A fresh case has appeared on the horizon of ransom removal that has originated from Russia. Internet Protocol (IP) addresses from Russia have been involved in social engineering campaigns. The targets are American internet users who found malicious emails in their inbox from USDC (United States District Court). The ransomware named as Sigma Ransomware, originated from more than 30 IP addresses of Russia.
Spam email campaigns are one of the biggest ploys used by cybercriminals to infiltrate the systems of internet users with a ransomware. These emails often either contain malicious links that redirect you to a dangerous website or a malicious attachment that is downloaded. After opening it, these attachments lock down your access to your computer, modify your important files with an extension and force you to pay a ransom to remove ransomware.
Preying on User Minds
The email is actually in the form of subpoena that orders the user to reach the court. An attachment is provided with a given password that entails the details of the court’s location and timings. Thus, the attackers tried to exploit the psychological state of their users with emotions of guilt, authority and fright in order to encourage them to open the malicious attachment.
Experts in ransomware removal think that such tactics were used in order to repress a person’s thinking abilities and put into a state of panic and confusion so his judgment falters. The attackers were smart as they also put a fake domain in the email address. The email address of the cybercriminals is “uscortgove.com”.
Moreover according to experts in ransom removal, a password is added to entice the users to open the attachment and check the details of the court. Additionally, both the subject and attachment name was same in order to establishment authenticity.
Have you recently gotten a similar email from a USDC? Do not open it! If you ever get emails from such institutions then do not be hasty to open them. Contact these institutions through their official websites and reconfirm the validity of the emails.