The ITS Security team would like to make the campus community aware of a new piece of malware, called “Locky”, that is actively being circulated online. Locky is part of a new breed of malicious software called ransomware, as its primary purpose is to encrypt or “lock” a user’s files and force the individual to pay a ransom to regain access to their files. This malware is also doubly dangerous as it not only encrypts all of a user’s files on their local computer, but can also infect files on any networked file share that the user may share with others.
Locky is currently being spread via email as an attached Word document. When opened, the Word document will initially appear corrupt, but will prompt the user to enable macros in order to see the full content. While macros are disabled in Word by default, clicking the prompt to enable macros will cause the computer to download and execute the malicious software that is responsible for encrypting all of the files.
Please use caution when opening any attachment received via email if it is unexpected, from a sender unknown to you, or the language or content is suspicious in any other way. If you receive an attachment that you are unsure of, you may report the content to email@example.com for further analysis. If you do open an attachment that appears to be suspicious or malicious, please contact the ITS Service Desk by phone at (901) 678-8888, via email at firstname.lastname@example.org, or your LSP for further assistance.
For additional information regarding malware, phishing, and other online threats, please visit the ITS Security website at http://www.memphis.edu/its/security.
Sophisticated email phishing attempts are being conducted in an effort to compromise University accounts. These emails may contain content such as a request to reactivate your account, an unexpected invoice for a service, or a notice of a false court hearing. Please use caution when opening any email attachments or clicking any links within suspicious emails.
Information Technology Services (ITS) will never ask you for your username and password via email or over the phone.
If you receive an email message that has a suspicious link or attachment, or asks you for account details such as your username and password, you can report the message to ITS staff via email at email@example.com or over the phone by calling the ITS Service Desk at (901) 678-8888. If you mistakenly opened an attachment or provided your account details via email or to a non-UofM website, please contact the ITS Service Desk for further assistance.
Additional information regarding keeping your University account safe can be found at http://www.memphis.edu/its/security/.
ITS is once again offering a training session in Information Security on February 8th, 2015, from 12:00 p.m. – 1:00 p.m in UC 261. We encourage all faculty and staff, especially those with administrative roles, to attend this session to learn more about what you can do to help protect the University’s systems and resources.
Registration for the Information Security session is via the Learning Curve website at http://learningcurve.memphis.edu.
Steps to register:
- Visit the site and click “ Manage your training”
- Login with your user name and password
- Under Registration on left menu, click “class schedule/registration”
- Select “View All” in the category dropdown box
- Scroll down to the Information Security session and click “Register”
Please report any problems registering to the ITS Service Desk at extension 8888.