Posted by: Dave Bateman
We have all heard the malware horror stories, but what I read about today takes it to a whole new level. It seems that the new trend is not to just install malware and change your default search engine or load “virus detection software” that finds a dozen or so viruses. It also tells you the only way to fix it is to “upgrade” to a certain company’s software. That was child’s play because anyone smart enough to know how to use a system point restore could resolve those problems. As users get smarter, so do the creeps and out right criminals. Now they are retrieving information and documents and holding them ransom until you send them your credit card information.
There are a couple of tactics that this type of malware uses. The first is that it captures a screenshot of your browser history and publishes it online. The hope is that there is information in the history that would cause you embarrassment. After the screenshot is posted, you receive an email telling you how to pay the ransom and have the information removed. This type of malware is loaded when someone tries to install software that they downloaded from sites that specialize is questionable content. The thought is that people that frequent these types of sites are more likely to have embarrassing information in their browser history, which increases the likelihood of extorting the ransom. If nothing else, the creators of this type of malware seem to know their “customer.” Currently, this type of malware is being reported by users of a file-service in Japan called “Winni.”
The other type of malware demanding a ransom is somewhat more sophisticated. It doesn’t use embarrassment, but simply holds your documents hostage. Once installed, it encrypts the documents on the PC and offers to sell you the encryption key to unlock your files.
And finally, one malware that works on nothing but fear. Once installed, a popup appears stating that the PC is about to be checked for illegal software. But, you are offered a pretrial settlement. All you have to do is give them your credit card, and they will bill you $400.00 and all is forgiven. The good news is that they don’t charge your credit card. The bad news is they sell your credit card information.
So, what can we learn from this? The first is that everyone on the Internet is a target so you have to be extremely careful of the sites you visit and the software you load. The other thing that comes to mind is just how important backups are. Typically, we think of backups in the case of hardware failure or accidental deletion, but it could also come in handy if your data is held for ransom. In the end, the best you can do is to exercise extreme care when you are online. Your best defense is knowledge, hopefully this article helps strengthen it.