National Consumers League

Fraud warning: Malware scams locking computers for ransom

92_computer_lock.jpgCrooks are targeting consumers and businesses with sophisticated technology that, spread through email and difficult-to-detect downloads, encrypts the contents of a hard drive, making it impossible to use one’s files. Hackers target unsuspecting users and then claim that their data is being held for ransom -- and, once a consumer pays, there's no guarantee that the data will be unlocked.

According to the Federal Trade Commission, after the malware is installed by an unsuspecting computer user, the Cryptolocker crooks send a ransom note demanding hundreds of dollars in payment via Bitcoin or another anonymous payment method before they will unlock the files. Once a consumer pays the ransom, there’s no guarantee that the fraudster will not simply ask for more money.

Even if you pay the ransom, are you really willing to bet that the criminals running this scam will honor their promises and unlock your computer files? Experts say it's unlikely.

Ransomware has been around for a decade, but the frequency and severity of CryptoLocker scams appears to be on the rise, raking in millions of dollars for crooks.

A study by the University of Kent found that 2 out of every 5 CryptoLocker victims pay the ransom. This malware is especially sneaky, as it can be disguised as JPEG images, as PDF files, as Microsoft Office files, and other innocuous, familiar files. There are even reports that Facebook could be one of the likeliest places to get a CryptoLocker malware. Businesses have also been reported to be victimized by these scams.

It’s not just individuals who are vulnerable. but even computers for whole businesses. ABC 33-40, a news station in Birmingham, Alabama, was hit with the Crypto Locker virus. The director of engineering for ABC 33-40, Ron Thomas, described his station’s experience with the virus. “You buy this $300 Green Dot MoneyPak, you cannot use a credit card for it, it had to be cash or debit card. Once they claim the funds, they unlock your files. If those files had been lost, it could’ve affected 10 years’ worth of work by several departments,” said Thomas in a local news report.

Avoid Cryptolocker and other malware scams!

  1. Back up your files frequently on a separate device (which does not remain connected to your main computer) or use free cloud storage systems that are available online.
  2. Be on the lookout for suspicious looking phishing emails and links. Do not click on links or attachments from untrusted senders.
  3. Consider using ad-filtering applications that are free for your web browser to avoid clicking on suspicious links from ad pop-ups either by accident or by compulsion.