Imagine you’re leisurely scrolling through your Facebook news feed when the computer screen turns into a threat from the “Police Cybercrime Investigation Department.”
It shows your IP address and geographic location and states you’ve been caught downloading child pornography, you’ve been linked to terrorist activity and you’re being recorded. Then your webcam turns on, seemingly taking on a life of its own.
The message threatens that if you don’t send $100 to the address on the screen within 48 hours, criminal charges will be filed and the computer will remain locked on that screen.
That’s what happened to Natalie Franzen on Sunday night.
“I freaked,” she said. “I’m thinking, here I’m going to have an officer at my door. I put a napkin over my webcam.”
Wisely, Franzen didn’t pay the “fine” but instead called the RCMP who directed her to the Canadian Anti-Fraud Centre.
There she learned she was the latest victim of “ransomware.” a scam that’s been recently creeping into computer users’ homes around the world.
The issue has become so pervasive that the Federal Bureau of Investigation website carries a warning from the Internet Crime Complaint Center (IC3), which was established in 2000 as a partnership between the FBI and the National White Collar Crime Center.
“We are getting dozens of complaints every day,” said Donna Gregory of IC3, adding there is no easy fix when a computer becomes infected.
The warning states that a new Citadel malware platform is being used to deliver ransomware named Reveton.
IC3 calls this particular ransomware a “drive-by” virus because unlike many others that activate when users open a file or attachment, this one can install itself when users simply click on a compromised website.
Some variants of Reveton can turn on computer webcams and display the victim’s picture on the frozen screen, it states. The geographic location of the user's IP address determines payment services offered and police authority.
It also continues to operate on the compromised computer and can be used to commit online banking and credit card fraud.
A professional should be hired to remove the malware from the computer to make sure there are no lingering effects, according to FBI supervisory special agent Herbert Stapleton.
Back in Kamloops, Franzen was still in shock a day later.
Authorities told her they have no power to punish the individuals who hacked into her computer and threatened her.
“I guess there’s nothing they can do about it,” she said.
The only answer, say police, is to take precautionary measures like not clicking on links in emails or on websites that are unfamiliar or from unknown sources.