So a new ransomware called Serpent Ransomware (.serpent file type) showed itself Feb 7th 2017.
On February 7, Proofpoint researchers discovered a new ransomware known as “Serpent” being distributed in email via links to malicious Microsoft Office documents. Currently, Proofpoint has observed this threat targeting Danish recipients using the subject “Sidste påmindelse for udestående faktura 1603750”, or “Last reminder for outstanding invoice 1603750”. The malicious emails contain a link to download a document with the same name as the invoice number in the subject, 1603750.doc. A sample email message is shown in Figure 1:
Figure 1: Sample email message with link to malicious document; the email, written in Danish, demands payment on an overdue invoice and threatens to turn the account over to a debt collector.
This virus takes me back to Locky Ransomware hell! Over 7 clients in 2 days being infected. To learn more about how this virus works visit proofpoint
It is currently targeting Danish recipients but we all know that won’t be the case for too long.
So again here are the steps to protecting youself.
- Do not open email attachments from people you don’t know. “And exactly who are you? #BoyBye”
- If you do know them, ask them if they sent it.
- If you open it up and it prompts you to “Enable Content” in order to view the document. DO NOT! Just tell yourself “This is too much work to view one file and ain’t nobody got time for that.” Close it, and delete it. If you enable it you might as well take you computer to the trash. Just kidding you’ll be fine if you followed my post on Storage and Backups