Your computer screen freezes with a pop-up message—supposedly from the FBI or another federal agency—saying that because you violated some sort of federal law your computer will remain locked until you pay a fine.
Or you get a pop-up message that says your personal files have been encrypted and you must pay to get the key needed decrypt them.
These scenarios illustrate ransomware scams, which involve a type of malware that infects computers and restricts users’ access to their files or threatens the permanent destruction of their information unless a ransom—anywhere from hundreds to thousands of dollars—is paid.
Threat affects home and business alike
Ransomware doesn’t just impact home computers, says the FBI. Businesses, financial institutions, government agencies, academic institutions, and other organizations can and have become infected as well. This results in the loss of sensitive or proprietary information, disruption to regular operations, financial losses incurred to restore systems and files, and/or potential harm to an organization’s reputation.
Ransomware has been around for several years, but there’s been a definite uptick in its use by cyber criminals. The FBI, along with public and private sector partners, is targeting these offenders and their scams.
When ransomware first hit the scene, computers predominately became infected when users opened e-mail attachments containing the malware. More recently, the bureau has seen an increasing number of incidents involving so-called “drive-by” ransomware, where users can infect their computers simply by clicking on a compromised website, often lured there by a deceptive e-mail or pop-up window.
Another new trend involves the ransom payment method. While some of the earlier ransomware scams involved having victims pay “ransom” with prepaid cards, victims are now increasingly asked to pay with Bitcoin, a decentralized virtual currency network that attracts criminals because of the anonymity the system offers.
Also a growing problem is ransomware that locks down mobile phones and demands payments to unlock them.