Sometimes I can tell where there is a new virus/malware scam in town.
When I receive several identical emails almost simultaneously from different friends I know that one of them permitted their email account be hacked and now some scammers are busily impersonating everyone in the purloined email address book.
The most recent occurrence of this was a spate of attacks from a new and pernicious form of criminal activity being called ransomware. When this form of online scam first appeared last year all the professionals in the Information Technology industry let out a collective groan because we all recognized immediately that this is bad, and that this scam is just too profitable for the crooks not to keep on doing it.
Ransomware is the symbiosis of two previously-existing and recently perfected technologies. Secure unbreakable encryption is now a reality, and likewise anonymous untraceable online payment systems. It is only natural to realize that cybercrooks seized on the idea that it was possible to encrypt victim’s valuable files, demand a ransom to unencrypted them, and arrange the payment through a completely untraceable system such as BitCoin.
So, the way the con works is that some unwitting computer user receives an email, allegedly from someone they know and trust, and they foolishly click on a link in the email or open it attachment. Immediately the malware goes to work encrypting the user’s files so that they can no longer be accessed. Then the crooks communicate that they will be willing to unencrypted the files for a price. That price, usually amounting to several hundred U.S. dollars, is paid in BitCoins that are absolutely untraceable.
Just ask the Tewksbury, Massachusetts Police Department. The department was hit with one of the early ransomware attacks leaving it with no choice but to pay the ransom to get back important files. They had no backup! Even using all their resources, the police department was stymied when trying to track down the perpetrators.
In San Miguel de Allende there was recently an attack that owing to the carelessness of several users resulted in several of them loosing all their documents, pictures and other data. The U.S. Federal Bureau of Investigation recommends that victims not pay the ransom. However, several police departments have learned that there is simply no other way to get your files back than paying the ransom, much to their chagrin.
Prevention is worth a pound of cure. In this case, make it a rule to never, never, never click on links in emails nor open unknown attachments and you will avoid almost all malware attacks. The best strategy is to have and maintain good backups stored offline from your computer so that if you do fall victim to a ransomware attack that you will not have to pay.
Charles Miller is a freelance computer consultant with more than 20 years IT experience and a Texan with a lifetime love for Mexico. The opinions expressed are his own. He may be contacted via his web site at SMAguru.com.