We started seeing a new “FBI” virus about three weeks ago and it is apparently spreading like wildfire through the Shoals. We are up to about 5 victims per week and that number seems to be growing. This virus fills your display with an official-looking document that reads “Your PC is blocked for at least one of the reasons listed below” then goes on to warn you that the FBI knows you’ve been downloading illegal songs and distributing illegal porn.The computer’s start menu and all programs are rendered inaccessible. To make the scam even more scary the virus turns on your web camera and displays a video of whoever is sitting in front of the computer. This makes it appear that a video of you is being sent directly to FBI investigators.The FBI logo and banner at the top of the screen looks identical to the FBI website but when you look closely you can see discrepancies such as misspellings, and poor grammar.
The document demands that the user to go to a local convenience store (with CVS and RiteAid logos prominently displayed) to purchase a prepaid debit card worth $200.00. If you don't pay the fine within 72 hours, the FBI will evidently “deprive you of your liberty.” The victim is instructed to enter that debit card number card number into the proper field in order to unlock the computer. One of our clients actually fell for the scam, paid the “fine” and of course his computer was not unlocked as promised. Adding insult to injury, he then had the pleasure of paying me to remove the virus.
Many viruses try to scam people into giving up their credit card information to pay a bogus charge. Once the victim finds out they were scammed, they could call their credit card company, explain the situation and usually get the charges reversed. With this virus, there is no hope for that because you made a legitimate purchase of a debit card then gave the thieves that debit card number. Your credit card company will have no mercy on you for that level of gullibility.
My research for the source of this bug was inconclusive. Most of the material I read suggests that the virus arrives as an attachment in an enticing email message. If you open the attachment, you get your computer locked by the “FBI.” Other sources indicate it is a “drive by” virus that hops on your computer when you simply visit an infected website.
Removal of the virus is not terribly difficult for people who know their way around computers but is beyond the skills of most computer users. That is mainly because the computer is locked up and won’t allow the user to do anything to remove it by force. The usual precautions still prevail: Keep your antivirus and Microsoft updates current and your skepticism on high alert.