A scam that uses malware to lock victims' electronic devices and demand a ransom to make them usable again is spreading, the FBI's Internet Crime Complaint Center (IC3) warned on Tuesday.
The FBI reported that complaints to IC3 indicate that this malware, known as CryptoWall, is the most common threat seen in the U.S. today. Crooks using CryptoWall target both businesses and individuals, and demand ransom ranging from $200 to $10,000.
Since last April, IC3 reported receiving 992 complaints about CryptoWall resulting in $18 million in losses. In addition to the straight financial loss, the FBI said, victims also end up spending additional money after being attacked. Businesses in particular absorb expenses for such things as legal fees, tech help and credit-monitoring services.
Victims typically end up with the ransomware by clicking on either an attachment to an email or an infected advertisement or by visiting a tainted website. The ransomware encrypts the victim's device, preventing its use. The FBI said when the ransom is paid, access to the device typically is regained.
Ransom is often demanded in the virtual currency Bitcoin because it's anonymous and can be transferred quickly.
Here are some tips from IC3 to help protect against CryptoWall:
- Use a firewall and antivirus software from a reputable company and allow automatic updates.
- Use popup blockers.
- Back up your device's content elsewhere.
- Don't click on emails or attachments from sources you don't recognize, and stay away from sketchy websites.
- If you're alerted to an infection on your computer, immediately disconnect from the Internet.
- If you've been victimized by ransomware, report it to the FBI.