Stop giving your user’s local admin access. We restrict it on the domain and malware like this can’t install.
Disguising malicious code by adding a *.PDF or *.JPG to the end has been around forever.
M4l
I always check the properties of the rare file I D/L from someone I know as their email address book can be compromised.
You think a relative or friend is sending you a Christmas e-card or family pic or similar and then you’ve been had.
And I don’t even bother with text messages on my phone unless I know for sure that it’s from someone I know and even then I check the spelling and writing style for anything that doesn’t look right.
See the Youtube video, noting the comments between timemarks 07:00 to 0:00.
Adam Kujawa, Malware Intelligence Analyst, Malwarebytes
Virus Advisory: CryptoLocker - How to Protect Yourself
LinuxTechShow
http://www.youtube.com/watch?v=Zcj9RKO3e38