Fraud Files: Kidnapped! Data Held Hostage

Hackers take over victims’ computer systems and then give them back, for a price, with ransomware. Learn how to recognize this threat and what to do if it strikes your PC.

Thursday, June 09, 2011

A thug throws a corporate executive in the back of a van. A drug cartel whisks a blindfolded politician off to a desert hideaway. A computer nerd sends an email.

Two of these scenarios sound like kidnapping; one of them doesn’t. Yet the bad guys are more likely to hold your computer for ransom by infecting it with ransomware, malicious software that demands cold hard cash for restored access to data.

Sometimes a computer company is in on the scam, intentionally infecting a computer and then collecting money for the repair. Sometimes hackers break in, encrypt sensitive files and then demand money for the key to unlock them.

“These scams are like smashing a window and then saying, ‘Hey, I have a window repair business,’” said Mark Fullbright, a CyberScout fraud investigator. “People need to be aware of them whenever they’re prompted with quick and easy computer repair solutions.”

That’s what happened to Marie Cassal.* Her computer appeared to have been infected by a virus when her programs crashed and the computer froze. Then she received a message from a computer repair company: A virus was detected on her computer. The company could fix it—for $79.99.

Cassal’s credit union referred her to CyberScout, which put Fullbright on the case. “We determined that the repair company placed the virus on her computer, then prompted her to pay them to fix it,” he said. “Shortly after, her computer was shut down completely.”

Fullbright helped Cassal get her money back and recommended finding a reputable computer technician to get rid of the virus once and for all. Her computer was saved, but only after she spent $500 on a professional computer technician.

That’s just what graduate student Anastasia Colon* did. She was checking her email when an alert popped up saying her Mac was infected with a virus. The pop-up offered a solution: a download link to an antivirus program. “As soon as I downloaded that program it dawned on me, this is the virus!” Colon said.

She immediately called a computer techie friend, who advised her to delete the download program and run an antivirus program, such as AVG, Norton or McAfee.

“It’s important to seek out a trustworthy professional, not just any company that writes you an email advertising computer service,” said Ondrej Krehel, chief information security officer at CyberScout. “That might mean asking friends for advice or seeking out a big box retailer, such as a Best Buy.”

Check out our tips on how to surf the Internet safely.

*Names have been changed to protect privacy.


© CyberScout, LLC. All Rights Reserved.
If you need identity theft assistance, call your provider organization to be put in touch with the CyberScout Resolution Center. More information for individual consumers.