Beware: 'Ransomware' Is Now Attacking Macs


Cybercrooks have upped their game in the common "ransomware" scam, in which your screen displays a bogus FBI message accusing you of watching child pornography or another illegal online activity - and then freezes your computer until a "fine" is paid.

Since last year, this scam has primarily targeted PC users.

But now, the real FBI warns that the latest targets include Macs running the OSX operating system.  And there are additional campaigns against PCs in which other federal agencies are being impersonated, including the Internet Crime Complaint Center (IC3) and the Department of Homeland Security (DHS).

With the Mac ransomware, the pop-ups appear legitimate, showing within the address field in your browser and using well-crafted language, as opposed to the mistake-riddled "scammer grammar" often used in Internet scams.

In all forms of the scam, supposed fines ranging up to $300 are demanded via a prepaid debit or MoneyPak card. Once that's done, you're told you will receive a password code that will allow you to unfreeze your computer.

Don't pay! Many people who did got nothing in return - other than demands for more payments. Instead, file a complaint with the IC3 and deal with the problem yourself.

With Macs, fixing it is relatively easy. The ransomware that targets these machines is not real malware, says the FBI. Rather, it just causes your operating system to open numerous browser windows (iframes) to incapacitate your computer.

You can close the iframes by clicking the "Reset Safari" option on the Safari menu, after checking all check boxes. Or hold down the shift key while relaunching Safari, which will prevent windows and tabs from the previous session from reopening.

With PCs, getting rid of the ransomware can be a bigger job. It's a virus known as Reveton, a variant of a type of malware used to hijack online banking accounts.

Sometimes it's possible to unfreeze your machine yourself by turning it off and restarting it in "safe mode" and then following Windows instructions to do a "System Restore."

But officials warn that this doesn't neutralize the threat, because Reveton may continue to capture personal information such as your user names, passwords and credit card numbers, and send them to the scammers. That's why PC users are urged to have a computer professional remove the malware.



Also of Interest


See the  AARP home page for deals, savings tips, trivia and more


Search AARP Blogs