Scam of the day – November 16, 2015 – FBI agent advises ransomware victims to pay the ransom

Speaking recently at a cybersecurity conference in Boston, FBI Assistant Special Agent Joseph Bonavolonta startled many people when, in discussing ransomware, he said “the ransomware is that good.  To be honest, we often advise people just to pay the ransom.”  I have been warning you about ransomware since 2012.  Ransomware  problems start when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a “ransom.”  CryptoWall and its predecessor CrytoLocker ransomware have been used effectively by criminals for years.    The most recent version of ransomware being used is called Tescrypt.  Companies and individuals have been the targets of ransomware.  In fact, a number of police departments, including the Swansea Massachusetts police department have been the victims of ransomware and actually paid the ransom.

As with many types of malware, you download it when you click on tainted links or tainted attachments, which is why I always warn you not to click on any links or download attachments unless you are absolutely sure that they are legitimate.  In many instances, the ransomware has come as hidden malware in a phony email purporting to be from Federal Express or UPS.  As we approach the holiday shopping season, you can expect an upswing in people falling for this scam and clicking on links and downloading attachments in emails purportedly from these companies related to holiday shopping.

TIPS

The best way to deal with ransomware is to avoid it in the first place.  Have a good firewall, good anti-virus and good anti-malware software installed on your computer, tablet or other devices and keep the software up to date.  However, remember that the security software companies are always playing catchup with the hackers, so your security software will not always protect you.  The latest incarnations of most malware is generally at least thirty days ahead of the security software companies so you can never rely on your security software and your firewall to keep you totally safe.   However, make sure that when security updates are available that you download them as soon as possible.  Many people become victims of older versions of ransomware because they have not updated their security software.  Also, you should always back up everything on your computer in the Cloud or on a USB drive or preferably both.  Finally, never click on links or download attachments unless you are absolutely positive that they are legitimate and the only way to do this is to confirm that they are legitimate with the real companies you think may be sending you the email before ever clicking on a link or downloading an attachment.

If you are a victim of ransomware, here are a couple of free links that may help you.   The first  is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover.  The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware.  The link is www.malwarebytes.org.  Some types of malware cannot be defeated after it is installed, but it is always worth a try.  However, the best course of action to take is to avoid downloading anything unless you are confident it is legitimate and always back up all of your data both in the cloud and offline so that even if you do become a victim of ransomware, you don’t have to pay because your data is already preserved.

Scam of the day – June 6, 2015 – Law firms being targeted by Ransomware

I have been warning you about the dangers of Ransomware for a couple of years now.  Ransomware is a type of malware that when installed on your computer locks and encrypts your data so that it becomes unavailable to you unless you pay a ransom to the hacker who promises to provide the decryption key if you pay the ransom, but who threatens to destroy your data if you do not promptly pay the ransom.  Individuals, companies, governmental agencies and now law firms are being increasingly targeted by Ransomware.  The FBI issued a warning earlier this year about an increase in the use of Ransomware.  Two of the more popular Ransomware programs presently being used by hackers are CryptoLocker and the newer CryptoWall.  As is so often the case with malware, Ransomware is installed on victims’ computers when they unwittingly click on links or download attachments in phishing emails that appear legitimate.  In the last year, one particularly successful phishing email containing Ransomware promised information about the television series “Breaking Bad.”

TIPS

A good way to protect yourself against all types of malware including Ransomware is to never click on links or download attachments until you have confirmed that it is legitimate.  Additionally, you should keep all of your anti-malware and anti-virus software up to date with the latest security patches.  Another helpful thing to do is to program your hard drive to prevent unidentified users from modifying your files.  Finally, all of your data should be regularly, and when possible, automatically backed up.

Scam of the day – April 8, 2015 – Tewksbury Police Department pays ransom to retrieve files

The Tewksbury, Massachusetts Police Department became the latest in a long list of police departments that became a victim of ransomware, the malware that, generally through phishing, manages to become downloaded on to the department’s computers that locks and encrypts the victim’s files making them unusable.  In this particular case, the Tewksbury Police Department’s arrest and incident records were locked and a message appeared that read, “Your personal files are encrypted.  File decryption costs – $500.”  The particular type of ransomware used in this case has been called KEYHolder and despite the efforts of federal and state law enforcement agencies as well as two computer security companies, the data could not be retrieved.  Ultimately, the Tewksbury Police Department paid the five hundred dollar ransom electronically in bitcoins as demanded, making it pretty much impossible to trace.

