In an effort to help folks using AOL or Yahoo as a primary email address there are a few things you can try:
1: Change your default browser! DO NOT use Internet Explorer to access any content on the internet. We recommend Firefox or Google Chrome which allow users to enable Click-to-play stopping many of these injection challenges as long as the user doesn’t just click OK and blindly continue when they get specific warnings.
2: We strongly recommend disabling all pop-ups in any browser you use – although it can affect some websites that use pop-up screens it’s better to be safe than sorry.
3: Always keep your browser and browser plug-ins like Flash Player, Java, Silverlight and Adobe Reader fully updated and ONLY through visiting the specific company’s website to check for updates.
Although these extra security steps will improve your protection against today’s attacks, they will not protect you 100% – the most important thing you can do is take great caution when visiting any websites and make absolutely sure you do not click on potentially damaging links, attachments, advertisements or unsolicited updates.
Remember: CryptoWall 2.0 is very destructive because it uses strong encryption and leaves users with almost no option to reliably recover their files aside from paying the ransom. Restoring the files from backups is a possibility, if those backups weren’t also affected by the infection.