The latest ransomware scam to seize control of computers and hold their contents hostage: An email with emblems of both the Internal Revenue Service and Federal Bureau of Investigation that falsely demands completing a FBI questionnaire “required” by a new law on tax compliance.
It looks like this:
While it may appear official, it’s all a lie – attempting to lure recipients to click on a link to access a questionnaire from the FBI (a longtime disguise by ransomware scammers), supposedly “required” because of a new tax regulation that took effect on June 21. But the cited regulation is bogus, and the link doesn’t lead to a questionnaire; instead clicking on it downloads ransomware to prevent victims from accessing data stored on their device unless they pay money to scammers.
What’s more, “people with a tax issue won’t get their first contact from the IRS with a threatening email or phone call,” IRS Commissioner John Koskinen notes in warning about this scam. Any official correspondence about personal tax or other issues from that or other federal agencies will come by U.S. mail – not by email, phone call, text message or social media posts.
Like past recent ransomware attacks – notably WannaCry that occurred last May and infected 230,000 computers in 150 countries and Petya in June primarily attacking computers in Ukraine – this new scheme is part of an ever-growing ransomware rampage. In addition to angling for ransom fees (usually requested in bitcoin) ranging from $300 to $600 per individual and tens of thousands of dollars from institutions, such attacks are estimated to exceed $5 billion this year in workplace-related damages due to loss of data and productivity.
And after primarily threatening personal computers (including Macs) and institution-wide networks – including a record number of attacks last year – there’s new focus on also targeting smartphones, tablets and other mobile devices. During the first few months of 2017, mobile ransomware increased 250 percent, according to recent research by cyber security firm Kaspersky. And the U.S. is the world’s favorite target for ransomware campaigns.
Your best defense against ransomware?
1. Regularly back up important contents of your computer on an external hard drive or CD-ROM. This way, if you’re hit with a ransomware attack, you can reinstall your files from that (it’s worth repeating) external backup. You can set your computer to do this automatically – and once set, you can forget it…until you need those important files and photographs.
2. Click with caution. Don’t trust links or attachments in emails from those you don’t recognize, and carefully read body text in messages from those you recognize, looking for spelling and grammatical errors. Beware of those purporting to deliver or seek, seeking sensitive information not normally shared by email. While some ransomware-laden links purport to come from legitimate businesses, check the sender’s address; scammers may use a Gmail.com, Hotmail.com or another free email service. If the message claims an impending delivery or other important news, go to that company’s website by typing its address yourself, rather than depending on what’s provided in emails.
3. Use reputable antivirus software and a firewall. Keep software updated and set to accept security patches, as they become available, to combat ransomware and other threats. You can also set your software to automatically run scans several times a week, if not daily.
4. Enable a pop-up blocker. Criminals regularly use pop-ups to spread malicious software. Preventing pop-ups is easier than making accidental clicks on or within them.
5. Avoid free online offers for screen savers and games unless you download them from trusted websites.
6. Don’t pay the ransom. If you do because you didn’t run regular backups, experts say there’s no guarantee that scammers will provide the promised decryption key…and why would they risk exposing themselves? Payment might instead incentivize those or other cyber-crooks to target your device for future attacks to keep the money coming. Instead, report any ransomware attempt or attack to www.IC3.gov and forward any IRS-themed scams to firstname.lastname@example.org.
For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and keep tabs of scams and law enforcement alerts in your area at our Scam-Tracking Map.