In recent years, particularly since the development of CryptoLocker, one of the early ransomware malware programs, ransoming of computer data has brought criminals as much as 28 million dollars in ransom payments.  Many government agencies and police departments have been targeted along with the computers of ordinary citizens.  No one is safe.  The Colinsville, Alabama Police Department became a victim of ransomware last summer, refused to pay the ransom and lost their infected database of mugshots.  The Durham, New Hampshire Police Department also refused to pay a ransomware, but wisely had backed up its information so it lost nothing of value.  Other police departments, companies, government agencies and individuals have not been so fortunate, however and have either paid the ransom or lost their data in many instances.  Depending on the sophistication of the malware used, sometimes the ransomware can be defeated, but often it cannot.

TIPS

Certainly you want to always keep your anti-virus and anti-malware software up to date on all of your electronic devices, however, you can never be fully confident that this will keep you safe because the latest viruses and malware are always at least a month ahead of the software security updates created to deal with these issues.  Since generally the ransomware is downloaded on to the victim’s computer by clicking on a link in an email, it is critical that you not click on links in emails unless you are absolutely sure that the link is legitimate.  Finally, it is very important to back up all of your data independently every day so that even in a worst case scenario, you will not need to give into the demands of extortionists.

Scam of the day – June 26, 2014 – Hedge funds hacked

Hedge funds are aggressively managed investment portfolios that are largely unregulated.   They generally are used by only the wealthiest of people.  They also have become a ripe target for hackers who, according to a recent report by computer security firm BAE System, have been hacking into the computers of these funds and causing financial harm in a multitude of ways.  According to BAE, one unnamed hedge fund lost millions of dollars after hackers managed to infiltrate their computers through simple spear phishing tactics by which the hackers tricked hedge fund employees into clicking on links in infected emails that downloaded malware into the hedge fund’s computers that enabled the hackers to learn about impending trades and then delay the trades while the hackers traded first based upon the stolen information.   Another way that the hedge funds have been attacked is through the ransomware  program Cryptolocker, about which I warned you repeatedly since November of 2013.  Cryptolocker is a type of malware that infects the computer of the unwary victim and encrypts all of the victim’s data making it unusable unless they pay a ransom to the criminal hacker.

TIPS

The financial industry as a whole has not taken sufficient security precautions and steps to protect themselves and our economy from the attacks of scammers, hackers and identity thieves.  Just because you have not heard of many of these hackings as much as with high profile hackings of Target and other companies is very much because quite often the companies do not disclose that they have been hacked.  The hedge fund industry’s sophisticated digital trading systems have become attractive targets to hackers and the hedge fund industry has not taken the necessary security steps to protect the integrity of their business from attack.  Unfortunately, this type of crime is something that is going to get worse before it gets better.  Whenever you are investing your money with a company, you should first inquire as to the security steps taken by the company.

Scam of the day – November 11, 2013 – Cryptolocker ransomware danger

Ransomware has turned into a major problem for computer users.  In fact, I have warned you of various ransomware scams five times in just the last year.  You can find information about these previous ransomware scams by putting in the key word “ransomware” into the archives of Scamicide if you want to read about previous ransomware scams and what you can do about them.  Ransomware  is the name for a scam that starts when you find your compute frozen and a message on your screen tells you that your computer will remain frozen until you pay a “ransom.”  The ransom is generally required to be paid by a MoneyPak card or some other type of money card that is impossible to trace or stop payment on.

The latest ransomware scam is called Cryptolocker and what distinguishes this particular scam is that when this particular malware is downloaded by you on to your computer, laptop or other device, it encrypts all of your files, making them unreadable by you unless you pay the ransom, generally $300.  This makes Cyrptolocker technologically more difficult to defend.  In return for the payment you are told you will receive the private key necessary to retrieve your files.  Unfortunately, even people who have paid the ransom have found that the hacker responsible never provides the key and their files were effectively lost forever.

As with many types of malware, you download it when you click on tainted links or tainted attachments, which is why I always warn you not to click on any links or download attachments unless you are absolutely sure that they are legitimate.  In many instances, it has been found that Cryptolocker has come as hidden malware in a phony email purporting to be from Federal Express or UPS.  As we approach the holiday shopping season, you can expect an upswing in people falling for this scam and clicking on links and downloading attachments in emails for these companies related to holiday shopping.

TIPS

The best way to deal with Cryptolocker is to avoid it in the first place.  Have a good firewall, good anti-virus and good anti-malware software installed on your computer, tablet or other devices and keep the software up to date.  However, remember that the security software companies are always playing catchup with the hackers, so your security software will not always protect you.  Also, you should always back up everything on your computer either in the Cloud or on a USB drive.  Finally, never click on links or download attachments unless you are absolutely positive that they are legitimate and the only way to do this is to confirm that they are legitimate with the real companies you think may be sending you the email before ever clicking on a link or downloading an attachment.