The federal court system is not holding your computer hostage.
If your keyboard locks up and the screen displays what appears to be a page from the U.S. Courts' website demanding $300 to unlock the machine and avoid criminal prosecution, you have a virus.
It's a case of "ransomware" — a scam to collect money from computer users, purportedly on behalf of government entities like the courts.
The page that pops up on infected computers has the same blue background as the official site, www.uscourts.gov, and the same eagle-and-olive-branch-crowned U.S. Courts logo.
But the red menu band across the top says, "Your computer has been locked." Underneath a fake criminal case number, it gives the supposed reason for the lock-down: "Illegally downloaded material (MP3's, movies or software) has been located on your computer."
It also says the downloading is a crime punishable by a fine of up to $250,000 and two years in jail.
Paying the $300 "release fee" will get your computer unlocked and "avoid other legal consequences," you are told, but only if you pay within 48 hours. If you don't, "the possibility of unlocking your computer expires" and "the criminal case will continue against you automatically," the page says.
It further states your IP address and host name and warns that all of your files have been encrypted and thus any attempt to unlock the computer on your own will result in the loss of all data.
Those scared into compliance are instructed to pay using Green Dot MoneyPak, a high-tech variation on a money order available at places like CVS and Walgreens. You pay cash for a code that is supposed to unlock your computer when you input it. But it doesn't, because it doesn't get rid of the virus.
On July 10, the Administrative Office for the U.S. Courts sent out an email with the subject line "Computer Warning Seeking Money is Scam," advising that the locked computers have nothing to do with the courts or any other federal agency but are the work of criminals.
U.S. Courts spokesman Charles Hall says the decision to notify the public was prompted by about a dozen calls that came in from people who wanted to know whether the courts were really responsible for locking their computers.
"We wanted to alert the public that this has no connection with the U.S. courts whatever," says Hall.
There was also a desire to provide advice on what to do, he adds. The notice provides a Department of Justice hotline, 202-353-0708, which informs callers that their computers have a virus created by criminals who are trying to get their money and that they should remove the virus and report the incident to the Internet Crime Complaint Center, www.ic3.gov.
Ransomware scams have proliferated since mid-2012 in the U.S. and elsewhere because MoneyPak and equivalent services have made it easier and safer for scammers to collect the "ransom," says Kevin Haley, the director of security response at Symantec, a provider of computer-security software.
Last year, there were about half a million attempts each day to infect the more than 50 million computers protected by Symantec and its sister company, Norton. The figure has grown to roughly 3.5 million per day, he says.
The threat in the U.S. initially featured a phony Federal Bureau of Investigation demand and keeps changing as people catch on or the scammers experiment with what is most effective at scaring people, with ransoms ranging from $50 to $500. Some variations of the virus turn on the webcam and display a captured image of the computer user on the locked screen, "like a little wanted poster," Haley says.
Victims pick up the virus by clicking on email attachments or visiting infected websites. Haley notes that 61 per cent of the websites that host malware are "legitimate sites that bad guys have broken into."
Software to rid one's computer of the virus is widely available on the Internet, including the Symantec site, but you need a second computer to download it since your own is not working.
While locking computers is now being used by criminals, a report released in May suggests use of a similar mechanism to defend against hackers and online pirates.
The Commission on the Theft of American Intellectual Property recommended software that would not only restrict access to files but lock down an unauthorized intruder's computer "with instructions on how to contact law enforcement to get the password needed to unlock the account."
The commission was co-chaired by Dennis Blair, the former director of national intelligence and commander in chief of the U.S. Pacific Command, and Jon Huntsman Jr., the former ambassador to China, governor of Utah and deputy U.S. trade representative.