We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
***WARNING*** Very nasty virus doing the rounds
Lucero_2
Posts: 283 Forumite
in Techie Stuff
Hi all,
I am now on my 3rd iteration of client support for a virus sent via email.
The email portrays to be from Royal Mail with details of a parcel awaiting collection. The attachment lists the details of how to collec the parcel. The email is addressed to the correct person and even goes so far (in some cases) to know details about the addressee.
Upon clicking the attachment, the computer will have multiple pop ups appear on the desktop including what looks like a very genuine Microsoft message telling you that the hard disk platters have been destroyed.
So far MSE is the only current known AV to detect it, and although it offers a fix, it is unable to actually repair itself.
Clicking on start lists an empty directory and click on "all programs" comes up as blank. At this stage, all the data is still intact but you have to keyboard shortcut to "my computer" (Winkey +E) to see the programs and data.
If the virus detects a MalwareBytes process, the computer immediately disconnects from the internet and shuts down the computer. Upon restart, you will be presented with a "disk not found" or "disk corrupt" message.
You will need to use recovery to restore the PC.
I am now on my 3rd iteration of client support for a virus sent via email.
The email portrays to be from Royal Mail with details of a parcel awaiting collection. The attachment lists the details of how to collec the parcel. The email is addressed to the correct person and even goes so far (in some cases) to know details about the addressee.
Upon clicking the attachment, the computer will have multiple pop ups appear on the desktop including what looks like a very genuine Microsoft message telling you that the hard disk platters have been destroyed.
So far MSE is the only current known AV to detect it, and although it offers a fix, it is unable to actually repair itself.
Clicking on start lists an empty directory and click on "all programs" comes up as blank. At this stage, all the data is still intact but you have to keyboard shortcut to "my computer" (Winkey +E) to see the programs and data.
If the virus detects a MalwareBytes process, the computer immediately disconnects from the internet and shuts down the computer. Upon restart, you will be presented with a "disk not found" or "disk corrupt" message.
You will need to use recovery to restore the PC.
0
Comments
-
would have to be pretty daft to open the attachment, seeing as royal would not send an email to say you have a parcel awaiting to be picked up.Mansion TV. Avoid at all cost's :j0
-
and also very surprised if MSE is the ONLY av that detects it...........Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple
0 -
and very disappointing that it doesn't block it but only reports it after the event...0
-
would have to be pretty daft to open the attachment, seeing as royal would not send an email to say you have a parcel awaiting to be picked up.
As the OP says they are on 'client support'.....then I'd imagine that their clients (ie persons/companies on whose behalf the OP manages some aspect of their computing) are indeed pretty daft. Or esle they work in a company environment so don't really care what they open/click on as "hey, someone else will fix it and it's not my computer"0 -
Don't worry, the 3 people have all been old. What tricked them was that the email contained personal information which really couldn't have been known.
The first, listed an address (from which the addressee had recently moved from) which made him think it was genuine.
The last, had MSE and Avast on it. Avast remained completely silent even when the virus was in full swing. MSE offered to repair, highlighting the explicit issue, but couldn't. Running MBytes made things worse.
I'll be picking up the 3rd one today to examine it more closely.0 -
Don't worry, the 3 people have all been old.
Thanks for the heads up, but is being old a requirement for getting tricked by this?
The implication is that, as my 60th birthday is only a few weeks away, I'm not capable of taking care of myself online. Of course the young don't click on things they shouldn't do they.
You need to think about that sentence and your attitude. It is offensive!0 -
I think that may have been a typo for "have all been told"Squirrel!If I tell you who I work for, I'm not allowed to help you. If I don't say, then I can help you with questions and fixing products. Regardless, there's still no secret EU law.
Now 20% cooler0 -
-
Andrew1472 wrote: »Thanks for the heads up, but is being old a requirement for getting tricked by this?
The implication is that, as my 60th birthday is only a few weeks away, I'm not capable of taking care of myself online. Of course the young don't click on things they shouldn't do they.
You need to think about that sentence and your attitude. It is offensive!
Opps, yes, indeed, should have been "told". No offence meant
Coincidence though, that the people involved are of the "older" persuasion and do get tricked in to these emails and phishing easily.0 -
I open up this thread to find one of the posts has a highlighted word , and sure enough I have got mailware again ...........Why or how does MSE pick this up?
And no I havent opened up any mail from royal mail ( or any other suspect mail )Vuja De - the feeling you'll be here later0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 354K Banking & Borrowing
- 254.3K Reduce Debt & Boost Income
- 455.2K Spending & Discounts
- 247K Work, Benefits & Business
- 603.6K Mortgages, Homes & Bills
- 178.3K Life & Family
- 261.1K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.7K Read-Only Boards