IC3 issues alert on CryptoWall Ransomware

June 30, 2015 - The Internet Crime Complaint Center (IC3) has issued an alert warning that U.S. individuals and businesses are still at risk of CryptoWall ransomware fraud.

Scam operators use ransomware—a type of malicious software—to infect a device and restrict access until a ransom fee is paid.

Individuals and organizations are discouraged from paying the ransom, as this does not guarantee files will be released. One popular way the malware is currently being distributed is through emails posing as a résumé.

IBM recommends proactive end-user education and security awareness training continue to be critical in helping prevent incidents like the one described in this advisory.

  • Train employees on security best practices and how to report suspicious activity.
  • Consider conducting periodic mock-phishing exercises where employees receive emails or attachments that simulate malicious behavior. Metrics can be captured on how many potential incidents would have happened had the exercise been a real attack. Use these findings as a way to discuss the growing security threats with employees.
  • Offer security training to employees to help understand threats and measures they can take to protect the organization.
  • Provide regular reminders to employees on phishing and spam campaigns and that they shouldn’t open suspicious attachments or links from both work and personal emails.
  • Train employees in charge of corporate banking to never provide banking credentials to anyone. The banks will never ask for this information.


US-CERT encourages users and administrators to review the IC3 Alert for details and refer to the US-CERT Alert TA-295A for information on crypto ransomware.