Feeds

Suspected fake internet cop trio collared by real cops

Ransomware demanded on-the-spot £100 fines from victims

Internet Security Threat Report 2014

UK cops have arrested three people in Staffordshire on suspicion of running a ransomware scam that fooled victims into paying £100 fines.

A 34-year-old man and a 30-year-old woman from Stoke-on-Trent were cuffed on suspicion of conspiracy to defraud, money laundering and possession of items for use in fraud. A 26-year-old man from Stoke-on-Trent was arrested on suspicion of conspiracy to defraud. All three were taken in for questioning at a Staffordshire police station.

Ransomware malware usually works by preventing an infected computer from starting up or encrypts the PC's documents. Punters have to pay a non-trivial amount to the fraudster who planted the malware to regain control of their machine and files.

In this case, it's alleged the ransomware was used to halt the computer and display a bogus warning from the Metropolitan Police Service accusing the user of committing offences online. The "splash" screen for the software would claim the plod had monitored the victim's activities on the internet. The mark would then have to pay a penalty of £100 to unlock the machine.

In reality, police in the UK don't levy on-the-spot fines via downloaded software, but that hasn't stopped miscreants from developing strains of ransomware that try to pull off this type of con. A screenshot of a typical notice generated by bogus police ransomware can be found in this write-up of the Reveton Trojan by Trend Micro .

Ransomware scams have become increasingly prevalent in recent months, and that may have sparked this latest investigation by officers from the Met's Police Central e-Crime Unit (PCeU).

PCeU detectives based in London and the outfit's North West hub, along with officers from Staffordshire Police, searched three addresses on 11 December before arresting the trio.

In a statement, Detective Inspector Jason Tunn, from the PCeU, said: "The arrests show we are determined to combat this type of crime. I remind all computer users that police do not use such a method to impose or enforce fines, so if you are confronted by such a page do not enter any of your details." ®

Internet Security Threat Report 2014

More from The Register

next story
George Clooney, WikiLeaks' lawyer wife hand out burner phones to wedding guests
Day 4: 'News'-papers STILL rammed with Clooney nuptials
Shellshock: 'Larger scale attack' on its way, warn securo-bods
Not just web servers under threat - though TENS of THOUSANDS have been hit
Apple's new iPhone 6 vulnerable to last year's TouchID fingerprint hack
But unsophisticated thieves need not attempt this trick
PEAK IPV4? Global IPv6 traffic is growing, DDoS dying, says Akamai
First time the cache network has seen drop in use of 32-bit-wide IP addresses
Oracle SHELLSHOCKER - data titan lists unpatchables
Database kingpin lists 32 products that can't be patched (yet) as GNU fixes second vuln
Researchers tell black hats: 'YOU'RE SOOO PREDICTABLE'
Want to register that domain? We're way ahead of you.
Stunned by Shellshock Bash bug? Patch all you can – or be punished
UK data watchdog rolls up its sleeves, polishes truncheon
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.