> VilmaTech Blog > Top 10 Ransomware Scams of 2013

Top 10 Ransomware Scams of 2013

PC users mainly in western countries, whose computer are frequently locked down by ransomware scams. People hate them because ransomware scams are capable of disabling major PC functions and imposing residual damages without being removed easily. Among victims, there are some simply scared by the counterfeit police warning message to submit the so called ‘ransom’ requested for cancelling the lawsuit that claims to put victims in jail unless the ‘ransom’ is collected. The amount of ‘ransom’ can be different from each ransomware scam, but it will not be lower than a hundred USD dollar/ Pound/ Euro. After a long-term observation, we have found that it is of a high rate to be infected with ransomware scams. A list of top 10 ransomware scams offered hereinafter, formulated according to the data (of April to August) from Google, aims at helping victims and wide range of PC users get to know better about them.

Top 1. FBI MoneyPak Virus

‘FBI MoneyPak virus’ is searched 9900 times in August, yet it is not the highest among the top 10 ransomware scams. FBI MoneyPak virus ranks as the top 1 because it occupies the highest average page view (9180 times) from April to August in 2013. FBI MoneyPak virus mainly targets PC users located in northern west and southern west United States (Chicago and New York particularly according to Google Trends), asking penalty that can be ranged from $100 to $500. In addition to the different amount of penalty, its interface can be different:

FBI Moneypak virus

There are also other versions of FBI MoneyPak virus. Due to limited space, we are not attaching its every interface. It is sufficient for people to recognize it as a scam virus by simply knowing its typical trick – sealing the whole computer screen, showing detected IP address, hijacking build-in camera, if any, and asking to submit the amount of money by using Ukash/ Paysafecard.


Top 2. FBI Cybercrime Division Virus


With an average page view of 7816 times , FBI Cybercrime Division virus earns the title of Top 2 ransomware scam; while its search volume in August is 2900. FBI Cybercrime Division virus was much more active several months ago mainly in northern west and southern west United States. The scam virus derives from ICSPA (International Cyber Security Protection Alliance) scam and is supported by Trojan Reveton. When threatening victims to handover the money which can be ranged from $200 to $500 with a jail time of 4 – 12 years, FBI Cybercrime Division virus is undertaking the evil conduct of forming a backdoor on the target machine, which would result in a computer mess even after victims successfully removed it. Victims still have to mainly deal with search redirect virus, Trojan, popup ads, toolbar virus.


Top 3. ICE Cyber Crimes Center Virus

People would like to address ICE Cyber Crimes Center virus short as ICE virus. It hits 7440 average page view to become the Top 3 ransomware scam virus. It has been aggressive from June to August with a search volume of 12100 in both August and June. ICE virus, belonging to MoneyPak virus category, asks PC users mainly in northern and southern west United States and seldom in United Kingdom for a fine of $300, $400 or $450 to unlock the computer. What makes it creepy is that the ICE virus defines a qualification time of 48 hours to submit the non-existent fine for counterfeit charges of the use or sharing of copyrighted files, the use or distribution of pornographic files, visiting the websites of terrorist groups and the development or distribution of virus programs.


Top 4. White Screen Virus

Trojan Reveton supportive white screen virus displays itself mainly in two ways: one is to show white screen when victims boot up the target machine; the other is to show white page when victims are trying to connect to the Internet. In other word, there are a webpage white screen virus and a computer white screen virus. White screen phenomenon is actually a ransomware scam. Due to some reasons, the ransom page can’t load a localized webpage properly, so the whole white screen/page is seen to be with a movable cursor and a keyboard with no response. Search volume of 6600 kept being seen from April to July shows that people in northern and southern west United States and the United Kingdom encounter the white screen virus often. There is a rise by 1500 in August, resulting in an average page view of 6900 times and helping white screen virus to be the Top 4 ransomware scam.


Top 5. Royal Canadian Mounted Police Virus (RCMP Virus)

As its name suggests, Royal Canadian Mounted Police virus mainly targets PC users in Canada (Toronto specifically), though it is another variant from ICSPA (International Cyber Security Protection Alliance) scam. There is a slight fall in the search volume in August. However, RCMP virus still ranks high in the Top 10 ransomware scam list with an average page view of 4640 times calculated from April to August. With the location changed, the currency for penalty changes to CAD accordingly which can be amount to CAD $100. Being supported by Trojan:W32/Reveton, Royal Canadian Mounted Police virus share the same payment methods which is Ukash and Paysafe card, claiming to direct victims to State’s account. While the valid period for such payment is the following 72 hours.

