Do you like being scared? Do you consider yourself a fan of horror movies and TV series that scare the (crap) out of you? If so, you must have seen either the comic or HBO series, “Tales from the Crypt”. Personally, I’m not a fan, but if I close my eyes I can still see that freaky talking skeleton with the long hair that I’d come across while flipping through channels. As a tech or I.T. person, the scariest threat facing Windows computers today is the appropriately named, CryptoLocker virus. Today, we’ll take a look at exactly what it is, and, more importantly, how to protect yourself and your computer against this widespread threat.
By definition, CryptoLocker is ransomware. Ransomware is a virus (malware) that holds your computer hostage. There are several iterations of CryptoLocker that are inflicting damage today. One message you may come across looks like the image above. Another uses the FBI’s shield along with an American flag to make itself look legitimate. If you’re on a laptop with a webcam, you might even see a picture of yourself along with warnings claiming that illegal files and child pornography have been detected on this computer. The common thread is that your hard drive is locked and you cannot access your files unless you pay a specified amount of money within a certain time period. I’ve seen demands as high as $500 within three days. The message claims that unless you pay this money within this time period you’ll never be able to access your files ever again, and you could face jail time. Suddenly the freaky looking, talking skeleton doesn’t seem so scary by comparison.
I’ve been successful removing this virus and saving the good name and hard earned cash of my clients before, but CryptoLocker is no walk in the park to remove. As is the case with anything else, it’s easier to prevent something from happening in the first place than to fix it afterward. So, what precautions can you take to avoid such a catastrophy? Because CryptoLocker (and more recently TorrentLocker) is spread quickly thanks to e-mail, NEVER open an e-mail attachment from an unknown source. It’s a good practice before even opening an e-mail to hover your mouse (don’t click) over the sender’s name in your inbox to see the e-mail address that the message is actually coming from. Fun fact: a shipping notification from QVC with an e-mail address of mxfjedfudfferjher@yahoo.me.qvc.de is not actually from QVC and should not be opened! Always make sure that your anti-virus software is activated and up-to-date, and run periodic scans with it, as well as an anti-malware program. If you don’t have an anti-malware program, do an Internet search for Malwarebytes. Malwarebytes offers a free and a premium version depending on your needs. Also, keep your computer current by installing “Important” updates from Windows Update. If a message pops up on your screen alerting you that updates are ready to be installed, go ahead and install them. In addition to closing security holes, make sure to keep your personal files backed up “just in case”. For backup options, please click here for our previous blog post, “A Call for Backup”.
If you accidentally click on something you shouldn’t have, and notice anything suspicious happening, like the names of files or folder changing, shut your computer down immediately. If you’re at work and connected to a network, alert your I.T. person so that they may disconnect the computer from the network to hopefully prevent additional damage from being done. Just imagine this spreading to every computer in the office! As I often point out, there’s no reason to be afraid of the Internet. Just keep your eyes open, and use common sense and you’ll be A-OK. If you follow these steps, your story won’t end up as one of the “Tales from the CryptoLocker”!