SECURITY ALERT: RansomWare Disguised As False DHS Warning


This is a special notice from CERT that we have just been made aware of: Ransomware is back but under the guise of a false warning from the Department of Homeland Security.   For a review of what Ransomware is and how it works, you might want to read our past post on this malware.

So how does this new Ransomware work?

Users who are being targeted by the ransomware receive a message claiming that use of their computer has been suspended and that the user must pay a fine to unblock it. One iteration of this malware also takes a webcam (if available) photo or video of a recipient and posts it in a pop-up to add to the appearance of legitimacy. The ransomware falsely claims to be from the U.S. Department of Homeland Security and the National Cyber Security Division. – CERT

Reports of this particular nastiness are said to be occurring in the wild which means that this is  a malware that has been reported by at least two verifiable occurrences along with a sample submitted by Wildlist reporters (those with expertise in the field).


  • Don’t pay the ransom
  • Notify the FBI – Internet Crime Complaint Center
  • If infected by this Ransomware,
    • Contact a skilled professional OR
    • Reformat your Hard Drive and then  perform a clean reinstall of your OS.
  • Change ALL passwords after safely removing the malware from your system to STRONG PASSWORDS.  If its easy for you to remember, its easy for it to be hacked – socially or using hacking software.

Prevention Tips:

  • Don’t click on unsolicited links in email messages.
  • Reduce reliance on Email Attachments.  Instead use Google Drive inside a protected intranet and maintain strong password usage.
  • Maintain updated antivirus and malware software.  Scan frequently.
  • Don’t pass along email chain letters. Delete them
  • Log out of all instances online.
  • Review this CERT document on recognizing Email Scams
  • Review this CERT document on Avoiding Social Engineering and Phishing Attacks.  We’ve covered this information in past posts but its always good to go over it again.

You really don’t want this on your computer.  So be safe and obey the rules of the road on this one.

Speak Your Mind


This site uses Akismet to reduce spam. Learn how your comment data is processed.