Top 6. Interpol Department of Cybercrime Virus

Interpol Department of Cybercrime virus is usually called by PC users as Interpol virus. It is not seen quite often until the recent 2 months in northern and southern west United States with a search volume of 5400 and 14800 respectively in July and August. We make Interpol virus a six place herein according to the average page view of 4282 times. Interpol Department of Cybercrime virus is so tricky that adds Paypal as one of its payment alternatives. However, it can be easily told to be bogus as it doesn’t specify the infringement of a law. As far as it has been found, Interpol Department of Cybercrime virus has two versions: one is Europe based which asks for a fine of £100 or €100 to be paid within 24 hours; and the other one is US based calling for $200.


Top 7. Department of Justice Virus (DOJ Virus)

On the solid basis of information reported by victims, streaming or watching pornographic content is the main reason to be affected by Department of Justice virus which is also widely called doj virus. With the ways for Department of Justice virus to affect computers expanded, it suddenly gets viral and is searched 9900 times, the biggest search volume, in August on the Internet for solutions by people in northern and southern west United States. However, it ranks in the seventh place for it possesses only 3940 average page view from April to August. The mostly seen version of Department of Justice virus is the one wanting $300. Whether it is wanting $300 or $450, Department of Justice virus would like victims to pay the fine through pre-paid card in an attempt to hold back victims from tracing money back when they realize Department of Justice message is totally counterfeit.


Top 8. Australian Federal Police Virus (AFP Virus)

Belonging to ICSPA (International Cyber Security Protection Alliance) scam, Australian Federal Police virus can be identified intrusive. It has been found to affect Mac a couple of times, but only blocks the access to Internet instead of the whole computer as the situations on Windows. Though ways are different, what Australian Federal Police virus displays is the same. It was firstly detected to ask for $100 AUD to get one voucher code in a bid to unlock a computer, but it has changed to $300 AUD for one voucher code recently. With the amount of made-up ransom getting higher, its average page view stands at only 2240 times and the search volume for Australian Federal Police virus from April to August stays steadily, but heads up a little to 2900 in August. According to Google Trends, people in Brisbane, Melbourne and Sydney are apt to be affected by AFP virus.

Top 9. United States Courts Virus

It has been found out that PC users in northern and southern west United States who download things randomly without checking out reputations beforehand are prone to be locked up by United States Courts virus, and the frequency is getting steeply higher in August with a search volume of 5400, while that of April to July are lower than 1000. It therefore contributes to a low average page view of 1660 times. The virus belongs to GreenDot Moneypak scam, yet it employs typical ransomware scam virus’ trick by asking for a fine of $300 to unlock the computer and avoid legal consequences such as imprisonment. Besides, United States Courts virus tells victims that all files are encrypted, thus successfully threatens that submitting the stipulated amount of fine is the only way to avert data loss.


Top 10. EUROPOL Virus


EUROPOL virus features itself as a web browser locker. It filches legal terms and regulations to convince that the counterfeit message is issued from EUROPOL CYBERCRIME CENTER. Appearing as a browser hijacker, Europol virus does the same as other ransomware scams do to the target computer such as opening up a backdoor to alleviate installations of other virus; disabling build-in services on the computer such as safe mode; cheating victims to hand over a feigned fine of 100 Euro to get Ukash voucher in a bid to avoid criminal procedures. There are not a little reports that Europol virus affects Mac in European countries. Intrusive as it is, Europol virus gains only a search volume of 2900 and is searched averagely 1250 times from April to August.

After we experts online find solutions to ransomware scams, hackers keep making new ones that are able to impose damages quicker, deeper and asking for more money. The above listed are the top 10 ransomware scams so far. We will continue to keep a watchful eye on them and update the list since we notice that PRISM virus soars high suddenly in August with a search volume of 2900 while zero in the past few months. It is also highly suggested PC users running Windows XP pay close attention to the top 10 ransomware scams because all functions of such operating system, most of the time, simply become inaccessible the moment a ransomware scam is seen. Though the situation seems hopeless, online-support professionals always have a way out. Do not fall into the trap or become desperate to submit the money in a hope to unlock the computer; otherwise, one will end up with nothing but money loss.


Comments are closed.

Latest Posts