Healthy Family | Home Safety | Health and Wealth | Relationship Issues | Career Advice | Growing Family
Get the SixWise e-Newsletter FREE!
Google Web
Free Newsletter Subscription
Get the Web's Most trusted & Informative Health, Wealth, Safety & More Newsletter -- FREE!


Share Email to a Friend Print This

Ransomware: The New Dangerous -- and Highly Offensive -- Computer Scam to Watch Out For

Ransomware is one of the most malicious computer scams out there, and while the number of those affected is still small, cases appear to be on the rise, according to FBI spokesman Paul Bresson.

Unlike many computer scams, which may harm your computer, harm its files, or entice you to give out personal information, ransomware's power lies in extortion. In this scheme, thieves hijack your computer files, encrypt them into a form that cannot be read by humans, then demand a ransom in exchange for the code to make your files readable again.


If a ransomware program infects your computer, hackers may demand from $10 to hundreds of dollars for the safe return of your files.

Ransoms of $10 to Hundreds of Dollars

The criminals behind ransomware have demanded anywhere from $10 to several hundreds of dollars for their antidote codes, payable with online currency like Webmoney or eGold, or even by wiring via Western Union.

There are a couple of variations of this scheme to watch out for:

  • The traditional scheme in which all of your computer files suddenly become unreadable. Only one, perhaps named "Important" can be read, and it will contain the thieves' directions for you to e-mail them for the decryption code. Upon your e-mail, a ransom note will appear.

  • Ransom.A, in which the culprits say they will delete one of your computer files every 30 minutes until the ransom is paid. The program may also pop up pornographic images on your computer in order to embarrass you into complying more quickly. This is a hoax, however, as the program doesn't have the power to delete anything, but most people don't want to take the chance.

  • Trojan.Archiveus, a program that requires a password to be entered in order for you to read your files. The thieves ask for a ransom to get the password, and may require you to make purchases from an online pharmacy rather than make a payment.

SophosLabs, a company that protects businesses from viruses, spam, phishing, spyware and other malware, has reportedly found the password for this scam.

"The password is deliberately long and complicated in an attempt by the hackers to avoid people easily cracking it. Experts at Sophos have disassembled the Arhiveus Trojan and determined that the password is mf2lro8sw03ufvnsq034jfowr18f3cszc20vmw," said Graham Cluley, senior technology consultant for SophosLabs. "So there should be no reason for anyone hit by this ransomware attack to have to make any payments to the criminals behind it."

Ransomware Has its Risks to Hackers

"Of all the ways a hacker could choose to do damage, ransomware is a fairly high-risk operation," says Gary Morse, president of Razorpoint Security Technologies. "There are at least four or five points of contact necessary to pull this off," he says.

The hackers first have to break into your system, then implant a code, let the computer's owner know how to leave a ransom and then wait for the ransom.

"If one wants to earn a living through hacking, there are safer ways," Morse continues.


No special programs are necessary to protect your computer from ransomware. Typical anti-virus software, firewalls, pop-up blockers, operating system patches and being careful about what you download should suffice.

Nonetheless, experts say future ransomware attacks could become more sophisticated and therefore more dangerous.

How to Avoid a Ransomware Attack

"Internet hackers are getting bolder in their attempts to steal money from innocent Web users. Once your valuable data is locked away you may be tempted to pay up to rescue your files, but this will only encourage more blackmail attempts in the future. Companies who have made regular backups may be able to recover easily, but less diligent home users may feel forced to cough up the cash," Cluley said.

Although a ransomware scam can occur via e-mail attachment or computer network, most have been browser-based, meaning that a person was infected after visiting a Web site that had been hacked. So stay away from the "shadier" websites out there!

So what else can you do to protect yourself from a ransomware attack?

"Today, most of the viruses and Trojan horses we see are being written with the intention of making money and we wouldn't be surprised to see much more ransomware being written in the future. Attacks are becoming more organized and more malicious, and every computer needs to be properly defended with up-to-date anti-virus software, firewalls and operating system patches," Cluley said.

You may also want to use a pop-up blocker, as ransomware can be delivered via pop-ups, and be wary of downloading any software (games, screensavers, etc.) that you aren't sure is secure.

As it stands, ransomware attacks seem to be restricted to PC computers. Mac users have so far been unaffected.

Recommended Reading

Rebate Scams: How I Deceive the Heck Out of You with Consumer Rebate

Don't Get Caught by Phishing Scams on the Internet!


NetworkWorld: Files for Ransom June 1, 2006

Washington Post: Security Fix

To get more information about this and other highly important topics, sign up for your free subscription to our weekly "Be Safe, Live Long & Prosper" e-newsletter.

With every issue of the free newsletter, you’ll get access to the insights, products, services, and more that can truly improve your well-being, peace of mind, and therefore your life!

Share Email to a Friend Print This