The National Crime Ageny (NCA) is urging members of the public to protect themselves against powerful malicious software (malware), which may be costing UK computer users millions of pounds.
Action taken by the NCA to combat the threat will give the UK public a unique, two-week opportunity to rid and safeguard themselves from two distinct but associated forms of malware known as GOZeuS and CryptoLocker.
Members of the public can protect themselves by making sure security software is installed and updated, by running scans and checking that computer operating systems and applications are up to date.
The NCA’s alert is part of one of the largest industry and law enforcement collaborations attempted to date.
Activity in several countries, led by the FBI in the US, has weakened the global network of infected computers, meaning that action taken now to strengthen online safety can be particularly effective.
Visit the NCA website to learn more.
The activity of Law Enforcement and Private Industry announced from June 2 provides an ideal window of opportunity for members of the public to clean their computers.
Over 15,800 computers are known to be infected in the UK with Zeus GameOver malware that allows criminals to steal money form online accounts, capture passwords and personal data, turn on webcams remotely, or even morph into ransomware (such as CryptoLocker) that encrypts all the user’s files.
The NCA advise everyone (including businesses) should Update their operating system as soon as possible and check for updates weekly. These are free.
Install/Update Anti Virus or Security Software. This can be free for basic protection. It is recommended this is updated daily or ideally set to update automatically.
Use caution before clicking on unsolicited email attachments or hyperlinks as they are one of the most common ways to get infected.
Visit www.getsafeonline.org/and run a clean-up tool of your choice.
This excellent and trustworthy site provides plain English explanations, advice and host links to companies who have supported this activity and are offering clean up tools for free.
If people discover they have been infected with malware they should be advised to report it to www.actionfraud.police.uk and they should also notify their bank and change all their passwords.
They should be offered advice and support as any other victim of crime, especially if they have lost money or irreplaceable data.
General password advice:
The strongest passwords tend to be phrases, which are easier to remember, with a mixture of numbers letters and other characters.
If anyone has had their computer encrypted by CryptoLocker, there is no way police can decrypt the files.
Only the decryption key held by the criminals will do this.
The criminal business model means that files usually are decrypted if the ransom is paid, though Law Enforcement would never recommend paying the ransom to criminals.
Anyone who has been infected (whether they’ve paid a ransom or not) should ensure they still update their operating systems and run Anti Virus/Security software on their vulnerable machine.
For CryptoLocker, prevention is better than cure.
Users should backup copies of their most important files to a non-networked system (e.g. record on DVD or external hard drive that is unplugged once backed up).
Beware cold-calling from people offering to fix or remotely clean computers.
This is invariably a scam.
Always be sure of who is calling and if any doubt don’t grant them access to your computer.
None of the legitimate tools designed to protect users require remote access to the computer.
Members of the public should always seek advice www.getsafeonline.org before taking unfamiliar steps.
At present this specific malware only affects Windows computers, but diligence is advised on all operating systems (including smartphones) as criminals seek to exploit every available platform.