Police warn of 'ransom' spam targeting UK users

Tens of millions of UK internet users could be at risk from "ransom" email spam seemingly sent from financial institutions.

The email has an attachment that looks legitimate but is malware that encrypts computer files.

If the attachment is opened, a displayed countdown timer demands a ransom to decrypt the files.

Small to medium businesses seem to be the target and the National Crime Agency says there is significant risk.

Lee Miles, deputy head of the National Cyber Crime Unit, says: "The NCA are actively pursuing organised crime groups committing this type of crime. We are working in co-operation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public."

The malware installs a piece of "ransomware" called Cryptolocker on computers running the Windows operating system. The ransom demands that the user pay two Bitcoins, a virtual currency, that would be worth £536 to release the decryption key.

There is evidence that some victims who paid got their data back but experts say there was no guarantee that payment would produce a key. Without the key there is no way to restore the encrypted data.

The NCA said it would never endorse the payment of a ransom to criminals and warns that there is no guarantee that the people behind the demand would honour the payments.

An NCCU investigation is seeking to identify the source of the email addresses used.

Computer users are being warned not to click on any suspicious attachments, to have updated antivirus software and to regularly back up files. If a computer is infected the advice is to disconnect it from the network and seek professional help to clean the device.

The NCA said that anyone infected with this malware should report it via actionfraud.police.uk.