UK cops have arrested three people in Staffordshire on suspicion of running a ransomware scam that fooled victims into paying £100 fines. A 34-year-old man and a 30-year-old woman from Stoke-on-Trent were cuffed on suspicion of conspiracy to defraud, money laundering and possession of items for use in fraud. A 26-year-old man …
Such a method
I remind all computer users that police do not use such a method to impose or enforce fines, so if you are confronted by such a page . . .
No, they just come to your house to collect. Oh wait, that was in Finland ... nevermind.
Re: Such a method
But at least you had a good idea they were the real law when they burst in with machine guns!!!
"police do not use such a method to impose or enforce fines"
No, judging from what we have heard about the Murdoch gang, they are much more subtle.
One is "helping journalists in the course of their inquiries" sourcing information and cell numbers. Others handed over some Royals itinerary for a 'donation'.
They do that in many countries, it's called "Soliciting or Accepting a Bribe".
...coming soon, courtesy of the new Snooper's charter....
...I remind all computer users that police do not use (will soon be using!) such a method to impose or enforce fines, so if you are confronted by such a page . . .
...then you can pay the fine either by PayPal, VISA credit or debit card direct to your local constabulary.
Please remember Big Brother has to recoup the £Billions it spent setting up the monitoring in the first place...
Re: Old news
It's not the type of scam that makes it newsworthy.
I consider it a public duty
to waste as much of these scammers time as possible, when I encounter them. My missis has become particularly adept, after a little basic coaching, and can happily keep them on the phone for half an hour. I wish there was a way we could have calls sent to us from the public to deal with.
I keep meaning to write a small program to deal with all the phishing attempts we receive, and just reply to them with thousands of random username/password combinations. Maybe with the dark evenings, I'll actually get round to it. I was thinking of a monitored email address which takes the URL and then loads the page and submits it again and again. In fact I'm going to go and check and see if LastPass has an API ....
Re: I consider it a public duty
Phone scammers? There, you are costing them. Same as phone spam - they have to *pay* to do it to you (in time and phone call unless you're stupid enough to live in a country that charges the RECEIVER of a call for its cost) and that's what costs.
Online scammers? It's probably not even their computer, or their connection, that you'll be wasting. Same as online spam - they don't pay a penny per million emails, or millions "visits" to their compromised site, so they don't care what happens. But the courts may take a dim view of you, say, DDoS'ing a hospital network because a single computer was compromised and you retaliated to the scam running from it (not saying they would do anything, but it's not black-and-white that they'd just ignore you either).
My email logs have something like 10,000 compromised IP's trying to send me email (most of them home ISP connections and even the occasional business-with-a-proper-domain-and-authenticated-smtp). I don't even notice, the senders won't even notice (until their ISP cuts them off) and certainly the actual spammer doesn't care if I've refused his email or not or whether, like one example I have, the same IP tries 30,000 times and gets rejected before it even gets to SMTP HELO each time. He probably doesn't even know that's what happened.
Re: I consider it a public duty
I was actually suggesting getting the URL from the phishing email, and then supplying it with a few hundred bogus login details. If the hit rate for the scammers dropped from (say) 1 in 10 to 1 in 1,000 they'll soon give up. Although I'm not so naive as to believe they won't devise another scam.
Tip to avoid getting done by such scams
Don't download crappy Facebook games or emoticon packs, don't click on ANY ads ANYWHERE and don't go digging for porn.
How hard is that? (Queue unintended pun comments...)
"suspicion of running a ransomware scam that fooled victims into paying £100 fines."
It didn't "fool" them, they knew exactly what they were doing if they paid up. And they probably paid up because they were doing something wrong in the first place (or had been and thought that must be what it was about).
I don't doubt that the odd clueless granny got caught up in it, but they would have got caught up in anything that asked them to pay money. But if someone puts up a sign from the Met Police on your computer saying you need to pay a £100 fine and you pay it, you haven't been "fooled" into doing it. You might have been "fooled" that they were the police, or that they could levy fines like that, but you voluntarily paid it - without question, appeal, investigation, even paperwork.
Hell, you don't even get a speeding ticket without some paperwork dropping through your door, verification of your driving license, a signed statement of guilt from yourself, information concerning your right and method to appeal, and a ton of other stuff too - and that's probably the one thing that *could* (law permitting) be automated down to the point where you just get an updated paper licence in the post with an endorsement written on it.
Such scams should, rightly, be stopped and the people convicted. But I can't say I feel a single pang of sympathy for any victim that was of sound mind (and those not of sound mind? Shouldn't have access to a credit card that lets them pay fines like that without someone checking first).
To Make a scam like that worth while
You'd need a lot of marks.
Since those that hadn't knowingly been downloading dodgy stuff would look to contest it and most of the rest wouldn't be fooled by it, it goes to show that there must be a significant number of folk engaging in copyright infringement.
I know someone who got one of these, realised it for what it was, a scam, but didn't know how to get it off their laptop. They took the laptop to a local IT repair business & the clueluess guy who works there decided that he couldn't get it off without spending time & money decrypting the hard-drive ( I'm not sure why he'd need that but it made the work sound so much more difficult to the laptops owner) , so formatted the drive & lost all of the owners Uni Work & pictures (they'd finished their degree but never backed up anything.... ) then charged them £50 .....
They ended up getting the virus again, asked me to look at it & within 5 minutes I'd got rid of the offending file & registry information. Fixed for a pint of beer & it only needed a 5 minute search on google....
Some Local IT businesses can be ajust as crooked, in their own way!
** I've told the owner to stop downloading Mongolian goat flute porn!
Makes me wonder who the real scammers are
The scammers, or the security-blanket companies and crooked repair shops claiming to protect us from them.
Pick up book and throw!
Platform: Windows 2000, Windows XP, Windows Server 2003 ...
Of course the MET don't do this
Everyone knows that on the spot fines are administered by the International Facebook Bureau (HQ in Badadministan)
The death penalty.
With a proviso that these scumbags are coated in sugar and put in a room with 5000 angry Japanese giant hornets, and the resulting video put on Youtube as a deterrent.
Re: Bring back
How do you get the Japanese giant hornets angry? Show them a map with the Senkaku Islands labeled "Diaoyu Islands"?
"In reality, police in the UK don't levy on-the-spot fines via downloaded software..."
Doubtless, though, some bright spark at the RIAA is reading this and thinking, "Hmmm...."
RE: Doubtless, though, some bright spark at the RIAA is reading this and thinking, "Hmmm...."
Don't give those slimy bastards ANY ideas!!!!!
- IT bloke publishes comprehensive maps of CALL CENTRE menu HELL
- Analysis Who is the mystery sixth member of LulzSec?
- Comment Congress: It's not the Glass that's scary - It's the GOOGLE
- Analysis Hey, Teflon Ballmer. Look, isn't it time? You know, time to quit?
- Murdoch Facebook gloat: You're like my $580m, 'CRAPPY' MySpace