Ransomware: a new phishing scam that knows where you live
Published 12 April 2016
We take you through how to spot the latest phishing email that features ransomware.
By now, we should all know some of the ways to spot a phishing email. There are a number of tell-tale signs that give one away, including poor grammar and vague greetings. There’s the big one too – a link in the body of an email that the email tells you to click on.
But what if an email you receive has your correct address included in it? Would this make you think that’s its more authentic? Well, that’s exactly what fraudsters are hoping for with their latest version of a phishing email.
To make sure you’re clued up on what to look out for with this scam, we’re going to take you through the details.
A new type of phishing email features the home address of a recipient and also has a link to a form of ransomware, according to the BBC.
The email was received by a number of staff on the BBC Radio 4’s You and Yours show and informs recipients that they owe hundreds of pounds to a UK business (and these businesses are unrelated to the scam). It encourages them to click on a link provided to print off an invoice but when they do, the link installs malware onto their computer and begins to encrypt their files.
A new form of ransomware is used in the scam, named Maktub. This has similar features to others – it displays a warning message on screen informing victims that their files have been encrypted and that a ransom must be paid – but in a new twist, increases the ransom amount as time goes on.
One unusual feature of the phishing email is that it shows the recipient’s home address. The address is highly accurate, with one recipient commenting: “my exact home address...when I say exact I mean, not the way my address is written by those autofill sections on web pages, but the way I write my address.”
It’s unknown how fraudsters were able to collect people’s email addresses and link them to their emails but it’s believed that the data could have been taken from a leaked or stolen database.
To protect you from a phishing email scam like this, we’re going to take you through a few things to remember.
• Never open attachments or click on links included in unsolicited emails. If you know the sender, check the email for anything unusual such as poor spelling or grammar. If you’re still unsure, check with the sender that the message is genuine.
• Back up your important files on an external drive and update this regularly.
• Make sure you have up-to-date antivirus software installed on your computer. There are a number of free programmes including AVG, Avast and Panda Security.
• Only visit websites and download software that you know are reputable and genuine.
• Run full system scans on a regular basis to help detect and remove malicious software.
If you’re faced with a ransomware threat, stay calm. You may think that the best solution is to give in and pay the ransom, but there’s no guarantee that the infection will be cleared up if you do and you’ll only be encouraging criminals to continue pursuing this scam in the future.
Instead, contact the police and report the incident to Action Fraud.