Who’s Afraid Of The Big Bad Virus (beat the Ransomware scam)

There’s a new ransomware internet virus doing the rounds. DON’T PANIC A bit of background first then I’ll tell you how to deal with it and protect your computer (and you don’t have to pay me a penny :DD ).

These ransom scams first appeared two or three years ago and hijacked computers whose owners then would get a phone call demanding a payment to clear the virus (the virus was merely annoying, how the scammers obtained people’s phone numbers is what we should be concerned about.

The warnings were dire. “If you do not pay the virus will wipe you hard drive”, “the virus will obtain your bank details and empty your account”, the virus will bill your credit card up to your limit”.

Several people, friends of family, friends of friends, brought their computers to me, they could not afford the ransom (good thing they didn’t pay it, the scammers just demanded more) and found the computer shops wanted only a little less to clean the computer.

Cleaning the first one took about an hour and a half. Subsequent ones were much quicker. And I ended up a couple of bottles of good whisky and half a dozen bottles of my favourite Burgundy better off.

Then an even more unpleasant version came out, I actually caught this one myself through sheer carelessness. The message on screen was “From Los Angeles Police Department.You have been looking at we sites with illegal content (child pornography). Your computer will be frozen until you pay us $1000. If you do not pay you will be arrested and thrown into jail,” (something like that anyway, it was a particularly inept attempt to intimidate me, I hadn’t been looking at any porn sites, LAPD have no jurisdiction in the UK and no police department in the free world would be so stupid as to provide an electronic record of a bribe solicitation.

The virus used by that scam was kids stuff, a piece of cake. Took ten minutes to kill it.

People are so intimidated by technology however, some fall for these tricks.

Here’s how the new ransomware is reported in The Daily Telegraph

” Internet fraudsters are targetting tens of millions of British customers with a virus which locks computers until the victim pays a £500 ransom to be released, the National Crime Agency warned today.

The spammers are particularly aiming the virus – known as ransomware – at small and medium size businesses. It is disguised as an email alert about suspicious payments or invoices.

Once opened the virus ‘freezes’ the computer and the local network and demands two Bitcoins of internet currency – approximately £536 – to unlock the machine.

The NCA described the ‘mass spamming’ event as a ‘significant risk’.

A NCA spokesman said: “The emails may be sent out to tens of millions of UK customers, but they appear to be targeting small and medium businesses in particular. ”

Now one of my beefs about the way technology has been going is the constant push to convince us the machines are smarter than we are. Leave the thinking to the machine goes the corporate propaganda. DON’T fall for it, do not open suspecious emails, do not open email attachments even from people you know, unless you are expecting them.

Machines can’t think, machines aren’t dumb, they are machines, they do what they are built or programmed to do. The best way to protect yourself from these scammers is to learn a little about your computer.

(1) Learn to start in “Safe Mode”. Use your Windows Help feature to find out how on your system. Safe Mode stats Windows with a very limited set of drivers so viruses and malware cannot run.

(2) Check that your machine has an application named MRT.EXE which should be included in every Windows installation sold since 2009. MRT is the Microsoft Malicious Software Removal Tool. Once you have found it you should open it and run an update. MRT is not virus protection, it is a backstop for machines that are already infected so don’t abandon your usual security package. Also, now you know you have MRT, keep it up to date, about once a month is enough.

If you have a bit of time to spare and feel like running MRT just to find your way around it, set it off and take the dog for a walk or something. It is not a quick process but might root out a few nasties your normal security missed. To run MRT click the Windows START button, choose RUN from the menu and in the dialog box type mrt.exe then hit RETURN.

OK so now you are equipped to get behind that virus and clean your machine.

If you find that the virus merchants have found a way to block MRT even in safe mode, we’re still OK. When you start in safe mode it gives several options, the default will show a very clunky looking Windows front end. Another option with say “Start in command more” or something similar. This takes you to the old DOS command line screen.

from the C:(directory)> prompt, type RUN c:WINDOWSSTSTEM32MRT.EXE and hir RETURN. Simples. The directory shown after the C: will be whatever directory you are working in, usually Documents and SettingsUser

OK, let’s get out there and beat those scammers.

Spread this around freely. A link to this site is always welcome but not necessary.

Advertisements

Tags: , , , ,

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: