Protect your computer from GameOver Zeus and Cryptolocker

At the beginning of June there were media reports on the risk of two malware issues: GameOver Zeus and CryptoLocker.

Gameover Zeus is malware aimed at stealing banking details and passwords from home and business computers. Once infected with this malware, a computer becomes part of a global network of infected computers known as a botnet. Criminals use botnets to carry out illegal activity — like sending spam and spreading additional malware, including Cryptolocker.

Cryptolocker is a form of ransomware which works by encrypting files on the victim’s hard drive and demanding a payment for the key to decrypt it.

An operation led by the FBI on 2 June disrupted the global network of infected computers, giving victims an opportunity to rid themselves of the malware and prevent future infection.

Almost 250,000 computers worldwide have been infected with Cryptolocker since it emerged in April and according to the FBI, it has so far been used to extort payments of more than $27m (£16m).

These increasingly sophisticated scams are delivered through phishing e-mails or directing users to a fake but genuine looking website.

Steps you can take to protect yourself

• Be on the lookout for unexpected, unsolicited or suspicious e-mail
• Never respond to or click on any link or attachment within such an e-mail
• Check the email address – Is it the same as the email address you usually receive emails from or just similar.
• You can hover your mouse pointer over hyperlinks (or buttons) to see the underlying website URL

Classic tell-tale signs from a phishing e-mail attempt

• Check the email subject line – anything along the lines of “There is a secure message waiting for you”, “Security Alert”, “System Upgrade” should be treated as suspect.
• Check the message title – if it reads ‘Dear Customer’ or ‘Dear Valued Customer’ or if isn’t personalised at all, then you should be suspicious. Phishing emails will not usually include your name.
• Be wary if the email asks you to click on a hyperlink or a button to download a file. Wording such as ‘verify your account or password’ or ‘update your security details’ should be viewed as suspicious.
• Banks, Royal Mail and HMRC will never ask for your details via e-mail
• Be suspicious of any message that creates a sense of urgency, such as ‘If you don’t respond within 48 hours, your account will be suspended’.
• Check the grammar and spelling for mistakes or inconsistencies.

What to do if you suspect you have received a phishing or scam e-mail

• If you do click on a link contained in a suspicious e-mail disconnect your PC or laptop from the network and try to clean it by installing malmare removal tools via a USB stick or CD.

Visit the Get Safe Online website for further advice and how to protect yourself.