Fake Telenor Ransomware Campaign

/in , /by

Today, a malicious email campaign was launched, targeting Norwegian entities. We have seen a large amount of these malicious mails addressed to our employees, customers and partners, and we would like to discourage you from interacting with this email.


The email itself visually appears to be from Telenor, with the subject line “Faktura Fra Telenor Norge AS, Mobil “. It has a payment date close to the future (10th of February), which is there to cause stress so you don’t think twice before clicking the links. The links will however send you to a malicious site, which aims to infect your computer with a ransomware. The ransomware will encrypt any file it has write access to (even open shared file systems), and then demands payment in order to make the files readable again.

In order to better secure your organisation against these types of threats we advise you to look at our article about this, which can be found here: Basefarm Ransomware Information

Further information about this specific attack:
Telenor Twitter
Dinside

You might also like
Mikael Karlsson Recent weeks spam\malware trends; refunds or delay complaints
Protect your organization before ransomware strikes
Mikael Karlsson Don't get caught in the cold with ransomware