Security researchers have detected a new spam campaign with ransomware as its payload. The messages, made to look like notifications from FedEx or UPS, include attachments claiming to be invoices or manifests. If the recipient clicks on them, it immediately downloads the malware. The virus scans the hard drive and encrypts all documents, presentations, videos and photos, and locks down the computer when the user tries to use it. They are presented with a screen telling them they have 100 hours to pay $300. Upon receipt of payment, the files are unencrypted. If they refuse to pay, after the 100 hours are up, all data on the computer is permanently destroyed. Payment is only accepted via BitCoins or Green Dot Moneypak to keep the criminals anonymous. So far at least 500 infections a day are being reported-and who knows how many people who got infected have been too embarrassed to do so?
A similar variant has a scareware twist. An infected user is presented with a fake FBI screen claiming child porn has been found on their computer and as a result the agency has locked it down until they pay a “fine” of about $300-$400. This one may be particularly effective because of the scare it gives the recipients. They may panic enough to hand over the money without thinking.
So far most of the infections have been reported in India and Asia, but there have been numerous reports of the fake FBI variant here in the U.S, and sadly, as long as there are people who insist on carelessly clicking links without thinking or checking them out first, malicious attacks like this will continue.