CCR Data Center, Indianapolis, Indiana, July 19, 2023 1400 hrs

This is a CCR Cybersecurity Alert from CCR Technology Partners.

CCR’s Security team has received reports of an ongoing ransomware campaign using malicious web ads claiming that Windows or Microsoft Word needs to be updated to trick users into installing the ransomware.

When browsing a website that has been compromised, users may receive a pop-up ad that reports that they need to install an update to Windows or Office. Some ads may download the malicious installer automatically, but it will not run unless opened by the user. Users may see a fake Windows Update installation progress screen appear on their display for about 30 seconds, at which time the ransomware is already encrypting files.

CCR’s Security Team advises that users who receive these ads while browsing in a web browser immediately close down the browser and start a new session. If you see the fake Windows Update screen appear, it’s advised to immediately remove power from the PC to limit the amount of encrypted files.

The CCR Cybersecurity Alert Notification System was created to keep Indianapolis Organizations informed of possible threats to your corporate network environment.

Call the CCR Helpdesk at (317) 842-1754 or visit www.GoCCR.com if you need further information.