It can’t hurt you if you don’t open it, but if you do open it, it can put you out of business.
“It” is an innocent-looking link in an email that might look like a free gift card to a popular restaurant or a magazine subscription.
Actually, it could be ransomware – a malicious attack on a computer system that can deny the owner access to data until a ransom is paid, often demanded in “bitcoin,” an online currency that can be used to make anonymous purchases and crosses international boundaries without going through a bank or any form of regulation.
The scam has been around for a while.
Jacksonville attorney Thomas Brown was a victim in December.
After he discovered all of the firm’s data was encrypted – and therefore useless – he made arrangements to pay the $2,500 ransom in exchange for a “key” that would return to him custody of his digital property.
In July, The Florida Bar notified its nearly 90,000 members they were the target of a ransomware attack.
The Bar concluded someone was able to obtain a list of members’ email addresses, said Whitney Ray, spokesman for the state attorney general.
The email, purportedly from state Attorney General Pam Bondi, said a complaint had been filed against the recipient and included instructions to click on a link to view the details.
The email was not from Bondi, however, and clicking the link could allow the malicious software to be downloaded.
The scammers were depending on human nature, said Sean Mulholland, a private investigator who provides data security services.
He said the scammers were counting on attorneys receiving the email and immediately clicking on the link to learn the nature of the complaint.
“The bad guys prey on the need for speed. They count on you not authenticating the source,” he said.
“These criminals are very sophisticated. This is not some kid in a basement. These are computer scientists,” Mulholland added.
As of Friday, Ray said 65 attorneys had reported receiving the imposter email.
Of the three who mentioned clicking the link, one received a warning notice from Google Chrome, one reported the link would not open and a third was able to open the link, but did not get a response, said Ray.
Mulholland said there could be hundreds more who did not report the attack to the attorney general and some may have been victims.
A major issue with ransomware is the criminals ensure it’s almost impossible to track them down, much less apprehend and prosecute them.
Ray said under state law, the scammers could be prosecuted for extortion, a scheme to defraud, theft and under the Racketeer Influenced and Corrupt Organizations Act (RICO).
“Under federal law, the schemes certainly could fall under the wire fraud and RICO statutes,” he said.
Mulholland said the difficulty in identifying, much less apprehending, the culprit who could be anywhere in the world makes prosecution virtually impossible.
Another factor is the ransom demanded is usually not enough money to justify doing anything other than paying up.
“Nobody’s going to track somebody down in Croatia and then extradite them over less than $5,000,” he said.
Mulholland said his ransomware practice began six months ago with one victim client. It has since grown to about a half-dozen.
One of the latest scams is an email sent to employees of a company informing them layoffs are soon to come and instructing them to click on a link for details and to find out how to take advantage of possible severance benefits.
“Who wouldn’t click on that as soon as they saw it?” said Mulholland.
The key to computer safety is awareness and training people who use a company’s computers.
People need to be wary of email from unfamiliar sources, particularly of any questionable communication that includes a link, Mulholland said.
Victims of malicious downloads are “always someone who clicked on something they shouldn’t have,” he said.
“Be vigilant – and don’t click unless you’re sure of the source,” said Mulholland.
(904) 356-2466