Protecting your devices from ransomware attacks

February 19, 2013 4:58:57 AM PST
The advice to use a complex password to protect your online accounts is nothing new, but security experts are now warning about a new type of hacking.

It could essential hijack your cell phone, tablet or computer and hold it hostage.

It's called ransomware and computer safety experts say it's the latest and most lucrative scam going.

Simply put, if you use technology, you are a target.

This list should serve as ample evidence that no one is safe: Olivia Munn, Scarlett Johansson, Christina Hendricks and Rihanna were all targets of ransomware.

Security experts say it's the sophistication of the malware that makes it scary.

"Think of it as high tech extortion," Rob D'Ovidio of Drexel University said.

Ransomware pops up on your computer, smartphone or tablet, disguised as a note from law enforcement. The implication is that you've done something you shouldn't have.

"Claiming that you as the computer user are doing something illegal," D'Ovidio said.

For instance, it says you visited a suspicious website or downloaded illegal content.

Your device is then locked. The message suggests that you must pay a couple hundred dollars for a code to "unlock" it.

But therein lies the scam.

"You're spending the money and the joke's on you; you're not getting that decryption code or that password in return," D'Ovidio said.

The malware then unleashes a virus that monitors and steals your personal information, requiring another costly step of hiring a technician to remove it.

"Criminals are preying on individuals knowing that we are very lax in updating our computers," D'Ovidio said.

And that's exactly the step you need to take to protect yourself from a scam experts estimate made more than $5-million last year and is just beginning to hit the Unites States.

"The best method of dealing with this is securing your home environment, updating your anti-virus, updating your spyware, making sure your software patches are up to date and backing up your machine on a regular basis," D'Ovidio said.

The scam is already on the FBI's radar, in part because some of the so called ransom notes appear to come from them.

To be clear, agents tell us they do not.

"If the FBI has identified an issue with someone's computer, we would typically knock on the door and contact them in person," Joseph Marasco of the FBI said.

Symantec, an internet security firm, has traced the virus back to more than a dozen so-called gangs, one of which unleashed it on more than a half million users over a two week period.

Almost 3 percent of them fell for the scam, clicked the link, and paid up the money.

"Do not pay any ransom or any money, call a computer specialist to have your computer cleaned up, then file a complaint with the Internet Crimes Center which is," Marasco said.

If you are victimized by this scam or any other, is the place to report it, so that computer security experts can devise ways for others to avoid it.

For smartphone users, the key here is less about prevention and more about knowing ransomware is out there and not clicking on any link that says you need to pay to use your own phone.