Ransomware is only scary if you follow its instructions   Leave a comment

https://www.timeshighereducation.com/sites/default/files/styles/the_breaking_news_image_style/public/computer-keyboard-locked-with-padlock-and-chain.jpg?itok=1zABEllq

…The only thing that it can really be compared to is coming home to your apartment and finding all the locks were changed. The landlord decided to randomly lock you out of your apartment and the only way he’ll let you in is if you give him the next six months’ rent. If you don’t pay up, within 72 hours, all of your belongings will be sold off to cover his asking price. That’s what being the victim of ransomware is like.

Let me put that another way. How would you react if you turned on your computer and saw this:

https://i0.wp.com/malwareremovalguides.info/images/Your%20computer%20has%20been%20locked.pngOf course, most people who see the “Go to <Retailer>” bit know at once it’s a hoax. Contrary to what conspiracy theorists like to think, and what ransomware scammers want you to think, the only way someone else can remotely access your computer is if you give them permission to do so: In no way can your computer do that on its own.

Let’s look at another screenshot:

https://i1.wp.com/static.ccm2.net/ccm.net/faq/images/27022-mpK0umfyHvs3mPUl-s-.png
No doubt the timer on the bottom is an attempt to show you the person who created and distributed the ransomware is serious. You probably figured out from the flag in the top-right corner this ransomware originated from Russia. That and the broken English. The next page directs you to do the same as the first: Go to a retailer, buy MoneyPak Cards and then read the activation codes over the phone to a member of the scam ring.

Here’s one more pic I saved for last on purpose:

 

https://sereneadventure.files.wordpress.com/2016/06/9ee61-fbi_computer_locked_1.jpg?w=1000

…According to the Anti-Malware site I pulled this from–more on that specific site in a bit–some variations of the above screenshot include a live feed of your webcam in a bid to show you the scam ring is remotely controlling your computer. This is all to get you to pay exactly as asked ASAP. Both this one and the first one will also display your IP Address, Precise Coordinates and a time stamp to prove the message is “legit”.

To answer the obvious question no, NONE of these are real BUT your computer actually IS locked. This type of Ransomware evolved over the last 7 years. From what I researched, originally you were only locked out of your browser. That was easy to get around by simply using an uninfected browser on the same computer and then downloading and running the necessary programs to remove the Ransomware.

Before we get into how to remove this Type of Ransomware, the obvious question is “Why do the scammers specifically request MoneyPak and/or iTunes Gift Cards?” The answer’s quite simple: Google Wallet. With Google Wallet, you can redeem an iTunes Gift Card’s balance as ACTUAL money, which can then be transferred to a bank account, PayPal account or another Google Wallet account. Google Accounts are disposable so…yeah. Once the scammer has the activation code, it’s impossible to get that money back. We’re talking losses to the victim and the retailer. The collected money is withdrawn almost immediately and the associated Google account deleted shortly afterward, making it very difficult for investigators to find out what happened to the stolen money. The retailer has no protection from this as they are required by law to refund the amount of the purchase back to the victim.

https://i2.wp.com/previews.123rf.com/images/raffalo/raffalo1108/raffalo110800007/10281895-Computer-keyboard-with-silver-chain-padlock-and-keys-relating-to-computer-security-or-parental-contr-Stock-Photo.jpg

This brings us back to the most important question: “How do I unlock my computer?” This webpage will show you in great detail. If your computer is EVER locked due to Ransomware, this webpage will ensure you WILL be able to unlock your computer free of charge and don’t get scammed out of money. I won’t recap what’s there so please go check it out. That said: Whatever you do, DO NOT DO WHAT THE WARNING SAYS. To those who are either elderly or not computer-savy, IT IS NOT THE AUTHORITIES. IT IS A SCAMMER BASED IN INDIA, CHINA OR RUSSIA.

Now, if for whatever reason you fell for the scam and sent money/codes, you need to do ALL of the following:

  1. File a police report. They will give you permission to have your bank refund the money back to your account.
  2. Notify the bank. Let them know you filed a police report because of the scam. They will work with the retailer to have the funds returned to your account ASAP.
  3. Go to the above website to find out how to remove the Ransomware.

Scammers are getting bolder and bolder. They are using autodialers to mass call thousands of people based in the US, Canada and UK with a story demanding payment “or else”. They will say whatever they think they need to in order to get you to send them money. DON’T do it. These scammers share info: If you fall for it once, they will give your contact info to someone else to get more money off of it. Don’t even dignify the scammer with a response. Just hang up the phone. DO NOT confirm your identity to them. They will simply pass on your info to someone else to try again later.

Digital Scams are here to stay but at the same time you still need to guard against phone scams, which have been making a comeback. Phone Scammers commonly use disposable cell phones or Skype accounts to make it very difficult to actually track them. Yes, most of them are based in India, Russia or China. It’s big business in all three of those countries because these countries’ governments aren’t doing anything about the problem–Russia needs no explaination and to a certain extent neither does China. It’s actually considered a legitimate business in India.

…No, seriously: Indian students can take college courses to learn how to be a part of a scam ring. They learn the ins and outs of the scam they will be doing and techniques to make their scam as authentic-looking as possible. The way they look at it, if people are willing to fall for it and give them money, it’s THEIR fault. They buy or work out of an actual office. On the outside, it looks like they run a legitimate telemarketing business but in reality it’s a scam ring. They are very well organized–some even go as far as buying property in the US so they can say they are based in the United States for when the BBB (Better Business Bureau) investigates them.

Again: This is a government sponsored business. The Indian Government doesn’t care as long as the “business” pays their taxes. As for how they get your contact info, it’s likely bought off the Dark Web or from other scam rings. The Federal government is well aware of the problem and would like to take a more aggressive approach but they’re not getting much support from the Indian government.

I don’t feel sorry for the scammers, who are doing it purely for the “easy” money. Neither should you no matter what story they try to sell you. They know full well what they’re doing is wrong and they could’ve chosen to do something else. If they want to blame someone, they shoulf blame India’s caste system their country refuses to let go of. I also blame tech firms and companies based in the US that sources their customer support from India to save money. THAT was a door we should NEVER have opened. Scam victims have been paying for it ever since.

Finally: Russian and Chinese scammers mostly target military and government employees as well as folks who work for tech firms. Most people don’t have to worry about them in comparison.

Save

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: