Royal Mail scammers demand ransom to unlock infected PCs

Updated: 

BYRP3Y A hacker with robbery mask holding a keyboard scam email scammer scammed computer scam adult; background; bandit; black;

Computer users are being warned to beware of fake emails from the Royal Mail claiming that they've missed a delivery.

The emails say that a package is waiting at the local sorting office, and ask the recipient to download an attachment to find out more. But what's actually downloaded is CryptoLocker, a malicious program that locks the victim's PC and demands a ransom.

Cryptolocker is a relatively new piece of malware, first emerging around six months ago, but has already claimed more than a quarter of a million victims. Criminals have been using it in conjunction with fake emails from a variety of sources, claiming victims around the world. Last week, the US Federal Trade Commission and FBI issued an official warning.

"If you click on the hyperlink in the email, Cryptolocker encrypts everything on your hard drive and in your shared folders. When the job is done, you get a 'ransom note' demanding payment via Bitcoin or some other anonymous payment method," it explains.

"The criminals behind this malware say they'll give you the encryption key if you pay, but they're hardly trustworthy. And there's no other way to unlock your files."

The ransom asked is usually around the €300 mark, payable within four days. If the money is received, the victim is promised a private key that can be used to unlock their files. However, in many cases, as the FCC warns, they never get what they've paid for.

Research published yesterday by the University of Kent shows that around 40 percent of victims pay up.

"If the results reported on the rate of CryptoLocker victims who pay a ransom are to be strengthened by further research, these figures would be extremely troubling, netting criminals behind the ransomware hundreds of millions," says Dr Julio Hernandez-Castro from the Centre for Cybersecurity and the University's School of Computing.

"This would encourage them to continue with this form of cybercrime, potentially prompting other criminal gangs to jump into an extremely profitable cybercrime market."

The best way to avoid an infection is to never, ever click on a link in an email unless you're certain it's safe. The Royal Mail says it never asks customers to enter information on a page that isn't part of its own website, and never includes an attachment unless it's something the customer has specifically asked for.

And, as always, back up: something as simple as emailing important documents to yourself should mean you can recover them from another PC.

The biggest scams of 2013

The biggest scams of 2013