Ransomware spam - Locky

University Systems has been made aware of a mass ransomware spamming event targeting UVic and many other organizations.  Ransomware viruses are particularly significant as they encrypt all of the files on an infected computer as well as the files on network shares the computer is connected to. Once infected, the computer will display a message demanding payment to have the files decrypted.

The emails appear to be from businesses and have a .docx file attachment such as an invoice for payment. When the recipient opens the attached file, a macro allows the ransomware to start encrypting files on the computer.

University Systems recommends that users pay close attention to email messages received with attachments and only open attachments that they are expecting.  While our antivirus and spam detection systems are currently blocking these attacks, users should continue to be vigilant when opening email attachments.  We also wish to remind you of the services provided by University Systems that can mitigate the risk and impact of this type of issue:

  1. Files must not be stored on a local computer. They should be stored on central file storage services, such as the Personal Home File Storage service, where they are automatically backed up.
  2. Antivirus software must be deployed on a computer and kept up to date.

If you have any questions or concerns, please contact Desktop Support Services or the Computer Help Desk at helpdesk@uvic.ca or 250-721-7687.