Q&A: Is ‘ransomware’ for real?
From the mailbag: “A friend told me their computer files locked up unless they typed their credit card information into a window. Can this really happen, or is it a scam?” Your suspicions are correct: This is a scam.
Aptly referred to as “ransomware,” this is a malicious attempt to hold a computer — or rather, the data that resides on it — hostage. These criminals then demand an immediate payment for its release. Here’s a previous Sync blog post on the topic.
While it’s still relatively uncommon, crooks can extort money from you to unlock your PC, usually via credit card payment or some form of money transfer. You might think there’s a live person on the other end, but ransomware is usually conducted through the use of a Trojan virus written by a tech-savvy scam artist.
Ransomware can be spread in several different ways, be it spam that led to a phishing attack or via a so-called “drive-by download,” in which a browser’s vulnerability is exploited should you visit a malicious website. Even if a victim pays the ransom to unfreeze the computer, there’s no guarantee the thieves won’t do it again — after all, their victim has already paid once.
To minimize the chances of getting ransomware on your computer, be sure to install reliable Internet security software and keep it up to date. Also, use common sense when you’re online: Don’t click on attachments or links inside spam messages. (Just delete these emails.)
If you do get a message asking for money to release your computer, never pay the criminals. Instead, try to restore your PC to a prior state using System Restore (click Start and type System Restore in the search window). If this doesn’t work, restart your computer in Safe Mode (usually by pressing F8 when booting up) and then run Internet security software to remove the threat.
Yes, it is real however, the hype is over the top. It is not widely distributed (started in 2009) it is easy to contain and remove and damage if any is low. The virus locks the desktop not the drive.
There are two main viruses, Trojan.Gpcoder which attempts to encrypt your working files (that is why we back up our hard drives people) the second is Trojan.Ramsomlock which does not encrypt but locks up the desktop which denies the user high level access.
Read and educate yourself at: http://www.symantec.com/security_response/writeup.jsp?docid=2009-041513-1400-99&tabid=2
Symantec has a code breaker at the following address: http://www.symantec.com/connect/blogs/sms-ransomware-threat
Stay out of countries that are known bastions of spyware, trojans, viruses and other malware. Stay away from the porn sites and just use some common sense as noted in Marc’s blog.