Feeds

Suspected fake internet cop trio collared by real cops

Ransomware demanded on-the-spot £100 fines from victims

Internet Security Threat Report 2014

UK cops have arrested three people in Staffordshire on suspicion of running a ransomware scam that fooled victims into paying £100 fines.

A 34-year-old man and a 30-year-old woman from Stoke-on-Trent were cuffed on suspicion of conspiracy to defraud, money laundering and possession of items for use in fraud. A 26-year-old man from Stoke-on-Trent was arrested on suspicion of conspiracy to defraud. All three were taken in for questioning at a Staffordshire police station.

Ransomware malware usually works by preventing an infected computer from starting up or encrypts the PC's documents. Punters have to pay a non-trivial amount to the fraudster who planted the malware to regain control of their machine and files.

In this case, it's alleged the ransomware was used to halt the computer and display a bogus warning from the Metropolitan Police Service accusing the user of committing offences online. The "splash" screen for the software would claim the plod had monitored the victim's activities on the internet. The mark would then have to pay a penalty of £100 to unlock the machine.

In reality, police in the UK don't levy on-the-spot fines via downloaded software, but that hasn't stopped miscreants from developing strains of ransomware that try to pull off this type of con. A screenshot of a typical notice generated by bogus police ransomware can be found in this write-up of the Reveton Trojan by Trend Micro .

Ransomware scams have become increasingly prevalent in recent months, and that may have sparked this latest investigation by officers from the Met's Police Central e-Crime Unit (PCeU).

PCeU detectives based in London and the outfit's North West hub, along with officers from Staffordshire Police, searched three addresses on 11 December before arresting the trio.

In a statement, Detective Inspector Jason Tunn, from the PCeU, said: "The arrests show we are determined to combat this type of crime. I remind all computer users that police do not use such a method to impose or enforce fines, so if you are confronted by such a page do not enter any of your details." ®

Internet Security Threat Report 2014

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.