US-CERT Warns About DHS-Themed Ransomware

Victims are told that the "work of their computer" has been suspended

By on March 21st, 2013 16:12 GMT

The United States Computer Emergency Readiness Team (US-CERT) is warning users about pieces of ransomware which inform victims that the Department of Homeland Security (DHS) has “suspended” their devices.

Ransomware helps cybercriminals make millions of dollars each year, so we probably shouldn’t be surprised to learn that they're continually working on improving their creations and changing tactics to ensure the success of their campaigns.

In this case, victims are presented with an email message, apparently coming from the DHS’s National Cyber Security Division, which reads, “the work of your computer has been suspended on the grounds of the violation of the law of the United States of America.”

Victims are instructed to pay a fine of $300 (232 EUR) if they want to have their computers unlocked.

Based on US-CERT’s report, I can’t say for certain if the emails in question contain links or attachments that hide the ransomware itself, or if the warning message is displayed directly in the email.

In any case, users are advised to avoid clicking on links contained in suspicious emails. They’re also advised not to provide any information or money to the crooks.

To learn how to avoid email scams and social engineering attacks check out US-CERT’s advisories here and here.

1 Comment