One minute you’re browsing the Web, gathering information for a project that you’re working on, the next you receive an ominous message that your computer has been hijacked by a virus and are given a phone number to call to help remove it. Upon calling the number, which may even advertise being a representative of a legitimate computer industry, you are informed that for a fee, the virus can be removed. All attempts at exiting the program and regaining control of your computer seem to be blocked by prompts that perpetuate the cycle. You have just become the victim of Ransomware.
Symptoms and Behavior of Infection
The tell-tale sign that your computer has been hijacked by malicious programming is the presence of fake anti-virus or anti-malware programs informing you that the virus may be removed for a fee. Cyber security experts Trend Micro warn that once infected, the malicious program will attempt to lock the computer screen, program, or image which will prevent you from using your computer. In extreme cases, the virus may encrypt some or all files on your hard drive until a decryption key, or a cleverly disguised anti-malware program is purchased from cyber-attackers. In every sense of the term, this software is designed to scare and bully those affected into paying a ransom, or purchasing a removal solution that was likely created by the very individuals that created the virus and malware in the first place.
The most common form of payment that these cyber criminals will attempt to relinquish from their victims comes in the form of anti-virus and anti-malware removal software specifically tailored to remove the malware on a victims computer. Those who give in and purchase this removal software may find that the software will detect “new” malware on their computer from time to time, and may even charge an additional removal fee for each use. Some of the cyber criminals using this malicious software are not so coy, and may ask for direct deposits, credit card payments, bitcoin transmissions, or even gift cards to popular online services including iTunes and Google Play. According to Norton by Symantec, these hijacking and ransom tactics can generate over $33,000 in revenue in just one day.
Preventing and Avoiding Infection
The old saying “an ounce of prevention is worth more than a pound of cure” holds true in regards to preventing and avoiding malware infections. Avoid clicking links in suspicious emails. Employees of hospitals and universities may find that cyber criminals may send out legitimate-looking emails with messages from your system president, CEO, or even IT staff in an attempt to luring unsuspecting users into downloading malware onto their personal work computers. Check the return email address and verify that it belongs to your organization before clicking any links or downloading any programs sent to you in an email. Avoid downloading free programs from the Internet, and stick only to trusted sources when installing new programs on your computer. In some situations you can force close a program, or use keyboard commands such as alt+tab to cycle away from the locked program and regain basic control over your computer as you attempt to deal with the malware. When in doubt, invest in a well-known, legitimate anti-virus or anti-malware program.
Remember, this software is designed to use scare tactics to get you to pay for the use of your computer again. In some situations these rogue programs target individuals of organizations who may be fearful of bringing this information to their IT staff, or those who do not have the know-how to remove the malicious program on their own. Known the signs of ransom software, and practice safe Internet habits to avoid being a victim in what has proven to be a very profitable scheme.