Hundreds Report WannaCry Phishing Campaign

Written by

Action Fraud is warning of a new phishing campaign using the infamous WannaCry ransomware attack of May 2017 as a lure.

The UK’s national cybercrime reporting center claimed on Friday that it had already received 300 reports over the previous two days about the scam emails.

“The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry ransomware,” it said in an alert.

“In reality the emails are just a phishing exercise to try and extort money. The emails claim that all of your devices were hacked and your files will be deleted unless you pay a fine to the fraudsters in Bitcoin.”

It’s now over a year since the ransomware struck around the world, infecting more than 250,000 computers in 150 countries. In the UK it was widely publicized, having disrupted over a third of the NHS Trusts and 600 GP practices, causing the cancellation of an estimated 19,000 appointments and operations.

That’s why Action Fraud has been called upon several times already since May 2017 to warn UK netizens of scams using WannaCry as bait — although most happened in the weeks following the initial outbreak.

In mid-May last year, a BT-branded phishing email urged users to click through to confirm a security update ‘carried out’ by the telco to protect them following WannaCry.

Then a week later a new tech support scam emerged after reports of pop-ups appearing on users’ PCs.

“One victim fell for the scam after calling a ‘help’ number advertised on a pop-up window. The window which wouldn’t close said the victim had been affected by WannaCry Ransomware,” said Action Fraud.

“The victim granted the fraudsters remote access to their PC after being convinced there wasn’t sufficient anti-virus protection. The fraudsters then installed Windows Malicious Software Removal Tool, which is actually free and took £320 as payment.”

What’s hot on Infosecurity Magazine?