Beware Ransomware Internet Scam
The FBI has issued a public warningabout a “drive-by” internet scam that is extorting money from victims internationally. Unlike most viruses, which are activated when a user opens a file or attachment, the Reveton ransomware virus can install itself when a user visits a compromised website.
Once the virus has been installed, a fake message purportedly from the FBI appears on the computer screen, alleging that the user has engaged in an illegal activity. The message states that the user has violated a federal law and locks the computer.
To unlock the machine, victims are required to pay a “fine” with a prepaid money card in order to gain access to the system. If they do not, the message threatens that they will face criminal charges.
According to Donna Gregory of the Internet Crime Complaint Center (IC3), “We’re getting inundated with complaints. Some people have actually paid the so-called fine.”
Unlike other viruses, Reveton freezes your computer and prevents any continued usage. The average user is incapable of removing the malware themselves. Some variants of the Reveton virus can even turn on computer webcams, capture images of the user and display the victim’s picture on their frozen screen.
Businesses should remain concerned about potential scam and fraud issues that gather personal information about their employees, including their images, that may have been compromised by the virus.
IT should actively educate their employees about online threats such as the Reveton ransomware virus, especially in environments where workers have legitimate business needs to surf the web. As viruses become sophisticated, it becomes harder to stay on top of their dangers.
Becoming as knowledgeable as possible on Reveton and similar drive-by viruses is an important means of ensuring enterprise security. Aggressively keeping up with “bad” sites and blocking them through firewall restrictions is also essential to everyday business operation.
Because malware and other malicious applications are prevalent on social networking sites, it is a recommended practice to block these sites. Social influence is a powerful mechanism that hackers attempt to leverage by manipulating users into clicking on links that appear to be coming from their online peers.
To help prevent your employees from being affected at the office and at home, circulate information about online related threats and provide instructions on how to react to an attack.
If one of your employees has been affected by the Reveton ransomware virus or they have experienced a suspicious pop-up message, IC3 suggests the following:
Do not pay any money or provide any personal information.
Have a computer professional remove Reveton from your computer.
In the event that you are able to unfreeze your computer, be aware that the malware can still operate in the background, collecting personal information such as user names, passwords and credit card numbers through embedded keystroke logging programs.
File a complaint and look for updates about the Reveton virus on the IC3 website.
After removing the virus, IT should constantly evaluate how employee information is being stored and protected in the event that malware continues to operate in stealth mode after its apparent removal.
Because TAP Management and other businesses have a vested interest in protecting their employees from scam and fraud activities, a proactive education process is necessary to ensure employee and business related information is protected from online threats.
Although there is no sure-fire way to prevent internet users from becoming affected, there are several precautionary steps they can take to protect their computer and privacy. In addition to managing and updating their enterprise environment, employers should explain the following to their workers:
Avoid clicking on links from sources that you are unfamiliar with or uncertain of the links destination.
Install a web browser that focuses on secure browsing such as Google Chrome or Mozilla Firefox.
Install reliable anti-virus and anti-spyware software on your computer, perform system scans regularly and quarantine any detected security threats.
Recommended security updates from your computer manufacturer should also be installed promptly.
TAP Management Inc. | 515 Congress Avenue, Suite 2525 | Austin, TX | (512) 527-6000