Campus News

Be on the lookout for ‘ransom’ virus

UGA students, faculty and staff need to be aware of a new computer virus that holds documents as inaccessible until a “ransom” is paid.

The CryptoLocker virus is affecting computers with Windows operating systems across the U.S., according to news reports. The virus has been reported among a few computer users at UGA.

CryptoLocker typically is spread via phishing emails with attachments that appear to come from legitimate organizations, such as UPS, FedEx or a bank. The infected attachment usually appears as a .zip file that contains an executable file disguised as a Word document or a PDF.

Once an attachment is opened, the virus encrypts the contents of a computer. CryptoLocker then demands a “ransom” be paid by a specified time to unlock the contents. If the ransom isn’t paid on time, the virus will destroy all documents, photos and videos on the computer.

If you know or suspect your computer is infected with the CryptoLocker virus: don’t pay the ransom; turn off your computer; and contact the Enterprise Information Technology Services Help Desk at 706-542-3106 or or your departmental IT help desk.

Source: Enterprise Information Technology Services