Criminals routinely take advantage of the opportunities offered by the Internet and Information Technology to meet their gains, be it for profit, notoriety or to cause harm. Cybercrime takes many different forms:
Phishing | Account Takeover | Email Compromise | Ransomware | Denial of Service | Online Fraud || Webcam Extortion | Malware/Viruses | Hacking | Website Defacement |
You opened an email attachment and now you cannot access any of the files or folders on your computer. A note was left on your computer asking a payment to be made in order to regain access to your data.
Ransomware is a malicious software that prevents access to a computer, mobile device or data that is stored on the device.
If a device is infected with Ransomware, the device may become locked, or the data on it might be stolen, deleted or encrypted.
Normally the user will be requested to make a payment (the ransom) in order to ‘unlock’ the computer or access the data.
However, even if you pay the ransom, there is no guarantee that the computer or files will be ‘unlocked’
How to prevent Ransomware
The National Cyber Security Centre (NCSC) has published advice to assist individuals and businesses to prevent & recover from ransomware incidents.
- Make regular backups of important information (such as photos and financial documents) and check you know how to restore this.
- Make sure the device containing your backup (such as an external hard drive or a USB stick) is not permanently connected to your computer.
- Consider backing up to the cloud. This means you'll be able to access your data quickly from anywhere.
Protecting your data and devices
The following steps will reduce the likelihood of your computer or device being infected with ransomware.
- Keep your operating system and software (apps) up to date. Don't put off applying updates, they contain patches that keep your device secure, including protection from ransomware and viruses.
- Make sure your antivirus product is turned on and up to date. Windows has a built in malware protection tool (Microsoft Defender) which is suitable for this purpose.
- Avoid downloading unofficial apps. Only use official app stores (like Google Play or the Apple App Store), which provide protection from viruses.
What to do if affected by Ransomware
If your computer or device has been infected by ransomware (or any type of malware), you should:
- Open your antivirus (AV) software, and run a full scan. Follow any instructions given. If your AV can’t clean your device, you’ll have to wipe it entirely, factory-reset and re-install everything, starting with your operating system.
- Restore your backed-up data that you have kept on a separate device (such as USB stick, external hard drive or cloud storage).
- Do not copy any data from the infected computer or device.
- If you receive a phone call offering help to clean up your computer, hang up immediately. This is a common tactic used by cyber criminals.
- In some instances, devices can be ‘unlocked’ by utilising the FREE Police and Industry backed Europol initiative, No More Ransom: https://www.nomoreransom.org/en/index.html
Should I pay the ransom?
Police Scotland and partners, including NCSC encourages individuals / organisations NOT TO PAY THE RANSOM. If you do:
- There is no guarantee that you will get access to your data or device.
- Your device will still be infected.
We would advise anyone who thinks they may have been subject to a ransomware attack to contact Police Scotland via 101 (Non-emergency) or 999 (where there may be a threat to life or threat to national infrastructure.)For further guidance please see the information at NCSC and No More Ransom
Someone has hacked into your online accounts – Social Media, Banking, Email etc. and made changes to your details without your permission to do so. Or, an associate of yours has received an email that has been sent from your email address informing them of a change of payment details and you know that you did not send the email.
Denial of Service Attacks
Your business or personal website or IT system has come under some form of cyber-attack and genuine visitors/users are unable to access the systems that they require.If you believe that you have been the victim of a Cybercrime, you can report it to Police Scotland.
Webcam blackmail and sextortion
What is it?
Webcam blackmail or sextortion are incidents whereby criminals befriend victims online, by using fake identities, and then persuade them to perform sexual acts in front of their webcam, often by using attractive women/men to entice the victim to participate. These individuals may have been coerced into these actions using financial incentives or threats.
These webcam videos are recorded by the criminals who then threaten to share the images with the victims’ friends and family. This can leave the victims feeling ashamed and embarrassed and in extreme cases, have resulted in self-harm of victims taking their own lives. Males and females of any age, anywhere, can become victims.
The best way to protect potential victims is to encourage them to be careful and selective about whom you befriend online just as you would offline, especially when considering sharing intimate images.
Who is behind this crime?
We have evidence that organised crime groups mostly based overseas are behind this crime. For them it's a low risk way to make money and they can reach many victims easily online.
Potential warning signs.
- Appears stressed or depressed
- Doesn't seem to be coping with any problems
- Is distracted, moody or withdrawn
- Showing marked changes in their habits
What you can do?
Take all signs of distress seriously, even if they seem to be leading a normal life.
- Ask what is troubling them
- Listen carefully to what they have to say
- Let them know you care
Advice for victims of sextortion?
If someone threatens to share explicit images of you unless you pay them money:
- Contact local police and internet service provider immediately. The police will take your case seriously, will deal with it in confidence and will not judge you for being in this situation.
- Don't communicate further with the criminals. Take screen shots of all your communication. Suspend your Facebook account (but don’t delete it) and use the online reporting process to report the matter to Skype, YouTube etc. to have any video blocked and to set up an alert in case the video resurfaces. Deactivating the Facebook account temporarily rather than shutting it down will mean the data are preserved and will help police to collect evidence. The account can also be reactivated at any time so your online memories are not lost forever. Also, keep an eye on all the accounts which you might have linked in case the criminals try to contact you via one of those.
- Don't pay. Many victims who have paid have continued to get more demands for higher amounts of money. In some cases, even when the demands have been met the offenders will still go on to post the explicit videos. If you have already paid, check to see if the money has been collected. If it has, and if you are able, then make a note of where it was collected from. If it hasn't, then you can cancel the payment - and the sooner you do that the better.
- Preserve evidence. Make a note of all details provided by the offenders, for example; the Skype name (particularly the Skype ID), the Facebook URL; the Western Union or MoneyGram Money Transfer Control Number (MTCN); any photos/videos that were sent, etc. Be aware that the scammer's Skype name is different to their Skype ID, and it's the ID details that police will need. To get that, right click on their profile, select ‘View Profile’ and then look for the name shown in blue rather than the one above it in black. It'll be next to the word ’Skype’ and will have no spaces in it.
DO NOT DELETE ANY CORRESPONDENCE.
Further help and support
Victims are often worried about reporting these offences to the police because they are embarrassed.
If this has happened to you and you're under 18 please talk to an adult that you trust. It may feel like there is no way out, but there are professionals who can help you. Please check out our useful links section with more support channels available.
Related Documents and Advice
How can I keep my child safe online? For more information about how to keep your child safe online, who can help and where you can report inappropriate, illegal or indecent images involving children, visit CEOP.
Get Safe Online – Get free expert personal and business advice on the Get Safe Online website.
Cyber Aware – Cyber Aware’s aim is to make good cyber security habits second nature, not an afterthought, for individuals and small businesses.
Scottish Business Resilience Centre - SBRC is a unique organisation comprising contributions and secondments from Police Scotland, Scottish Government, Scottish Fire and Rescue Service, major banks, industries, investors and private membership with the aim of providing businesses with a ‘one stop shop’ for business security and advice.