The ingenuity of cybercriminals would appear to know no bounds. Hacker groups, forever devising perfidious new strategies to blackmail unsuspecting people with malware, are now even resorting to offline techniques to pressure their victims.
Of course, your best insurance against encryption attacks will always be a backup of your files. But hackers know that too.
If your files are being held ransom and you still don't come forward with the cash, then the hackers will assume you have backups. In this case, they may start ringing you up in person to make you worry about the safety of your backups, even if these are unaffected.
Since August this year, ransomware gangs have been cold-calling victims they suspect have backed-up data in an effort to sow doubt that their backups are safe, tech website ZDNet.com reports, citing anti-ransomware company Coveware.
The ransomware specialists believe various hacker groups are outsourcing these calls to one call centre of non-native English speakers.
Restoring your files from the backup is a waste of time, the hackers will tell the victim over the phone. The ransomware has long since taken control of your networked devices, they say, telling you the only way to get rid of them is to pay up.
"We continue to monitor and know that you are installing SentinelOne antivirus on all your computers," reads a transcript of one call Coveware shared with ZDNet.com.
"But you should know that it will not help. If you want to stop wasting your time and recover your data this week, we recommend that you discuss this situation with us in the chat or the problems with your network will never end."
Police and malware experts generally advise against being intimidated by blackmailers. Victims are generally advised never to pay money to the hackers, but to inform the police instead. Countless cases have shown that the victim cannot rely on the hackers to release the files after paying.
Anyone seeking technical assistance in encrypting their data should only trust reputable sources – such as the ID Ransomware project, which can often tell exactly which Trojan it is from an uploaded sample file. Knowing this is important if you want to start looking for an antidote.
One of the most important trusted archives that collects decryption tools and instructions is "No more Ransom", operated by Europol and IT security companies.
But be careful searching around online for help, as hackers have laid countless traps on the web. Other hackers are deliberately spreading fake decryption tools online. Download them, and you could be faced with yet another ransomware. – dpa