Hard Drive Ransom

Talk about timing! I just got this spam mail, allegedly but decidedly not from my bank, advising me to open a phony attachment. Here it is.

"Dear Capital One customer,

You have received this email because we suspect that your Capital One Bank account may have
been accessed from an unauthorized computer.
As a precaution, we have limited access to your online account in order to protect against
future unauthorized transactions.
Protecting your account is our primary concern, thats why we require that you confirm your Capital One Bank account details.
If this is not downloaded and completed until November 20, 2013, we will close your account.
Thank you,
Capital One Customer Service."

Obviously it is phony, given no bank will communicate genuine security violations via the medium which allegedly is being compromised (instead they phone the customer), and given how poorly the English is written. This began recently in Britain and is now expanding. It's a kind of hard drive kidnap and ransom plan. The E mails have an attachment which appears to be a voice mail, fax, invoice or details of a suspicious transaction that supposedly is being investigated by the bank.

But instead it is a malicious program that, if opened, will encrypt the user's hard drive and then begin displaying a countdown timer, while demanding the payment of  At present  about 300 dollars. But given the success of it, the price has jumped in the past few weeks. It tricks people into downloading so called 'CryptoLocker', a new software that encrypts a user's hard drive, effectively putting their photos, documents, and other data under lock and key. You pay the ransom or never get your data back. Once the attachment has been  downloaded a 72 hour countdown clock appears on the screen warning that the files will be lost irrevocably unless a ransom is paid, either through Bitcoin,  a tough-to-trace cyber currency, or MoneyPak cash cards.

People who have been careless enough to open the message and who've paid the ransom have reported that their files are decrypted within a few hours, but Britain's crime agency warned that it did not endorse the payment of ransoms to criminals and warned that "there is no guarantee that they would honor the payments in any event." The cleverness of a thief is often astounding. Once a computer is infected with this kidnap virus  it will almost certainly be impossible to unscramble the encryption, and instead the hard drive will have to be wiped and restored from a backup. And as we all know, few of us back-up files with any regularity That's quite an incentive to pay the ransom.

The distinctive thing about this kind of internet crime is that most of the time the thieves get away with their crimes. It's sometimes impossible to find the source of the spam and the penalties for criminals engaged in this kind of thing are no deterrent. Maybe nations should cooperate more in devising some basic internet laws that would be enforced as a collective group.

But in the end span messages are designed to trick the gullible, those few who still are unaware of such deceit.  In a sad sense the scammers deserve a bit of credit for realizing that many people never learn.