Malware is the latest advanced tactic being used by cyber-criminals to extort money from unknowing users. In fact, the Internet Crime Complaint Center (also known as IC3) issued a warning on November 30th regarding Citadel malware’s use of the IC3 name to intimidate users into forking over some of their hard-earned cash.
RevetonRansomware tricks users into paying fake penalties
This aggressive malware masquerades as the IC3 and delivers Revetonransomware, forcing users to pay supposed fines or face prosecution. It also misleads victims into believing that their computer’s activity is being monitored and recorded via audio, video and other tracking devices.
It’s pretty crazy how sophisticated this scam is. Users are directed to a download Website, at which time the ransomware is installed on the user’s machine. The computer freezes, and a popup window appears warning the user that a person with the same IP address has violated Federal law by accessing illegal content, such as child pornography.
The user is led to believe he must pay a fine in order to avoid prosecution—using prepaid money card services. Let’s get one thing clear: The Federal Government is not going to demand fines and penalties with a popup window, nor will they request payment via prepaid money cards.
Reveton using email scams to gain access
It doesn’t stop there; Reveton continues to run on the user’s machine, capable of committing other crimes such as online banking or credit card fraud.
Drive-by download sites aren’t the only way Reveton is reaching victims. It’s also sending spoof emails, designed to appear as though they’re coming from the FBI. If users click on attachments or files, Reverton is automatically installed on the user’s machine. Once again, it causes the user’s device to lock; the only way to unlock the machine is to pay the fine.
Advanced threat techniques
For those not easily fooled by scams such as this, Revetonransomware takes a sophisticated approach to intimidate you; the program can activate your computer’s webcam and display your face on the screen, making it look as though you’re being monitored from a remote location.
The biggest problem with Reveton is the fact that this malware is extremely difficult for the average user to remove. Even if you haven’t been tricked into paying the fine, you’ll have a difficult time using your machine until you’re able to remove the malware.
How to avoid falling victim to malware scams
A good rule of thumb for using the Internet is: If an offer seems too good to be true, it probably is. Online shopping is at its peak during the holiday season, and shoppers everywhere are looking for the best deals. Because many retailers are offering good deals at this time of year, malware hackers are taking advantage of the opportunity to lure unsuspecting shoppers to false advertisements promising big savings on sought-after items. Once you land on the drive-by download site, the malware can be installed automatically on your machine.
Steer clear of ads and popups promising huge savings that seem unrealistic. If in doubt, look it up online to see if the deal is legit before clicking on any ads. The same holds true for emails: Never click straight through to a retailer’s site via an email advertisement. It’s better to manually type the retailer’s URL in the address bar so you can be sure you’re landing on the real Website, not a dummy designed as a platform to hack into your machine, extort your money or keylog your credit card information.
It’s a good idea to check the FBI’s e-Scams section and the IC3 Website regularly to stay abreast of these advanced threats. The more savvy Internet users are, the less opportunity cyber-criminals have to extort funds and steal personal data.
Fergal Glynn is the Director of Product Marketing at Veracode, an award-winning application security company specializing in Veracode’s online security scanner and other security breaches with effective risk assessment tools