Results 1 to 10 of 10

Thread: Ransomware

  1. #1
    Gold Member Houses4Rent's Avatar
    Join Date
    Mar 2014
    Location
    Cape Town
    Posts
    803
    Thanks
    8
    Thanked 56 Times in 52 Posts

    Ransomware

    Hi

    Got one of these ransom emails. Does one has to take them seriously or are most of them a hoax?

    Even if one pays they the just can keep doing it?

    What do I do?
    Houses4Rent
    "We treat your investment as we treat our own"
    marc@houses4rent.co.za www.houses4rent.co.za
    083-3115551
    Global Residential Property Investor / Specialized Letting Agent & Property Manager

  2. #2
    Diamond Member Mike C's Avatar
    Join Date
    Apr 2012
    Location
    Umkomaas
    Posts
    2,850
    Thanks
    249
    Thanked 371 Times in 327 Posts
    Tell us more. I have not heard of Ransomware using emails (other than installing the program on your computer via an infected email). Usually the first you know about it is when your computer is frozen and a ransom is demanded to "unlock" the computer.
    No act of kindness, no matter how small, is ever wasted. - Aesop "The Lion and the Mouse"

  3. #3
    Gold Member Houses4Rent's Avatar
    Join Date
    Mar 2014
    Location
    Cape Town
    Posts
    803
    Thanks
    8
    Thanked 56 Times in 52 Posts
    I have no experience. They send me an email saying that they have compromising info from internet activities and all my contacts etc. If I do not pay they will send this compromising info to my contacts.
    Weak, I know, but I have no clue. Nothing is frozen.
    However, yesterday my PC was rather slow and I could hear it being unusually. Then one website tap changed to big red screen allegedly from Microsoft saying that machine must not be reset etc as its infected and resetting could do more harm. It gave some telephone number to call. It froze my browser too. I ignored all this and restarted and all was ok again. So that in combination with that email makes me a bit wary.
    I ran AVAST and Malware Bytes and they found nothing.
    Houses4Rent
    "We treat your investment as we treat our own"
    marc@houses4rent.co.za www.houses4rent.co.za
    083-3115551
    Global Residential Property Investor / Specialized Letting Agent & Property Manager

  4. #4
    Gold Member Houses4Rent's Avatar
    Join Date
    Mar 2014
    Location
    Cape Town
    Posts
    803
    Thanks
    8
    Thanked 56 Times in 52 Posts
    Can an email delete itself and not show in the TRASH either? It vanished, unless I misfiled it by accident, but that is rare.
    Houses4Rent
    "We treat your investment as we treat our own"
    marc@houses4rent.co.za www.houses4rent.co.za
    083-3115551
    Global Residential Property Investor / Specialized Letting Agent & Property Manager

  5. #5
    Diamond Member Mike C's Avatar
    Join Date
    Apr 2012
    Location
    Umkomaas
    Posts
    2,850
    Thanks
    249
    Thanked 371 Times in 327 Posts
    That is nasty. That is blackmail rather than holding you to ransom. The trouble with blackmail is that one can never be sure whether it will end or not.

    I would suggest the following should give some indication of whether it is a hoax or not:

    First, is there anything in the email that demonstrates they know anything personally about you?
    Is it addressed to you by name?
    Is there any specific detail about the nature of the compromising information.

    If a hacker wanted to truly scare you or blackmail you I would expect him/her to show you a compromising screen capture to prove that this is real.

    The other indication is what shows up once you run an antimalware tool - which you have already done. Although they are not perfect the better ones should pick up some kind of threat.
    No act of kindness, no matter how small, is ever wasted. - Aesop "The Lion and the Mouse"

  6. #6
    Gold Member Houses4Rent's Avatar
    Join Date
    Mar 2014
    Location
    Cape Town
    Posts
    803
    Thanks
    8
    Thanked 56 Times in 52 Posts
    Hi Mike, tricky indeed.

    Its worded in a way which sounds kind of personal, but could be applicable to many and therefore generic. So it might as well be a bluff.
    No name is mentioned, but here are some elements.

