Police in the United Kingdom are warning people about a nasty "ransomware" scam that pretends to be a threatening message from Scotland Yard but actually hijacks your computer and demands you fork over money to unlock it.
The malware infects victims without their knowledge and, after freezing their computers, hits them with a message claiming to be from the Metropolitan Police's Central e-crime Unit (PCeU). The warning, Computerworld UK reported, accuses victims of visiting child pornography websites and other disturbing and illegal sites, and receiving emails containing "terrorist materials," and says their IP address is now under official investigation.
The malware that launches the money-grabbing scheme is triggered when people visit sites that have been rigged; police did not disclose which sites have been compromised to spread the scam, and told Computerworld UK only that "various websites" were affected.
Attacks such as these are called " drive-by downloads " — you don't have to click or download any files, the malware simply worms its way onto your computer when you visit a corrupted Web page. Thankfully, updated anti-virus software will stop almost all drive-by downloads from infecting your computer.
As always, the fake Scotland Yard scammers say there's a solution, and it's in your wallet. The malware scam informs victims that if they hand over their credit card information and pay 100 pounds, the (fake) police will unlock their system and restore it back to normal.
Ransomware scams are not unusual; cybercriminals have been employing this weapon for years in order to scare people into paying for services they don't need. This particular scam, however, comes with added weight by telling people they're under an official police investigation.
The real PCeU said people should be aware that if they receive any messages like this demanding money, they should recognize that it's a scheme and, if they've lost money, report the issue to their credit card company and to the police via a local non-emergency number. Computerworld UK also included a link to Action Fraud, a website to report attempted fraud scams or computer viruses.