A new online scam that freezes computers with a message purportedly from RCMP and associating users with child pornography has moved across the world and into North America.
RCMP issued a warning about the new computer virus after receiving 200 reports since February of the malware attacking Canadian residents.
The "ransomware," which in recent years had been contained to Russia and nearby countries, freezes the computer and creates a pop-up message - claiming to be from the RCMP or other government agencies - informing users that their computer is associated with child pornography or illegal music downloading and demands a $100 payment to unlock the computer.
The mention of child pornography often shocks victims who rush to pay the ransom through an online payment service called Ukash. The illegal activity accusation mixed with a fake message from law enforcement scares people, said Sgt. Stephane Turgeon of the RCMP technological crime unit.
"People think it must be true and they'll be charged so maybe they should send the money right away," Turgeon said. "These messages are scams - never send money to somebody you don't know. RCMP and the government do not ask for money in this way."
RCMP have received one report of the scam in Saskatchewan. The malware is probably more widespread in Canada than the 200 reports to RCMP since it is likely many more people with affected computers have not reported the incidents, Turgeon said. People should not hesitate to report the scam since it could help the RCMP investigation, he added.
Investigations into computer scams are difficult because technology allows suspects to conceal their actual location through proxy servers in different countries and the malware's computer code changes often, Turgeon said.
"These are highly complex investigations involving international jurisdictions," he said. "The best way to investigate is through old-fashioned police work through interviewing witnesses and following tips."
The attacks appear to originate in eastern European countries, Turgeon said. The first widespread use of the malware happened in Russia several years ago, but has since moved across Europe and now North America.
The malware attacks out-of-date operating systems so computer users should make sure their operating systems and anti-virus and firewall software are running with the latest updates installed, Turgeon said. If you have an infected computer, take it to a technician who can remove the malware.
People can report incidents of the "ransomware" to the Canadian Anti-fraud Centre at 1-888-495-8501.
