malware on the riseUPDATE 5/17/2017 Malware is on the rise, and everyone is vulnerable. While it’s tempting to pay the ransom, the FBI warns it’s not the best choice.

Ransomware warnings

All it takes is one wrong click, and your computer is taken over by ransomware. It’s happened to legitimate businesses and home computer users. The malware locks your computer and its files demanding a ransom to unlock your system.

Malware puts everyone at risk.

Criminals target home computer users because they fall for the ripoff and ransom quickly because they may not be as technically savvy.

Businesses are also vulnerable even though their technical sophistication may be higher. If business files are locked, there’s great financial risk. So a business is likely to pay the ransom which is often significant.

How does your computer get infected? Usually, it starts with an email with a link that contains the bad code or malware. Your files are encrypted when your computer is infected. A computer message usually appears warning you of the ransom.

While spam and phishing emails often contain the bad code, the FBI says criminals are now directly targeting websites with malicious code.

While it’s tempting to pay the ransom, the FBI warns against that.

“Paying a ransom doesn’t guarantee an organization that it will get its data back—we’ve seen cases where organizations never got a decryption key after having paid the ransom. Paying a ransom not only emboldens current cyber criminals to target more organizations, it also offers an incentive for other criminals to get involved in this type of illegal activity. And finally, by paying a ransom, an organization might inadvertently be funding other illicit activity associated with criminals,” explained FBI Cyber Division Assistant Director James Trainor.

The Internet Crime Complaint Center says it’s important that users report the crimes to the FBI so they can track the latest malware and stop it when possible.  You should include the date of infection, ransom page, victim company information, how the infection happened, ransom amount, bitcoin address if requested, ransom paid, overall losses, and a victim impact statement on the incident.l

DNS Changer malware

Malware takes many forms. Several years ago, a DNS Changer malware changed domain names. The FBI says when you type in a domain name, the malware convert the address into a numerical address that allows computers to talk to each other. If your computer is infected, it’s directed to a malicious DNS server and will give you fake, malicious answers, alter your searches, and promote fake and dangerous products.

The Malware redirection happened in two ways — through search results and advertising. If you clicked on a search result, the Malware redirected your computer to a different website. For example, if you look up Apple-iTunes, you are redirected to a business unaffiliated with Apple but that appears to be selling those products. For Netflix, the FBI says the malware directed users to a business called “BudgetMatch.” When you clicked on the link for the IRS, H&R Block showed up. The FBI says for each click the alleged criminals received money under their advertising agreements.

Malware ads

There is also an advertising component. The FBI said the malware ads replace legitimate ones with ads that trigger payments to the those allegedly involved. The indictment alleges that when you went to the Wall Street Journal home page, an ad for the American Express “Plum Card” was fraudulently replaced with an ad for “Fashion Girl LA.”

FBI malware warning

The FBI alleges the criminals earned at least $14 million through this scheme. The problem is that your computer may be without knowing it. The FBI says it has arrested and charged those responsible. As a result, computers pointed at these malicious servers are redirected per a court order. That’s why you may not know your computer is infected. This is being done to give people time to fix their computer and avoid massive disruption.

How to keep malware off your computer

Don’t click on any suspicious links. Always hover over a link before clicking on it. This will show you the site behind the hyperlink.

When you are downloading software, only do it on sites that you know and trust. Downloads are embedded with malicious code.

Keep antivirus software up to date on your computer.

Back up all your files on a regular basis.

If you are infected, take your computer to an expert rather than paying the ransom.

Report all incidents to the FBI Internet Crime Complaint Center.