Our company has been infected with locky ransomware and what they are seeing is email coming from random Internal valid addresses via exchange which has got different attachments which contain malware. They have ran anti malware on client machines and have
cleared malwares and also from servers. However they dont have any sort of security solution on exchange server apart from AV.
Now i wants to know what is the best way to stop this Internal spam and delete these email. Few things to mention :
- Emails come from valid email addresses
- They have different malware attachments + Subjects
Appreciate your inputs
