Tuesday, November 12, 2013

BBB Alert: Pay a ransom to unlock your computer

Ransomware Alert

Ransomware Alert

Roanoke, VA (November 12, 2013) BBB is warning businesses and consumers of a new computer threat that steals information, encrypts the data, and then charges $300 in ransom for recovery of the files.

The ransomware is called CryptoLocker, and is the latest attempt by scammers to hold consumer’s and businesses’ computer information hostage in order to make a quick buck. The BBB first reported on a similar computer attack in July involving scammers pretending to be Microsoft technicians locking users out of their computers and demanding payment for access. The BBB continues to receive calls of this nature, but CryptoLocker is more threatening than prior reported ransomware due to its excessive measures.

Here’s how it works: the program disguises itself as a legitimate email attachment in a .zip file format. Inside that .zip file will be a double extension file such as .pdf.exe. The problem is you may never see that double extension as Windows’ default settings may hide that extension and just display the icon for a PDF file. Multiple victims have reported the email appears as a shipping notice from the U.S. Postal Service or FedEX. This email may appear to be from other legitimate organizations such as Amazon or other online vendors. When opened it goes to work encrypting files stored on local and mounted network drives. The key needed to unlock the encrypted files is then stored on the malware’s servers. A message displays on the monitor offering to decrypt the data for $300 with a deadline of 72-100 hours. If the user does not pay the fee the private key will be deleted and the files will be lost forever. Payment of the ransom allows the user to download the decryption program, which is pre-loaded with the user’s private key.

One of the biggest threats with CryptoLocker is that, while the program itself is readily removed, the files remain encrypted in a way that several experts consider infeasible to break. To this point there is no solution to recovering these files without paying the ransom.  Another big concern is the loss of any banking information stored on the computer. The risk of identity theft can carry a much higher price tag and be a much bigger concern than the encrypted files.

“Be very, very mindful of what emails you are opening. If you feel an email seems odd or out of place consider contacting the sender by another method to confirm the email is legitimate,” said Julie Wheeler, President of CEO of BBB Serving Western VA. “Another key is backing up your files in a safe and secure place. Regular backup will ensure that files can never be completely lost because of threats like CryptoLocker.”

It is important that businesses and consumers contact their anti-virus software providers to determine if they have protection against this ransomware and others like it.

Posted By Valerie Garner

Categories: Education

Tags: ,


No Comments

Comments are not moderated. Notify any abuse at info@roanokefreepress.com put ABUSE in the subject and the offensive post.

Leave a Reply