The government has warned web users to be on their guard against phishing emails that purport to come from the Home Office or Ministry of Justice, but actually contain the nasty TorrentLocker ransomware.
The emails contain a link or attachment that claims to be about an upcoming ‘court case’. But if clicked it begins a download of the TorrentLocker ransomware, which then encrypts all the data on a machine, rendering it unusable to the owner.
The virus then requests a payment, often in bitcoin, to have the files decrypted.
The City of London Police’s National Fraud Intelligence Bureau first uncovered the phishing scam and alerted the government.
The Home Office said that it “does not send unsolicited emails and will not ask for personal information or passwords in an email”, and urged people to be vigilant when receiving emails claiming to be from government departments.
“You can check the security of a website by ensuring that the web address uses ‘https://’. All links in emails from the Home Office will be to a government service on a .gov.uk domain and will use https,” it said.
“Alternatively, do not open attachments in emails you deem suspicious and do not reply to emails soliciting personal information.”
Sending emails pretending to come from government departments is a favourite trick of crooks. HM Revenue & Customs is often used as a source for phishing emails, as crooks try to dupe web users into believing that they are due a tax rebate.
Another recent phishing scam targeted online banking customers in the UK with the notorious Dyre malware by claiming to be from a tax accountant.
Customers of Barclays, Santander and Lloyds TSB were all targeted, and nearly 20,000 malicious emails were sent over a three-day period at the start of the month.