WARNING! Fake “Incoming Fax Reports” And The Crypto-Virus Malware!

By | March 25, 2015

The threat of malware infecting your personal or business computer systems is ongoing and, as the perps get more sophisticated and creative, getting more dangerous all of the time!

The danger of course is not only from the malware itself and the damage and havoc that it can cause, but that an unsuspecting employee or family member unwittingly clicks on or opens something they should not be clicking on or opening thereby opening the door and letting it in.

Fake “Incoming Fax Report” emails lead to crypto-ransomware

Once again, fake “Incoming Fax Report” emails carrying malware are being sent out to random users. Given the popularity of online fax-sending services, there are likely to be many victims.

The email takes the same, often repeated form:

cybercrime,malware,data security

Most of the time, the subject of the fake fax is something related with payrolls, or an internal report, and the malicious file is hosted on an online file storage account and linked to from the email.

In this case, the email carries the malware in the attachment.

According to Dr. Web researchers, the file – a SRC file – is a Trojan downloader which, once run, extracts and launches encryption ransomware.

“The ransomware then encrypts data stored on the disk and demands a ransom for its recovery. Files affected by [the ransomware] do not have their filename extension changed, but get the string ‘!crypted!’ appended at the beginning of their names. During the encryption process, the malware creates temporary files with the extension *.cry which are later deleted,” they explained, and pointed out that, unfortunately, it’s currently impossible to decrypt files affected by this crypto-ransomware.

They don’t tell which one it actually is, but the category the file it under – Trojan.Encoder.514 – is the equivalent of Microsoft’s Win32/Crowti.A, which corresponds to the infamous Cryptowall.

Users are advised to regularly back up their important files, and to think twice about opening attachments or follow links from unsolicited emails.

Seeing that this particular type of malicious email campaign is mounted every few months, this will surely not be the last time users are warned about it. Unfortunately, It only takes a moment of distraction for it to succeed.


Michael Haltman, President of Hallmark Abstract Service, New York.

HAS is a provider of title insurance in New York State for residential and commercial real estate transactions.

And, for anyone either buying a property or refinancing, remember that although your attorney will likely recommend a title insurance provider you always have the right to choose your own (click here to learn more)!

If you have any questions you can reach Michael by email at mhaltman@hallmarkabstractllc.com.


Leave a Reply

Your email address will not be published.