We’ve all probably gotten alerts or warnings from time to time when we’ve gone to a site — maybe that we’re leaving a secured site to go to an unsecured one, or maybe it’s an Internet address that looks suspicious and could be a phishing scam.

So knowing that most people are concerned about not going to such sites, or unintentionally doing something that could be unlawful.  The scammers have turned this applaudable caution to their advantage.  Their latest scam is to use this caution to insert a variation of the Citadel malware on unsuspecting users’ computers.  The FBI’s Internet Crime Complaint Center (ic3)  has just issued a very helpful alert about the scam (July 13th; http://www.fbi.gov; “Scam Warning: Citadel Malware Delivers Reveton Ransomeware in Attempts to Extort Money.”)

How does it work?  The scam starts  by luring users to a fake website that has the malicious malware —malware that’s automatically downloaded to the users’  computer without their knowledge and certainly without their consent.  Once that happens, the computer screen freezes and a warning comes up saying that the user has violated U.S. federal law — the message says the user’s IP address has been identified as having visited websites with illegal content.  The message tells users that their computers will stay locked until they pay a fine of $100.00 to the Department of Justice using a prepaid card service.  The FBI alerts users that the “geographic location of the user’s IP address determines what payment services are offered.”  So the scam can, and will, differ depending on where the user is located.

This is a scary message and people might understandably want to undo anything they might have unintentionally done wrong. So people who follow the payment instructions risk losing several times over — money and their computer.  Why?  Because in addition to the ransomware, the Citadel malware continues to operate on the user’s computer and can be used to allow the criminals to commit online banking and credit card fraud.

The only message you should follow is the one we all know — don’t go to sites you haven’t verified!  If you do get this type of message, absolutely do NOT follow the payment instructions!

If you do get this type of message,  and have followed the payment directions, immediately take two steps:  one, go to the FBI’s ic3 website and file a complaint (www.ic3.gov); and two, contact your financial institution so it can on the lookout for suspicious activity in your bank accounts.

Don’t let being a law-abiding citizen help the criminals.