typical easy to spot scam email.  Currently, the target is mainly German HR groups, but they can target anyone. The way these scams work is they are emails sent mimicking a job application and once the file is opened it begins encrypting all the files on a computer holding them hostage. The HR departments are easy targets as they receive emails from unknown people on a daily basis.

One example of a current threat is the GoldenEye Ransomware which would contain a non-threatening pdf, like a cover letter, and an excel spreadsheet.  The pdf would open as normal, and the excel spreadsheet would pose as the job application, containing the GoldenEye payload.  Once opened, file encryption begins immediately, and a black screen with yellow wording would instruct you to the dark web to pay up with a going rate of $1000 to unlock your files.

Accidentally opening ransomware is preventable although you need to stay on top of current threats.  Just like a virus, these threats are always evolving.  You can prevent it starting with a good anti-malware and anti-ransomware program.  These are designed to prevent these attacks.  But like it or not, a backup of all your data is a must which needs to be physically disconnected from your working computer.  Education is next, know what these scams look like. For example, ransomware posing as job applications may have very odd or distinct languages. Like it or not, these scams are here to stay so you should be prepared and educated when you might be confronted with the threat.