Scam of the day – January 22, 2017 – College falls victim of ransomware

Ransomware, as regular readers of Scamicide know, is  a type of malware that gets unwittingly downloaded on to a company’s, institution’s, government agency or individual person’s computer, which when downloaded encrypts the data of the victim.  The victim is then told to either pay a ransom, generally in bitcoins within a short period of time, or the hacker will destroy the data.

The latest public victim of ransomware is the Los Angeles Valley Community College District which recently paid a $28,000 bitcoin ransom after ransomware locked the campus’ computer network along with its email and voicemail systems.  After paying the ransom, the code was delivered to the school enabling them to regain their files and control over their email and voicemail systems.

Ransomware has become one of the most common and effective cybercrimes in the last year, successfully targeting individuals and a wide range of companies including law firms, accounting firms and even police departments. As big a problem as ransomware was last year, I predict it will be much worse in 2017.

TIPS

The key to not becoming a victim of a ransomware attack is to prevent it in the first place.  Generally, the malware is installed unwittingly by victims when they are lured through phishing and spear phishing emails to click on links infected with the malware.  Never click on links in emails or text messages regardless of how legitimate they may appear until you have verified that it is legitimate.  You should also install anti-phishing software.

It is also important to not only have anti-malware software installed on all of your electronic devices, but to make sure that you update the security software with the latest security patches and updates.  Many victims of ransomware have fallen victim to strains of ransomware for which there are already security software available to thwart it.   Finally, always back up your computer’s data daily, preferably in two different ways in order to protect your data in the event you do become a victim of ransomware.

Scam of the day – May 16, 2016 – Phony Lizard Squad DDOS attack threat

Lizard Squad is the name of a group of hackers that, in the past, have done Distributed Denial of Service (DDoS) attacks against high profile companies, such as their Christmas  2014 attack against the PlayStation Network and Xbox Live gaming networks temporarily shutting them down.  A DDoS attack occurs when the hacker is able to mobilize a network of computers often referred to as a botnet to flood a particular website or network with so many communications at the same time that the website or network is unable to handle the high volume and it gets shut down.

Recently a number of businesses in the United Kingdom have been receiving threatening emails purportedly from Lizard Squad threatening a DDosattack unless they pay a five bitcoin ransom.  Now emails are being sent to ordinary citizens around the world threatening a DDoS attack unless a bitcoin ransom is paid.  Here is a copy of such an email that is presently being circulated.  DO NOT CLICK ON ANY OF THE LINKS.

“ATTENTION! FORWARD THIS MAIL TO WHOEVER IS IMPORTANT IN YOUR COMPANY AND CAN MAKE DECISION!

We are Lizard Squad DDoS.

https://en.wikipedia.org/wiki/Lizard_Squad 

Most importantly, we have launched largest DDoS in Swiss history and one of the largest DDoS attacks ever. Search for “ProtonMall DDoS”  All your servers will be DDoS-ed starting Monday May (30) if you don’t pay protection fee – exactly 20.8 Bitcoins @

1JquKeBNa91AQnLJSshcweeRMdKbUtT89q

If you don’t pay by Monday, attack will start, yours service going down permanently price to stop will increase to 40 BTC and will go up 20 BTC for every day of attack.  This is not a joke.  Our attacks are extremely powerful – peak over 1 Tbps per second.  Do not reply, we will not read. Pay and we will know it’s you. AND YOU WILL NEVER AGAIN HEAR FROM US!  Bitcoin is anonymous; nobody will ever know you cooperated only us from your bitcoin link.  How do I get Bitcoins?  You can easily buy bitcoins via several websites or even offline from a  Bitcoin-ATM. We suggest you to start with localbitcoins.com or do a google search”

TIPS

There are many things that companies can do to protect themselves from DDoS attacks, however, regular people really have nothing to fear from DDoS attacks and they are never used against ordinary people so if you get this threatening email or a similar one, you can merely ignore it.  In truth the threat is just meant to scare people who are in no danger of a DDoS attack to paying a bitcoin ransom.