First reported: 2019-09-19
Ransomware is a form of malware that allows cybercriminals to hold your PC, or files on it, for ransom. This is typically much worse than your average spyware or spam as the fraudsters behind the ransomware request money to return access to your files. You can get this sort of malware via e-mail attachments or by downloading untrusted files from the web.
Around 70 percent* of social media scams are shared manually by people amongst their friends and contacts. It’s easy to see why, as people are more likely to click on a link or download software if it’s recommended by someone they know.
Here’s how it often happens: You see a new post from a friend or from a trusted family member and you click on it. Maybe it opens an email attachment or takes you to a site. Once you take action, malware secretly downloads onto your device. Later, you may turn on your PC or mobile device to see a screen demanding payment to have your files unlocked or to not spread them publicly. This could take the form of a fake law enforcement notice or be a direct message from the fraudsters, which is meant to scare you.
The fraudster may also claim that they have recorded intimate videos of you or that they have logged your browser history, which will be made public, to pressure you. This practice is sometimes called 'sextortion'.
You aren’t breaking any laws but the fraudsters behind this scam are.
That message from your social media friend likely didn’t originate from him/her. Keep in mind that your friend may have sent the message but cybercriminals may be using social engineering to get people to do the scam work for them.
Law enforcement would never send a notice like in the scenario mentioned above. Even if you would send the funds, there’s no guarantee that the scammers will unlock your files or device as you have already paid them. They might, however, ask for more money.
How to prevent this kind of fraud from happening:
Do not download and run any files from unsafe links.
Keep your browser and operating system up to date.
Make security backups of your files.
Always have comprehensive security software that checks social media links before clicking on them.
Steps to take if you should fall victim to ransomware:
Consider taking your device to local and trustworthy computer service professionals. This is a very common scam, so they’ve likely seen it before and can give you guidance.
If you’ve backed up your files, you can always remove and replace your hard drive on your computer and reload your backups.
Remember that paying the extortionists may expose you to even more scams in the future.