A Traveler and his Cat exploring America.

Saturday, June 15, 2013

Scary Saturday - This Could Happen to You

This post is for those who don't know and may have the same experience as I did this weekend.  While doing research for my next trip I unknowingly wandered into some unsafe website.  My laptop got infected with a virus known as the Citaldel Malware FBI Anti-Piracy Warning MoneyPak Ransomeware.  In short your computer switches to a full screen very official looking notice from the FBI stating that you have been monitored by the FBI and caught doing any number of the several listed illegal activities on your computer ranging from downloading pirated music or videos all the way to viewing child pornography.  Your computer use is being suspended by the FBI and you are to pay a fine (mine was $300) by using the MoneyPak payment method, which then your computer will be re-opened.  It tells you where to go (Rite Aide, Walgreens, Wal-Mart etc) to purchase the card, then enter the card code number on the site to pay your fine.  You have 72 hours to pay or legal steps will be taken for criminal prosecution.  There is no way to exit this screen, no toolbar, nothing.  All you can do is shut off your computer manually.  Turn it back on and there is the FBI warning once again, complete with your name and Internet server ID.  Your computer is locked out.

I sat there thinking what the Hell have I done?  "I didn't do anything wrong" or did I?  "$300!" My first thought was my wife is going to be pissed when she gets home.  I went to check my travel laptop and it was fine so I thought about it for awhile, sweat building, that at least the FBI didn't shut down the entire service to our home.  Slowly it all didn't figure.  Why just my laptop instead of the whole ISP for this home?  Like most things I don't understand, I Googled it - "Can the FBI fine you for..." and there it was - a SCAM!  There is lots about this on the web, including YouTube videos on how to fix things.

After hours of research and repeated efforts I was able to get my laptop working in Safe Mode, do a restore point and get it functioning again.  I ran my malware program and it deleted two Trojans and things seem to be okay.  I am concerned about passwords and doing any buying or paying bills with this laptop and am still trying to find out if that remains a risk.

So Blogger friends, take a few minutes of your day, Google this and make yourself aware of this virus and what to do.  Fortunately I had a second non-infected computer to research with.  But those who have only one computer and don't know what to do are in a big fix.  It is a worldwide virus which takes different forms in different countries.  The US form (FBI naturally) has been really taking hold since April 2013.  The worst part is many people have been paying this money for they were in fact doing something shady to begin with and thought they actually got caught or they are innocent people who are simply scared.  We all know how the government is really getting into the George Orwell 1984 mentality lately so why not think this is for real?

Incidentally, I couldn't put an image of what my screen looked like for those on the internet failed my virus scan, but the one above is similar.  ALSO, if you come across a site telling to download their "Spyhunter" (that was the name) to remove this Ransomeware, DON'T!.  It is another virus.  Always Google "Is 'blank' safe to download?" before clicking any buttons.  Be safe and investigate first.

Spread the word to your friends and family.


TexWisGirl said...

saw this very scam talked about on the news yesterday. glad you got yours fixed.

the quote on the news program was, 'the fbi will never inform you via computer that you are being investigated for something illegal. they will knock on your door.'

Red said...

Thanks for your very informative post. The more people who know about this scam the sooner it may not pay dividend and the will get lost.

Jo's World said...

This kind of thing just makes me sick, John. I am happy that you got rid of it, but I would almost be inclined to take it to my repair guy to make sure EVERYTHING of it is OUT.

Can we ask what direction your next trip is taking you and when?



Fun60 said...

Thank you for taking the time and trouble to inform us of the scam. Glad you managed to restore your settings but doubt that i could.

MarkD60 said...

What antivirus program do you use? I use Avast. For anti spy I use Malwarebytes and Spybot Search and Destroy. Spybot lets you immunize your system to prevent things like this from happening.
All three are free.

Felicia said...

Sorry this happened to you John. Glad you got it fixed...to a degree anyway.


Laura Delegal - Leroy Photography said...

Thanks for the info. I know how frustrating it is, but you seem to have handled it well.