Ransomware Scam Alive and Well! Don’t Click!
Wednesday, March 30, 2016
“Hi, Dave. You need money?”
“No. Well, yeah. But that’s not why I’m calling … some guy from Microsoft called me to tell me that my computer was hacked or something and I should click on a link to fix it.”
“Tell me you didn’t click on the link?” My husband said breathlessly.
“I clicked on the link.” The air left the room…
Cryptolocker, and others like it, work by encrypting all the files on your computer – your photos, your documents, your tax refunds – anything you’ve saved to the hard drive or any shared folders. Once the files are encrypted you won’t be able to open them without the encryption key – which you can get only from the criminals behind the scam – who infected your computer in the first place (with your help).
After the scammers have encrypted your files, it displays a message demanding payment through an anonymous payment type like Bitcoin or Green Dot cards, and promise to give you the key if you pay the ransom in time (for example, $300 to be paid within 72 hours). Unfortunately, once Cryptolocker has encrypted your files, there’s no way to recover them. You could pay the ransom, but there’s no guarantee you’ll get the encryption key.
Our story ended with my son dropping off his thoroughly locked-up computer to my husband, who spent 1/2 a day doing a system restore until he was successful in restoring his data. But others are not so lucky. They have to hire other non-family-member smart people to fix the mess, and expend considerable time, trouble and money in the process. (Or you can attempt to DIY and look up “Performing a System Restore” on YouTube.)
So what can you do to prevent this?
Don’t click on links in an email unless you know who sent it and what it is. Also, back up your files. Right now. And often. An external hard drive is a good option, but be sure to disconnect it from the computer when you are not actively backing up files. If your back-up device is connected to your computer when Cryptolocker strikes, the program will try to encrypt those files, too.
- Instead of clicking on a link in an email, type the URL of the site you want directly into your browser. Then log in to your account, or navigate to the information you need.
- Minimize “drive-by” downloads by making sure your browser’s security setting is high enough to detect unauthorized downloads. For example, use at least the “medium” setting in Internet Explorer.
- Don’t open “double extension” files. Sometimes hackers try to make files look harmless by using .pdf or .jpeg in the file name. It might look like this: not_malware.pdf.exe. This file is NOT a PDF file. It’s an EXE file, and the double extension means it’s probably a virus.
Finally, along with the “Drive Safely, Don’t Speed, Behave, Don’t Get in Trouble” instructions you give to your kids, tell them to:
- NEVER CLICK ON SUSPICIOUS LINKS!!
- Remember that Microsoft will NEVER call you to tell you that your computer is infected or hacked.
- Back up your files . . . always.
- Make friends with the computer guy or girl in your dorm/apartment complex. (They might save you one day!)
And, if Grandma or Grandpa are computer-savvy? Tell them, too.