About RAA – Malware, but not as we know it
RAA malware is disguised to look like an ordinary document. It begins encrypting files the second it’s opened. And because it is spread as an email attachment, it’s likely more people will end up accidentally installing it.
The ransomware is sent to victims by email. Windows uses the Based Script Host to run code, and most executable programmes are automatically screened and blocked. Sadly Windows lets .js files run, after which RAA encrypts your files and sends you a ransom note in Russian.
If you want your files restored, it’ll cost you £171. Right now there’s no other way – you just have to bite the bullet and pay up, although you might be able to restore your files from a back-up if you’re lucky.
How to stay safe from RAA
- Never, ever open an attachment from an unknown source
- Never open a .js email attachment, full stop
- Don’t open macro-enabled Office attachments like .docm and .xlsm files
- Tell Windows not to start the Windows Based Script Host process when you double-click a .js file
- Delete any email message that’s the least bit unfamiliar or suspicious without opening it
Is your system as secure as it could be?
We can help you protect your system with reliable, relevant anti-virus software. We can also manage your inboxes for you, and we know how to stay safe from email malware. Just ask.