CryptoLocker (aka RansomWare)
A particularly unpleasant beast. There are numerous variants of this, and the fun all begins when you open an innocent-looking file in your email. It may even appear to come from a friend. Once the program is installed, it encrypts or ‘scrambles’ many of your important files until a certain target percentage of your drive or drives has been reached. It does this using what’s called a ‘public key’, a base number by which all files are encrypted. These keys are so large, with hundreds of decimal digits, that none above 230 digits has so far been decrypted by anyone or anything.
Once the target is reached, you’ll receive an email or on-screen message demanding money in exchange for the decryption program and the key used to encrypt your data. It’s a simple proposition and a very real one – if you don’t pay, you’ll never see your data again. You’re being held to ransom by maths – and there is little you can do. To make it worse, the decryption program is real but not always that effective. You may end up paying hundreds of euros for nothing.
What to do? Well, it sounds counter-intuitive but don’t pay. Many sites now have a handle on these types of programs and most reputable anti-virus companies offer either a free cleaning service (such as Trend Micro) or will be able to give you practical advice on removal. Paying the money simply encourages the propagation of these scams and as painful as it might be, cutting off their money supply will tell them they need to find some other way of extorting cash.
If you make regular backups (and if not, why not?) go back to previous versions to restore lost files. This isn’t always 100% successful, as sometimes, you may have backed up the encrypted ones. It is, at least, damage limitation.
Most of these situations can be avoided by installing a reputable virus scanner and remover. Most of the ‘usual suspects’ will clean 99.9% of viruses, old and new. My top five includes McAfee, BitDefender and Kaspersky. I’m sure your favourite will also do the job admirably but I’d offer a caution against using Norton. There’s nothing wrong with the product, but it tends to try to scare you into buying extras and is quite persistent. If you’re already worried about viruses, Norton will do nothing to calm you.
So, finally, we come to:
The Microsoft Support phone scam
Your telephone will ring and a voice on the other end will tell you that ‘Microsoft’ has detected unusual activity or viruses on your computer and will clean them for a fee. That fee will also include loading your machine with other malware designed to make them money. There is a simple fix for this one – put the phone down. Microsoft will never cold call you directly about your personal PC. Ever. End of story.
Be safe out there.