Dear colleagues,

The email below is a phishing attempt carrying a malicious Word file with a .docm extension. If you open the attachment, it will start to install the ransomware code on your machine. The ransomware will then proceed to encrypt the content of your computer’s drive and any connected network drives (e.g., U Drive and S Drive). Once complete, the program will ask for money to decrypt your files.

Please delete any similar email. (Forward it to us at first.) If you clicked on the email, please immediately shutdown your system and contact me.



Khalid Sarwar Warraich | Chief Information Officer

From: Willa [] Sent: Monday, December 12, 2016 1:05 PM
To: Khalid Sarwar Warraich <>
Subject: New(198)

[A Word file with .docm attachment removed]

Scanned by CamScanner

Sent from Yahoo Mail on Android

Phishing attack: attempt to install ransomware