PC users blackmailed for return of files

Emma Woollacott

Increasing numbers of computer users are being targeted by so-called 'ransomware' and blackmailed into handing over money.

According to security firm McAfee Labs, the number of attacks has risen by 155% since this time last year, making it the fastest-growing type of malicious software.

And, says security company iSheriff, its own researchers detected more than 70,000 attempts to infect users with ransomware last week alone.

To get the ransomware onto victims' computers, criminals use standard techniques, such as spam emails or fake software updates that persuade the user to open a malicious link.

Once the ransomware is installed, it can effectively shut the PC down, so that the criminals can demand money to unlock it. This is usually paid in the form of bitcoins, which can't be traced. The usual demand is around Ā£350.

According to Heimdal Security, in the last week or two there's been a huge rise in the number of infections of TeslaCrypt, a type of ransomware first discovered early this year. And the UK is one of the biggest targets, says the firm.
Many victims are becoming infected after responding to an email that purports to be chasing up an unpaid invoice. After falling for the message, they are then told that they must pay up - or see the ransom increase.

"It's really up to each and every one to make this decision, but we recommend you don't pay the ransom," says Heimdal marketing and communications manager Andra Zaharia.

"There's no guarantee that you'll receive the decryption key and, even if you do, there's a chance that the files will be affected because of a fault in the encryption system."

There's also a danger that, by paying up, you'll find yourself on a 'suckers list' and be targeted repeatedly.

Unfortunately, most standard virus protection packages can't detect the latest ransomware versions. To avoid falling victim, PC users should always back up important data away from their machine, such as on an external drive or in the cloud.

It's important to never download or open .zip attachments, or click on links, in emails from unknown senders.

However, sometimes even reputable sites can end up being unwitting carriers of ransomware. Last week, security firm Trend Micro discovered that the Independent newspaper's web site had been serving ransomware to its readers for several weeks.

The Independent says few people are likely to have been affected, as it was a rarely-visited page.

New Computer Ransomware Poses Consumer Threat
New Computer Ransomware Poses Consumer Threat