I have to admit that this is a new one to me. It’s an obvious extension of some other scams but I haven’t come across it before. One reason might be that it’s currently more prevalent in the UK than here. The UK, it turns out, is the testing ground for a lot of nasty stuff online.
It works like this: Your system gets infected because you click on an email attachment, click on a pop-up offering something, or visit an infected website. Suddenly you discover that every website you visit has a pornographic overlay. Or you start seeing pop-ups threatening to delete some of your data. Frequently there is a ransom demand to end the harassment, and, with the data deletion threat, a time-based threat (“Pay XX dollars within 30 minutes or we will start deleting data from your hard drive”). Sometimes the ransom demand is a relatively small amount of money – say $10 or so.
First of all, no matter what you do, don’t pay. Because no matter what they say, paying a ransom will not end it. If you pay them, the harassment and ransom demands will continue and the ransom amount will increase. The first line of defense is to break their connection to your computer as quickly as possible: In other words, disconnect from the Internet. You can do this with a firewall if you use one, or you can simply unplug the data connection if you use a wired connection, or disable the WiFi function through your control panel (find Network Connections in the Control Panel, right-click on the wireless network connection, select “Disable” and you are disconnected). If you can’t figure out how to do one of these quickly, turn off the computer.
Then you need to find the infection. If you turned off the computer, make sure it is not connected to the network before you reboot it. If you already have a good anti-virus/anti-spyware program installed, run a scan. If not, you can download one on another machine, copy the installation file to a flash drive, and then install it on the infected machine from the flash drive. Or you can take it to a good computer technician who will do it for you.
The important points here are (1) Don’t cooperate; and (2) Disconnect. Once you have done that you can fix the problem calmly. And remember, it’s just a computer. It wasn’t infected before this happened so it can be returned to that condition.
One more thing: Threats of deleting your data become much less threatening if you back up regularly. If you know that you ran an online backup the previous night, then no matter what they do to your computer, all you can lose is whatever was done in the few hours since the last backup.