Just another ransomware to worry about—Locky, a ransomware that attacks systems with malicious macros has logged almost a half a million sessions in the U.S.

The infection happens through an email that looks to be an invoice and has a Word attachment—the supposed invoice. The Word document attached to the email includes malicious macros that then are able to encrypt documents, images, and archives and rename them. A message then pops up requesting that the victim go to a Tor network and pay the hackers in Bitcoins.

As we continue to see and experience more and more versions of ransomware, it continues to be important to identify the patterns and provide education to employees so they don’t fall victim to the scheme and put your business at risk. In this form of ransomware, the subject line of the email reads: “ATTN: Invoice J-98223146” and the message says “Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at the bottom of the invoice.” Spread the word to read all emails carefully and recognize this one as especially important for your staff.