On July 3 the Canadian Anti-Fraud Centre issued a ransomware scam warning about new malware that locks or freezes computers. Subsequently the Internet Crime Complaint Center (IC3) in the USA confirmed that this scam is thriving and persisting in the marketplace. The IC3 has indicated that this is a relatively new Citadel malware platform that delivers ransomware named Reveton. The ransomware lures the victim to a drive-by download website, at which time the ransomware is installed on the user’s computer. Once installed, the computer freezes and a screen displays a warning that the user has violated some Federal Law. The message further declares the user’s IP address was identified by the RCMP or other Government Agency as being involved in the violation of copyright law, visiting child pornography sites, or participating in some other illicit internet-based activity.
To unlock the computer, the user is instructed to pay a fine to some fictitious government agency using prepaid money card services. The geographic location of the user’s IP address determines what payment services are to be used. In addition to the ransomware, the Citadel malware continues to operate on the compromised computer and can be used to commit online banking and credit card fraud. This is an attempt to extort money with the additional possibility of the victim’s computer being used to participate in online bank fraud, identity theft, or some other subsequent illegaly activity.
The RCMP advises that no Government Agency and no division or branch of the RCMP would ever hijack a computer to obtain money. If you experience this, or something similar do not follow payment instructions as your computer will not be unlocked. Any business or consumer that experiences such an event should immediately seek the help of a computer professional who can remove the malware. Businesses and consumers should regularly update their anti-virus, spyware and firewall protection software packages.
If you or someone you know has been a victim of this scam, report it to the BBB at (306) 352-7601 or (888) 352-7601 or by email to info@bbbsask.com. The BBB also asks you to report it to the Canadian Anti-Fraud Centre at 1 (888) 495-8501 or its website at www.antifraudcentre-centreantifraude.ca
