"Meteoric rise" in ransomware is now targeting cell phones: Internet Scambusters #661
Ransomware, software that hijacks and freezes PCs until a ransom is paid, is undergoing a "meteoric rise" according to a leading security software company.
Now the malware is finding its way onto Android smartphones, with scammers demanding up to $250 to unfreeze them.
In this week's issue we'll tell you how the scam works and how to sidestep the ransom threat.
Now, here we go...
Ransomware Holds Smartphones Hostage
It was probably inevitable, but ransomware -- software that locks up your computer until you pay the "ransom" to scammers -- has arrived on smartphones.
The malware that seizes control is targeted mainly at Android phones.
It flashes up a message claiming to be from the FBI, a government cyber task force or a security firm, claiming that the user has been accessing illegal websites and must now pay a fine to get access to their device again.
A typical message fills the full screen of the phone with text that includes "FBI Criminal Investigation - Prohibited Content."
It continues, "This device is locked due to the violation of the federal laws of the United States of America," and goes on to list the supposed articles of law that have been infringed.
Because it's a crooked operation, payment, of course, must be made by an untraceable money wire or preloaded debit card, the number for which has to be provided to the scammers.
Ransomware has been around for years but mainly on Windows PCs, and we've reported on it several times.
These types of PC ransomware attacks are still in full flow, according to a new report from hardware maker Intel and security firm McAfee.
Meanwhile, a new "DIY" program that enables crooks to build their own ransomware is contributing to what the report labels a "meteoric rise" in this crime.
Cell Phones Bombarded
The attack on cell phones is relatively new, however, but it has already bombarded more than a million devices.
According to a report from the New York Times, some 900,000 users were targeted in just one month with a piece of malware called "ScarePakage." Other variations of the malware have also been identified.
It's easy for the unwary to be infected, either via a malicious app disguised as legitimate or by visits to certain "adult" websites.
The malicious programs are most commonly downloaded from app stores other than Android's official Google Play store, though some have even found their way there.
Of course, it's not just ransomware that threatens the safe use of smartphones. There are also malicious programs that can steal information, record calls for blackmail and extortion, send out spam, and wreak havoc with usability.
Leading security software company Norton recently warned against assuming that any app is safe.
"There are now hundreds of thousands of apps available," Norton says.
"Even if your source for an app is legitimate, it can be impossible for the official stores to police every app. Always use good judgment before downloading an app."
Actions you can take to cut the risk of getting infected include:
- Check an app's trustworthiness on the free www.mobilesecurity.com website.
- Avoid visits to dubious/questionable websites.
- Be wary about using non-Google app stores.
If you know how to do it, uncheck the setting that allows you to download apps from "Unknown Sources."
- Also be wary about downloading and installing brand new apps for which there are no user reviews, or apps that only have a few users.
- Use a passcode that will prevent anyone else from directly accessing your phone and downloading malware into it.
- Install security software that can detect malicious software. Again, this mainly relates to Android devices.
To find an app that suits your needs, simply do a search using the term "security" on Google Play.
Should You Pay a Ransom?
Should you pay a ransom demand?
No, say the experts. Your best course of action is to keep regular backups of your device setup and reinstall this -- either yourself or with professional help if needed.
In some cases, you may be able to restart your phone in safe mode and delete the malware from there. If you're not expert enough to do this, again seek help from a trusted tech professional.
If you do pay the ransom -- usually around $250 -- there's no guarantee the crooks will give you the code to unlock your phone, assuming they even have one.
And if they do have one that you successfully use, the scammers will almost certainly still have access to your phone from which they can continue to steal information.
What's next? We think wearable devices will be next to be targeted by the ransomware crooks. More on this another time.
Alert of the Week
Some good news for a change. As from late June, some banks have started using the suffix ".bank" (dot-bank) in their Internet addresses.
Since banks will be carefully vetted before they're allowed to use this suffix, the hope is that it will add another level of security to online banking -- in the same way that ".gov" (dot-gov) indicates a genuine government website (provided it's at the end of the main address).
The switch will probably take many months to complete. Look out for the change from your bank.
That's all for today -- we'll see you next week.