Ransomware, Scamware, & Scareware!

by | 08th April 2016

I’m sure you’ve heard these terms coined before. More often than not by me (James). But just what is Ransomware/Scareware/Scamware? How do people get it? Why does it exist? How do I avoid it? These are the questions I aim to answer in this Blog post. Lets begin!

What is it?

In simple terms – all 3 are malicious programs that corrupt the general use of your computer. To get your machine back – you (allegedly) have to pay a ransom!
Broken down further; the difference between the 3 is as follows;
Ransomware – Encrypts your Documents, Music, Pictures, anything of value and demands a ransom to get them back! By Encrypt we mean that these files become inaccessible, irretrievable and are generally “gone for good”.
Scamware – This tricks you into installing more malicious and unwanted programs, usually for a fee! The most common variant of Scamware is “Fake Antivirus”, essentially a false representation of an AntiVirus program (such as BullGuard or Norton) which tells you you’re infected and you must pay a fee to remove these infections. Truth of the matter is – the only infection you have is this piece of Scamware!
Scareware – This “scares” you into paying a fee to avoid horrible (scary) implications. Most commonly, this type of Malware will claim to have access to your deep, dark secrets (even if they are not true), or Bank Details and will expose them unless you pay a fee!

How do people get it?

Emails! Web Browsing! Invoices!
Truth is;  Being online in the 21st century.

Just like all other types of Malware and Virus; there is no concrete explanation. A vulnerable (often hacked) website will have Exploit Kits programmed into its code which target its visitors. Emailing of fake documents is also another common way (as discussed below).

I received a “Ransomware” email (The one that makes your personal files inaccessible)! Everything about the email looked genuine – it even went into my Inbox as opposed to the Junk folder.
The only issues I had with the email: Who did I owe £24,042.53 to? Just who is Leah Suarez?
SamEmail

I kept my wits! So I decided to open the document in a virtual machine.
ScamDoc
Hmmm…

If you get a word document like this. Please, please, please DO NOT Enable Content as it suggests. Why?
UhOh
That’s why! My Virtual Machine is now unusable!

As I explained above – this is only one scenario of how to get Ransomware, don’t think you’re immune because you don’t open suspicious emails!

Why does it exist?

Money, Money, Money! These types of Malware have earned Cyber Criminals worldwide Millions if not Billions.

If you find yourself infected – DO NOT PAY UP!! Bear in mind – these people are not trustworthy, who is to say they will hold up their end of the deal and decrypt your data? Simply; they won’t!
If you have gotten infected; call us on 01984 633603. We have dealt with many of these cases and we have been successful in getting some customers data back.

How do I avoid it?

Honestly… Keep your wits!

AntiVirus and AntiMalware protection is essential to prevent infection. Keep these up to date and make sure to renew them. Remember that an expired AntiVirus product has less use than a Chocolate Teapot!

Don’t open suspicious emails (like I did for this Blog post). If you don’t know the person, don’t recognise the debt, or are in anyway suspicious of an email – Delete it immediately!

Employ safe browsing habits. This means no illegal downloading of Torrents, Music, and Videos. No illegal streaming of Sports. And, no clicking on Advertisements! The average person pays for these services with good reason – they don’t want to risk their cyber security!

Use trust plugins in your web browser. We use Google Chrome here at Edward Martin Computer Services Ltd; we have “Web of Trust”, and “BitDefender TrafficLight” installed – if a website has a bad reputation; these plugins will warn you not to go there. Similar plugins exist for Firefox and Safari. None exist for Edge/IE (so don’t use them!)

What do I do if I’m already infected?

Call us! 01984 633603. No matter what the infection is telling you – we will deal with the matter confidentially. Nothing will surprise us!
We can guarantee to remove the infection. So far we’ve had a 80% success rate in getting data back, the sooner we are made aware – the higher the chances.

Read some of our latest blog posts