ACMA warns of ransomware attacks | ACMA

Internet

17 July, 2013 02:39 PM

Internet

ACMA warns of ransomware attacks

By Editor

Woman alarmed by email

The ACMA is today warning consumers of a ransomware, or scareware scam that has been propagated via infected websites, email and Twitter.

The online scam, which has been circulating the internet for some time, is designed to defraud Australians. A recent variant of this scam is known as ‘Australian Communications and Media Authority (ACMA) ransomware’.

This variant involves internet users finding that their computer has been frozen, with a pop-up alert appearing on their screen. The alert states that the user’s computer has been locked because of the user ‘viewing/storing and/or dissemination of banned pornography’ and breaching various laws. The scammer claims that they will unlock the computer if a fee is paid. A countdown timer appears on the screen showing the ‘remaining time’ in which the fee must be paid and a payment portal.

Also appearing on the frozen computer screen is an Australian flag containing the names and logos of various Australian government organisations, including the Australian Federal Police and the ACMA.

Alerts on this ransomware have previously been provided by the Australian Federal Police, the Australian Competition and Consumer Commission’s Scamwatch website and the Department of Broadband, Communications and the Digital Economy’s Staysmartonline alert service.

Both the AFP and the ACMA recommend visiting the SCAMwatch alert on this ransomware. It warns internet users to avoid clicking on pop-up boxes, giving away personal information or paying the ransom. Payment of the ransom does not guarantee the user will gain control of their computer. The SCAMwatch alert also provides tips on how to protect against these types of scams.

The ransomware is not isolated to Microsoft Windows operating systems, as a similar scam using the USA FBI identification is currently targeting MAC OS X.

The ACMA recommends that you speak with a PC professional to remove the ransomware if you believe you have been infected. 

Here is a screenshot of what a version of the ransomware looks like:

Ransomware Screenshot jpg