The National Crime Agency (NCA) has discovered, through its cybercrime unit, a new mass-spamming scam that is targeting victims in the United Kingdom, “locking” them out of their own computer with an encryption programme and holding it for ransom in return for Bitcoins, the Financial Times reports.
Due to the magnitude of the scam, the agency has issued an alert regarding phishing emails that seem to be sent by banks and other financial institutions, especially to small and medium-sized businesses.
According to the NCA, which rated the scam as a “significant risk”, the emails could have reached tens of millions of computer users by now. The virtual messages carry an attachment with hidden malware: if opened, the virus can install a piece of ransomware called Cryptolocker that is able to encrypt the local network and the user’s files.
Once the malware is in action, the computer will display a countdown timer and will demand for 2 BTC, in order to provide the decryption key. Of course, there’s no guarantee that the hackers will honour their promise and release the infected computer, the agency warns.
The NCA says the best way to prevent any consequences is simple: don’t open suspect attachments and immediately disconnect the computer from the network.
Lee Miles, who heads the NCA’s national cyber crime unit, says the agency “is actively pursuing organised crime groups committing this type of crime. We are working in co-operation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public”.