It is not uncommon for cybercriminals to prey on people’s fears to get their way. This is the primary force behind ransomware attacks and countless phishing methods. These attacks typically have actual teeth to them, where an infection is imminent or has already occurred if the victim fell for the tricks. There are instances, however, where the criminal in question actually has no attack plan and simply hopes that fear alone can accomplish their goals. This appears to be the case with a fake WannaCry scam.
It is this that UK police have been dealing with recently, specifically related to phishing emails that threaten users with the WannaCry ransomware. According to a report from the UK’s Action Fraud division, the team has been receiving numerous reports of this phishing attack from at least 300 individuals in just a two day period (by the time of publication this number will have risen).
The emails are sent to potential victims and state that all of their devices have been hacked and infected with WannaCry. The email then demands a bitcoin payment to a specified location or else all files affected by WannaCry will be deleted. This is, of course, total nonsense as an actually infected device would be locked on a screen demanding the bitcoin ransom. There is simply no possible way that the victim would be able to access their email and, additionally, it would be via email they discover the infection.
This doesn’t stop these criminals from trying to phish anybody on their mail list, and unfortunately, there may very well be people that take the bait. WannaCry was in the news extensively and just the mention of it may cause a less technologically savvy individual to think they have actually been hacked. The best way to handle these fake WannaCry emails is to delete them (without even opening them) and let it be a memory. Don’t take the bait, and also report these incidents to local law enforcement if you wish to help inform individuals in your vicinity.
Featured image: Flickr / Marco Verch