Beware: Computer "Ransomware" Impersonates OPM

Examples of the Locky ransomware from Sophos.com.

Examples of the Locky ransomware from Sophos.com.

According to Phishme and Fedscoop, there's a new piece of computer Malware that can infect your computer that appears to come from the U.S. Office of Personnel Management.

According to Phishme, the thieves send an email to unsuspecting users "that cite[s] the purported detection of 'suspicious movements' in the victim’s bank account that were detected by the US Office of Personnel Management." The email asks the recipient to "examine the attached scanned record," which is a file that, if opened, infects the recipients computer.

The Malware, dubbed "ransomware," encrypts the users computer when the user opens it, making all of the data on the machine inaccessible unless the user pays a ransom to the thieves, who will then supposedly send the victim a key to unlock their data and again gain access. The ransom required by this piece of nastiness is about $360, currently.

Fedscoop interviewed Phishme's Threat Intelligence Manager Brendan Griffin who noted that "the threat actors chose the Office of Personnel Management" which "could be interpreted as evidence that the threat actors have some topical understanding of the people they are trying to reach — government employees or those affected by the OPM [data] breach.”

While most of us know this, it bears repeating:  Do not open any attachment to an email unless you are 100% certain that the email is legitimate. In the case of an email that appears potentially legitimate, rather than opening the attachment, visit the website of the organization directly and see if there is a press release on the subject that would verify that the email is legitimate. Using the OPM example, rather than opening the attachment, instead visit OPM.gov's news site and look to see if they are sending email like the one you received, which they are not.

Be safe out there!