New ‘Smash and Grab’ Ransomware Scam Claiming Many Victims

The BBC reported recently on a ransomware scam that had been brought to the attention of their radio 4 ‘You and Yours’ programme.

Unfortunately,   the scam dubbed ‘Maktub’ is making quite an impact at the UK's national fraud and cybercrime reporting centre ‘Action Fraud’ whose call centre is reported to have been receiving 500 calls about it daily from those affected.

A Dangerous Combination

The ‘Maktub’ scam involves sending a 'phishing' style email to the intended victim informing them that they owe £800 to a UK business or charity and that they can print an invoice by clicking on a link. Even if the recipient has not heard of the creditor’s business the email recipient is fooled into believing that the email may still be genuine because the recipient’s postal address is included in the email.

Once the link is clicked on, malicious software (ransomware) is released into your computer that instantly takes anything of value on the hard drive and encrypts it. The recipient is then issued with a ransom demand (bit coin payment) for the release of the information that increases with time the longer the ransom is not paid.

A website associated with the scam reportedly displays the rates at 1.4 bit coins ($580) for the first 3 days rising to 1.9 bit coins ($790).

Questions About The Postal Address Source

Even though the scam itself is proving to be very disruptive and costly, questions have been raised about the source of the postal address and its link with the name and email address.

While the finger of suspicion has even been reportedly pointed at eBay by some, a claim which eBay denies, many believe it is most likely that the perpetrators have simply obtained the data from a leaked or stolen database. This would of course also be better for the perpetrators because it makes them even harder to track down.

The scam has also caused distress to the charities whose names were wrongly and unlawfully used in the emails as the creditors.

What Does This Mean For Your Business?

The advice to everyone from Action Fraud is of course as follows :

If your business receives such an email, do not to click on the link under any circumstances, but to delete email from your system and to inform Action Fraud.

In order to protect your business from this scam (and other similar ones)  you may wish to, as part of an enterprise wide governance approach, employ a number of IT security strategies across the organisation. For example one way to eliminate the vital human error aspect of this scam is to use IT / Cyber security training.

Keeping up with anti-virus software, updates and patches are always important, and adopting national / international cyber security standards companywide could establish best practice that will leave you much less at risk of this and other types of cyber crime.

You may also wish to seek professional, specialist IT / Data / Cyber Security help and advice to plan, implement, execute and monitor an effective protection program.