With Halloween around the corner, beware of scareware
Added: October 2012
With Halloween around the corner, SCAMwatch urges you to be alert to a new type of scareware doing the rounds where scammers try and scare you into handing over money in order to regain control of your computer.
SCAMwatch has received reports of a particularly nasty scareware scam where internet users receive a pop-up alert on their screen and find their computer has been frozen. The alert claims to be from the Australian Federal Police (AFP) and states that the user's computer has been locked because they have visited an illegal website or breached various laws. The scammer claims that they will unlock the computer if a fee is paid.
The AFP does not solicit funds and this message is not associated with the AFP in any way.
Don't let a scammer ransom you – if you pay, you are not guaranteed that you will regain control of your computer and your computer's security has still been compromised.
How these scams work
- You visit a website or receive an email that scammers have infected with scareware.
- Out of the blue, your computer freezes and you receive a pop-up alert from what appears to be a reputable authority such as the Australian Federal Police. The alert may include a police logo to make it appear legitimate.
- The alert states that your computer has been frozen because you have violated a law or visited an illegal website. Common claims made by the scammers are that you have violated laws around privacy, copyright or child pornography.
- In order to unlock the computer, you are instructed to pay a 'fine' – usually $100 or $199 – using a prepaid money service. These services involve you purchasing a money voucher from a store, which can then be used to make online payments.
- If you pay, the scammers may or may not unlock your computer. Even if you do regain access to your computer, malware may continue to operate so that the scammers can use your personal and financial details to commit fraud.
- Be wary about which websites you visit and do not open emails from unknown senders – emails may contain malware and some sites may automatically download malicious software on your computer.
- Before you download a file, make sure it is from a reputable source. If the file is a program (for example, the file name ends with .exe) make sure you know exactly what it will do.
- Always keep your computer security up to date with anti-virus and anti-spyware software and a good firewall. Only buy computer and anti-virus software from a reputable source.
- Be careful what you store on your computer – if a scammer gains access to your personal data, they can use it to steal your identity and your money. If you think your computer has been infected, contact your bank or financial institution immediately and change your passwords.
- If you receive a pop up alert and are unable to perform any functions on your computer, it may have been infected and you might need a computer specialist to remove the malware. If you are able to perform some security functions on your computer, use your security software to run a virus check.
- If you have received this scam, unfortunately your computer's security has been compromised. Even if you have managed to regain control of your computer – whether by your own means or by paying the scammer – it could still be infected with malware. Use your security software to run a virus check but if you have any doubts, contact your anti-virus software provider or a computer specialist.
You can report scams to the ACCC via the report a scam page on SCAMwatch or by calling 1300 795 995.
The AFP has issued a media release about this scam.
Check out SCAMwatch's online scams section for more information on malware, spyware and key-logging scams.
Stay one step ahead of scammers, follow @SCAMwatch_gov on Twitter or visit http://twitter.com/SCAMwatch_gov.
You have received this email because you have subscribed to receive SCAMwatch radar alerts on scams targeting Australians. These alerts are issued by the Australian Competition and Consumer Commission and can be viewed on its SCAMwatch website www.scamwatch.gov.au.
If you have any doubts about an email's source, verify the sender by independent means - use their official contact details to check the email is legitimate before clicking on links or opening attachments.
If you no longer want to receive SCAMwatch email alerts, please unsubscribe on the SCAMwatch website.