A new variation of ransomware known as “Ransomcloud” is here and it is designed to attack cloud-based email inboxes.
While not yet found in the wild, the existence of “Ransomcloud” serves as a real wake-up call for all users of Microsoft Office 365, Exchange, Gmail and other cloud-based email solutions. If you are not currently backing up your mailboxes you will want to seriously consider implementing a solution sooner than later.
Like other forms of ransomware, end user input is required to initiate the mailbox encryption. The current known method will begin with an email that appears to be from Microsoft. This convincing forgery will offer a new anti-spam service or other similar services.
When the user follows the link to install the offered service the ransomware begins to lock-down all emails and attachments in real time. Same as with all types of ransomware infections the only real way to protect your data is to avoid interaction. We must continuously reinforce the importance of scrutinizing all attachments and emails. If it seems odd or suspicious, do not risk it. Forward any suspect emails to your IT department or delete them.