Police warn of extortion messages sent in their name
Malware has infected computers with insufficient anti-virus software
Finland’s police are warning all Internet users of malware - or more specifically "ransomware" - that masquerades as a police message in an attempt to extort money.
The malware claims that the user’s computer has been locked as a result of illegal browsing on the Internet and that in order to have the system unlocked the user has to pay a fine of EUR 100 via the PaySafe service.
The police stress that the message has nothing to do with the Finnish police force, and that paying the sum would be of no use to the user. Moreover, the police never lock users’ computers or ask for any payment for unlocking them.
The precise number of those Finns who have fallen victim to the ransomware is not known.
Detective Inspector Teemu Hokkanen from the East Uusimaa Police says that two reports of an offence relating to the malware have been recorded in Vantaa. The victims have also paid the ”fine” of EUR 100. The National Bureau of Investigation, Finland's central criminal police arm, has also been given tip-offs about the malware.
”It is likely that the perpetrators are foreigners, but the language used in the message is quite good Finnish”, Hokkanen notes.
What makes it sound even more authentic to the unwary is that using the IP address of the computer, the malware manages to establish for example the user’s place of residence.
Similar attempts to extort money have been made earlier at least in the name of the German Federal Police, the Metropolitan Police in London, The Swiss "Federal Department of Justice and Police", and the Italian Police (see external link).
Hokkanen says that it may prove difficult to catch the perpetrators.
”It can hardly be done by following the payments, as the number of PaySafe service points amounts to hundreds of thousands worldwide. At the moment, we are focusing on trying to prevent damage, while analysing the malicious software together with data security experts”, Hokkanen concluded.
According to the information gathered by the police, the malware has infected computers that have not had an updated operating system or adequate anti-virus software.
At least some of the anti-virus programmes are able to remove the malware from computers. English-language removal instructions can also be found on the technet.com site maintained by Microsoft.
Those who have become victims of such malware can report an offence at the nearest police station or via the Internet.
Previously in HS International Edition:
Warfare for a new age (19.10.2010)
Mysterious spy program spreads in world´s computer networks (21.10.2011)
Losses amounting to EUR 50,000 in malware attack on Nordea online banking customers (19.1.2010)
Technet.com: Disorderly conduct - localized malware impersonates the police
Police: Reporting an offence