The M.O. is the same as last May’s attack on the ransomware WannaCry . The virus is usually caught through an attachment in an apparently clean email. This can be a false message from your bank, a parcel delivery UPS or a document scanned and sent from a corporate copier. Then, the malicious code will lock all files on your computer and those on the network, if the PC has access to shares on servers.
Thus, in companies, schools and administrations, the threat spreads very quickly and causes considerable damage, rendering the entire IT system fleet inoperative.
Then, a message appears indicating that you are the target of a ransom and that you must pay $300 to recover your files. First, it is not certain that paying the ransom will allow you to recover your files. Secondly, the pirates will not hesitate to extort more Bitcoin from you, since you have paid well once, so why not for a second.
Moreover, it would encourage other hackers, so it is ethically inadvisable to pay, especially since feedback proves that the recovery of healthy files is almost never done, even after paying the ransom in accordance with the rules.
The right protection against Petya and other equivalent threats
- Do not open emails from unknown senders
- Be aware of the risk of phishing
- Install the latest Windows updates
- Check that the antivirus software is regularly updated
- Install the latest versions and software updates (Office, Acrobat Reader…)
- Make regular backups of his documents, photos, work…