Local businesses being targeted by Ransomware scammer

For the Troy Daily News

DAYTON — Ransomware — a virus that freezes your computer, holding it hostage until you pay to unlock it — is not new in the local marketplace, according to Sheri Sword, vice president of communications for the Better Business Bureau of Dayton and the Miami Valley.

Many Miami Valley residents have been a target of these scammers and been charged $200 to $10,000. The larger losses are usually incurred by businesses due to requirements to protect their network and their customers’ personal information. Unfortunately, it does happen quite often as one Centerville business will attest to. Here’s how it happened:

For a week prior to the scam, the company was experiencing quirks in its computer system, which involved a server and about ten computers. The company just thought it had a bad Internet connection. But, after a week of dealing with what it thought was a minor problem, the whole computer system shut down. The computer screen said the system had been locked and the company had to send four Bitcoins to receive a key from the scammer to decode the computer system.

Bitcoins are an online currency, which is decentralized and anonymous, making it a new favorite method of payment for scammers. Like pre-paid debit cards and wire transfers, if you pay with Bitcoin, it’s like paying in cash. Four Bitcoins is equal to about $1,600.

The local company felt its hands were tied by the scammer. The business had done everything to protect itself from scams like this. It was credit card compliant, secure as it needed to be and more, but found all this was still insufficient to block the problem. The company couldn’t even access its antivirus program to try to resolve the problem.

After doing extensive research, the company found it did not have a lot of recourse and submitted the information to the FBI. Time was of an essence as the scammer informed the company that if it did not make the required payment in 96 hours the ransom would double. The company negotiated the ransom to three Bitcoins (about $1,250) and paid it. Business is now back to normal for the company.

Since this experience and doing all the research on how to resolve the problem, the company found many other companies have been victims of the same scam. They pay the ransom and sweep the problem under the rug. They don’t want their customers not to do business with them out of fear that giving information, such as credit card numbers, might put them at risk if the company is victimized by ransomware.

Ransomware is not new. These financial fraud schemes have been impacting victims since April 2014 and are usually very successful. FBI’s Internet Crime Complaint Center (IC3) received 992 CyptoWall-related complaints from April 2014 to June 2015, with victims reporting losses totaling over $18 million (CyptoWall is a form of ransomware).

This local business owner suggests, “Area businesses should have professional IT experts do a thorough assessment of their businesses’ computer systems because what was up-to-date six months ago is no longer sufficient. They should also do full backups of both data and programming.”

Your Better Business Bureau offers you a few tips to help you avoid this scam personally and professionally:

• Always use antivirus software and a firewall. Protect your computer (and your cell phone) by using antivirus software and a firewall from a reputable company.

• Update your software regularly. The regular reminders to update your browsers and other software are annoying, but they are for a good reason. These updates protect against the constantly evolving viruses and system vulnerabilities.

• Enable popup blockers. Popups are regularly used by scammers to spread malware. Prevent them from appearing in the first place by adjusting your browser settings.

• Be skeptical. Don’t click on e-mails or attachments you don’t recognize and avoid suspicious Web sites.

• Always back up the content on your computer. If you back up your files, ransomware scams will have limited impact. If you are targeted, you can simply have your system wiped clean and reload your files.

Victims of ransomware scams can file complaints with the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov and find trustworthy computer repair shops at bbb.org.