    >my program makes a remote desktop supplied with keylogger function from the device , so I could get all contacts from your e-mail, messengers and other social networks. I've chosen this e-mail because It's your working address, so you will check it.
    >I put the special tracking pixel in it, so when you will open it I will see.
    >If ya want me to share proofs with ya, reply on this message and I will send my creation to five contacts that I've got from ur contacts.
    >P.S... You can try to complain to cops, but I don't think that they can help, the inquisition will last for several months- I'm from Ukraine - so I dgf LOL

    They want 460 usd and gave a bitcoin wallet. I would not even know how to pay that even if I wanted to which I don't.
    As I said the email vanished by itself, but luckily I passed it on to the the relevant domain registration (abuse@godaddy.com) so I had a copy in my SEND folder.
    All seems to be in USA, so the claim that they are in the Ukraine does not match, but I guess the sending domain is probably not the real one. The bad English and "usd" certainly would not point them to the USA.


    Date: Wed, 20 Jun 2018 6:58:20 +0800
    From: Aya Recalde <order@vietinfo360.com>
    Organization: ghulvwtey

    I found the senders address here, but have no idea what it means:
    Code:
    https://support.clean-mx.com/clean-mx/publog.php?sort=lfdnr%20ASC
    Code:
    www.vietinfo360.com
    times out, so does not seem to exist



    Has anyone here been in such a blackmail situation?
    Last edited by AndyD; 20-Jun-18 at 07:22 PM. Reason: BB edit to prevent URL's parsing to hotlink.
    Houses4Rent
    "We treat your investment as we treat our own"
    marc@houses4rent.co.za www.houses4rent.co.za
    083-3115551
    Global Residential Property Investor / Specialized Letting Agent & Property Manager

  7. #7
    Site Caretaker Dave A's Avatar
    Join Date
    May 2006
    Location
    Durban, South Africa
    Posts
    22,648
    Thanks
    3,304
    Thanked 2,676 Times in 2,257 Posts
    Blog Entries
    12
    While the claimed sending domain is easily forged, quite often the perps don't go to the trouble of tampering with the timezone of the sending device.

  8. #8
    Full Member sneakie's Avatar
    Join Date
    Sep 2011
    Location
    midrand
    Posts
    45
    Thanks
    5
    Thanked 12 Times in 8 Posts
    Go to http://antivirus.com and run Trends HouseCall for Home Networks. That will check your PC for any nasties. We process about 8000+ mails a day and I have Trend cleaning out all the nasties before they even get to our users. Does ransomware as well.

  9. #9
    Gold Member Houses4Rent's Avatar
    Join Date
    Mar 2014
    Location
    Cape Town
    Posts
    803
    Thanks
    8
    Thanked 56 Times in 52 Posts
    Thanks, I installed it. It tells me:
    Turn off all your devices before scanning
    I only have a desktop. What must I switch off then? The router?
    Is that really going to find these things if it only looks at devices?
    Am I blonde?
    Houses4Rent
    "We treat your investment as we treat our own"
    marc@houses4rent.co.za www.houses4rent.co.za
    083-3115551
    Global Residential Property Investor / Specialized Letting Agent & Property Manager

  10. #10
    Full Member
    Join Date
    Jul 2017
    Location
    Limpopo
    Posts
    56
    Thanks
    14
    Thanked 8 Times in 5 Posts
    If all else fails - or after scanning with standard windows based antivirus programs and you still have doubts, try the AVG Rescue Disc.

    It is a good idea to make one of these for future emergencies anyway, in case a virus ever crashes your Windows.

    It is a free download to create a bootable USB stick or CD. When starting your computer with this inserted it actually boots with a simple Linux OE on the stick or disc, which then allows you to do a full scan of your computer before Windows loads, allowing a scan of the bios and all of Windows.
    Some viruses that get into your system while your antivirus is outdated or disabled for some reason, can avoid detection as they load before Windows does.

    It sounds a bit daunting at first, but if you watch the basic "how to" videos on You Tube first it is actually quite easy to do.

    You can get the download here https://www.avg.com/en-ww/download.prd-arl

    And watch the how to vids here https://www.youtube.com/watch?v=fGX-592qty8

Did you like this article? Share it with your favourite social network.

Did you like this article? Share it with your favourite social network.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •