PHOENIX (KSAZ) - Hackers are using something called ransomware and are targeting not just huge organizations, but individuals as well. The malicious software can lock every document, bank statement, and personal photo on your computer. They hold it hostage until you pay a ransom.
Computer hackers around the globe are cashing in on our impulse to click by infecting computers with malicious software that sneaks into your computer and holds your files hostage for money. One Valley businessman is a victim; he clicked a work e-mail attachment that looked completely legitimate.
"As soon as nothing happened my heart sunk and I'd probably just become hit with some sort of spyware or malware," said the businessman.
Every one of his files was locked, from work documents to tax records, to hundreds of precious family photos. Paul's attackers demanded $500 to unlock his files, but hackers extort businesses for much more. In February ransomware took over Hollywood Presbyterian Medical Center with ransom set at $17,000.
Dr. David Bolman is the Provost of the Univeristy of Advancing Technology, a school in Tempe, AZ that teaches and studies cyber defense. Bolman says ransomware doesn't just infect computers. It can also take over your phone, tablet, or even your cloud backup service.
"It may be months between the moment that the software got into your system and when you turn that machine on and cannot get into your files," said Bolman.
The drawn out scheme is a cash cow for hackers. Last year FBI agents received almost 2,500 complaints about ransomware, and victims reported more than $24 million in losses. In just three months into 2016, that figure has jumped to over $209 million.
"2016 has seen a tremendous increase in ransom wear, and as long as the amount of money goes up they're making they'll keep doing it," said Bolman.
Hackers have several ways that they can put ransomware on your computer, and one is to send you an email that is pretty convincing saying it's a bank, and you need to update your contact information, you click on that link and boom now ransomware is on your computer. In another scenario, someone might present themselves as law enforcement and say you need to pay us, or we're going to prosecute you, and finally some hackers go so far as to put a pornographic video on your computer screen, and it plays out loud until you agree to pay them.
And Visa or Amex won't get you off the hook; most ransomware requires you to pay in Bitcoin, which is a digital currency that lets hackers stay anonymous. Technology expert Tishin Donkersley says Bitcoin can be an onerous multi-day deal.
"The value of Bitcoin can change over time, it fluctuates very similarly to the stock exchange, so when you go to transfer your dollars into Bitcoin the value can change, so that is why it's a little tricky," said Tishin Donkersley.
But not every victim chooses to pay, in fact, UAT Cyber Security Professor Al Kelly advises victims not to.
"The real problem with actually paying is that you don't know if they're going to unlock your computer or unlock your files just like any other criminal trust them to do what they say there gonna do," said Al Kelley.
Al says the best defense against ransomware is a good offense. Backing up personal files on multiple devices like a virus-protected cloud service as well as a detachable external hard drive. He also recommends buying anti-malware software and updating it regularly. And of course avoiding anything click-able that looks fishy.
"My best advice is don't ever click on a link, even if it's from a friend, and it's a cute kitten video, don't click on the link," said Kelley.
If you're targeted by ransomware, you should report it to the FBI's Cyber Division. Remember if you pay the ransom and get your files back, that ransomware program is still on your computer. You'll have to buy anti-malware software to prevent it from launching again.