Slashdot Mirror

← Back to Stories (view on slashdot.org)

Inside a Ransomware Money Machine

Posted by Unknown on from the spam-this-time-it-breaks-your-legs dept.

tsu doh nimh writes "The FBI is warning that it's getting inundated with complaints from people taken in by ransomware scams that spoof the FBI and try to scare people into paying 'fines' in lieu of going to jail for having downloaded kiddie porn or pirated content. KrebsOnSecurity.com looks inside a few of the scams in the FBI alert, and it turns out it only takes 1-3 percent of victims to pay up to make it seriously worth the fraudsters' while."

8 of 158 comments (clear)

  1. Hah! by Anonymous Coward · · Score: 5, Informative

    My buddy got one of those from watching waaaaayy too much porn, and actually called the FBI who told him it was a virus.

    What it does is lock your screen with an FBI logo and official-looking message, even displaying the output from the webcam if there is one, saying that unless the mark pays $200 or so using a Bitcoin-like form of payment one can get at convenient stores, the user will be arrested for downloading CP and/or "copyrighted material." Certain keys are locked, obviously, so you can't do the 3-finger salute and kill it with the task manager.

    A boot into safe mode and a little MsConfig was enough to fix, though not remove, the malware.

    -- Ethanol-fueled

  2. Funny how it's not a scam when the lawyers do it by Nyder · · Score: 5, Insightful

    It should all be considered a scam when someone says pay up or I'll take you to court/press charges/sue/threatens you.

    --
    Be seeing you...
  3. The best defense against scams by operagost · · Score: 5, Insightful

    The best defenses against scams are still the same:
    1. Knowing your right to due process, and
    2. Knowing proper spelling and grammar in your native language.

    I'm continually dismayed that large numbers of people (possessing enough intelligence to use a web browser) don't realize that the FBI using email or popups to demand summary payment of "fines" without due process is implausible and illegal.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
    1. Re:The best defense against scams by dkleinsc · · Score: 5, Insightful

      There's a couple more rules of thumb that help:
      1. It's much harder to cheat an honest person. For example, if you don't download kiddie porn, it's very hard to get you to pay a fine to avoid trials for doing so. The Nigerian prince scam worked only on people who were willing to help somebody commit money laundering.
      2. If it seems fishy, it's a scam. Anyone saying "money for nothing" (who's not a member of Dire Straits) should be suspect.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
    2. Re:The best defense against scams by asdf7890 · · Score: 5, Interesting
      2. Knowing proper spelling and grammar in your native language.

      There have been suggestions that some of the scammers use this as a mark filter: people put off by the spelling/grammar would be unlilkely to follow through to the end anyway so put them off early so you can concentrate on the others. People who fall for the scam despite the presentation are better quality marks and more more likely to pay out (either because they have done something wrong and are feeling guilty, or because they don't speak the language well enough to spot the telltail problems, or simply because they are just plain thick).

      Though I think it more likely that the simpler explanation (most of the scammers simply fail to create a good presentation in the target language) is more likely at least in most cases.

    3. Re:The best defense against scams by CastrTroy · · Score: 5, Insightful

      I've heard the Nigerian prince scam is designed to be quite unbelievable because they don't want to waste their time with people who have any kind of common sense. It's too hard to get money from people with common sense. I think the same goes for this type of scam. Target enough people and you'll eventually fall upon somebody who watches kiddie porn. And that person will be easy to get money out of, because they'd rather pay money than face the other consequences.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
  4. Re:Scams by firewrought · · Score: 5, Funny

    The first time you will even hear from them they will be kicking in your front door, seize you and all your electronics.

    And it's that sort of personalized attention that makes American law enforcement the best! :O

    --
    -1, Too Many Layers Of Abstraction
  5. Re:Scams by ideonexus · · Score: 5, Insightful

    It's easy to laugh and feel superior that a small percentage of people fall for these scams, but what isn't funny is that the people falling for it are mostly senior citizens. Just yesterday my mother-in-law brought me the phone and told me, "It's somebody from Microsoft! They say our computer is infected with a virus!"

    I answered the phone and somebody with an Indian accent told me his name was "Todd Moody" and that our computer was sending error messages to Microsoft. Curious about the scam, I let him walk me through opening the application error log and trying to delete some errors from it, to which he exlaimed, "Oh no sir! You cannot delete the errors! This is very very bad! You have a very dangerous trojan virus on your computer!"

    If I hadn't been there, my mother-in-law would have handed over her credit card information no questions asked. In fact, my father-in-law had done this in the past. One day I'm going to be a senior citizen and my bullshit detector is going to stop working like it does for everyone else. The Federal Government should be putting a stop to this predatory scumbaggery with extreme prejudice.

    When you see this crap, do your civic duty and report it.

    --
    i ~ Celebrating Science, Cyberspace, Speculation