“Let’s Resolve It Like This” Email Cyber Threat: A Guide to Removal and Future Protection

A new email scam known as the “Let’s Resolve It Like This” email has surfaced, posing significant risks to individuals and organizations alike. This sophisticated phishing attempt leverages social engineering tactics to deceive recipients into believing they owe money and must urgently resolve the issue. Once the unsuspecting user engages with the email, they are at risk of malware infection, leading to potential data breaches and financial loss. This article will delve into the specifics of this threat, its actions and consequences, detection names, similar threats, and provide a detailed removal guide alongside best practices for future prevention.

Details of the “Let’s Resolve It Like This” Email Threat

Text of the “Let’s Resolve It Like This” Email

The text from the e-mail is as follows:

Let’s resolve it like this:

All you need is $1340 USD transfer to my account (bitcoin equivalent based on exchange rate during your transfer), and after the transaction is successful, I will proceed to delete all stuff without delay.

Afterwards, we can pretend that we have never met before. In addition, I assure you that all the harmful software will be deleted from all your devices. Be sure, I keep my promises.

That is quite a fair deal with a low price, bearing in mind that I have spent a lot of effort to go through your profile and traffic for a long period.

If you are unaware how to buy and send bitcoins – it can be easily fixed by searching all related information online.

Below is bitcoin wallet of mine: 1JJFoKF5Dj31nvwbqKCrAtaAppaPzGCkEx

You are given not more than 48 hours after you have opened this email (2 days to be precise).

Below is the list of actions that you should not attempt doing:

> Do not attempt to reply my email (the email in your inbox was created by me together with return address).

> Do not attempt to call police or any other security services. Moreover, don’t even think to share this with friends of yours. Once I find that out (make no doubt about it, I can do that effortlessly, bearing in mind that I have full control over all your systems) – the video of yours will become available to public immediately.

> Do not attempt to search for me – there is completely no point in that. All cryptocurrency transactions remain anonymous at all times.

> Do not attempt reinstalling the OS on devices of yours or get rid of them. It is meaningless too, because all your videos are already available at remote servers.

Actions and Consequences of the Malware

Upon receiving the “Let’s Resolve It Like This” email, the recipient is urged to click on a link or download an attachment under the guise of resolving a financial dispute. The email often mimics legitimate communication from known entities, enhancing its deceptive potential.

Actions:

1. Phishing Attack: The email attempts to harvest personal information by directing the user to a fraudulent website designed to steal credentials.
2. Malware Installation: Clicking on links or downloading attachments can result in the installation of various malware types, including keyloggers, ransomware, or trojans.
3. Data Exfiltration: Once installed, the malware can capture sensitive data such as login credentials, financial information, and personal identification details.

Consequences:

1. Financial Loss: Stolen credentials can lead to unauthorized transactions and financial theft.
2. Identity Theft: Personal information harvested can be used for identity theft, causing long-term repercussions.
3. Data Breaches: Compromised systems can lead to larger data breaches within an organization, affecting numerous individuals.

Detection Names

Security vendors may identify the malware associated with the “Let’s Resolve It Like This” email under various names, including but not limited to:

• Trojan.PSW.Agent
• PhishTank
• W32/Phishing.D
• Trojan.GenericKD

Similar Threats

The “Let’s Resolve It Like This” email shares similarities with other phishing and malware campaigns, such as:

• Business Email Compromise (BEC) Scams: Fraudulent emails that trick businesses into transferring funds to the attacker.
• Sextortion Emails: Threats claiming to have compromising information about the recipient, demanding ransom for non-disclosure.
• Invoice Scams: Fake invoices sent to businesses in hopes of receiving payment.

Long and Thorough Removal Guide

Step 1: Disconnect from the Internet

Immediately disconnect your device from the internet to prevent further data exfiltration and malware communication with its command and control server.

Step 2: Enter Safe Mode

Reboot your computer in Safe Mode to limit the number of active processes and make it easier to remove the malware.

1. Restart your computer.
2. Press and hold the F8 key (or Shift + F8) during the startup process.
3. Select “Safe Mode with Networking” from the Advanced Boot Options menu.

Step 3: Remove Suspicious Programs

1. Open Control Panel.
2. Navigate to “Programs and Features.”
3. Look for and uninstall any suspicious or unknown programs that were installed recently.

Step 4: Delete Temporary Files

Deleting temporary files can help speed up the malware scan and remove some malicious files.

1. Open the “Run” dialog box by pressing Win + R.
2. Type %temp% and press Enter.
3. Select all files in the temporary folder and delete them.

Step 5: Scan for Malware

Perform a full system scan using your built-in security software, such as Windows Defender. Ensure your antivirus definitions are up to date before scanning.

1. Open Windows Security.
2. Go to “Virus & Threat Protection.”
3. Select “Full Scan” and follow the prompts.

Step 6: Remove Malicious Extensions

Remove any malicious browser extensions that may have been installed.

1. Open your browser settings.
2. Navigate to the extensions/add-ons section.
3. Remove any suspicious extensions.

Step 7: Restore Browser Settings

Reset your browser settings to default to remove any remaining malicious changes.

1. Open your browser settings.
2. Navigate to the advanced settings or reset settings.
3. Confirm the reset to default.

Step 8: Update Your System

Ensure your operating system and all software are up to date to patch vulnerabilities that could be exploited by malware.

1. Open Settings.
2. Go to “Update & Security.”
3. Check for updates and install any available updates.

Best Practices for Preventing Future Infections

1. Be Cautious with Emails: Always verify the sender’s email address and be wary of unsolicited attachments or links.
2. Enable Multi-Factor Authentication (MFA): Add an extra layer of security to your accounts.
3. Regular Backups: Keep regular backups of your important data to recover from ransomware attacks.
4. Educate Employees: Conduct regular cybersecurity training to make employees aware of phishing tactics and safe online practices.
5. Use Strong Passwords: Employ complex and unique passwords for different accounts and change them regularly.
6. Secure Network: Ensure your network is secured with firewalls, encryption, and intrusion detection systems.
7. Regular Security Audits: Perform periodic security audits to identify and mitigate potential vulnerabilities.

Conclusion

The “Let’s Resolve It Like This” email scam is a potent reminder of the importance of vigilance in cybersecurity. By understanding the threat, taking prompt action to remove malware, and adopting best practices for prevention, you can safeguard your personal and organizational data from such malicious attacks.