EMAIL SCAM Warning
Microsoft Australia's Chief Security Advisor has warned web-users to be wary of a virus called 'cryptolocker'.
James Kavanagh raised the warning after noticing a jump in the number of attacks over the past few weeks.
A cryptolocker usually disguises itself as an e-mail attachment or downloadable file, that when activated locks up a computer's files.
Once locked, the virus starts a count down and demands a ransom payment. When the countdown ends the unlock key is deleted, and the files locked forever.
Users should be wary of e-mails from online shopping sites.
In the lead-up to Christmas there is often an increase in online sales, and malicious executables like viruses are often disguised as e-mails from sites such as Amazon.
The viruses demand payment in a variety of forms - including digital currency like bitcoins.
The amount demanded varies between $100-$300.
The use of online currency makes it difficult to track those responsible for the attacks, because they operate through online exchange networks.
Anti-virus company Kaspersky has warned users that paying the ransom is no guarantee you will get your files back.
Experts recommend regularly backing up computer files, and keeping external storage (such as USB thumb drives) unplugged when not in use.
In some cases an anti-virus program may remove the virus after it has already locked some of the files.
When this happens, a desktop wallpaper is displayed telling users they need to download the virus again if they want to access their files.
There is no known way to recover files already encrypted by the virus.
One way to circumvent the timer is to roll back your computer's clock, which can trick the timer.
The virus also warns the user not to disconnect from the internet, or turn their computer off.
The virus often takes hours to lock files, and turning your computer off can be the first step in a successful defence.
Users are urged to run anti-virus programs immediately, which are often able to remove cryptolockers.
They cannot recover files.
There are programs that claim to prevent cryptolocker from working, but their effectiveness is uncertain.
Some of the criminals behind cryptolocker have eased ransom restrictions - but require the user to pay ten times the amount if they pass the deadline.
In order to 'facilitate' the ransom process, they even launched a customer service website.
The virus usually affects systems using older versions of windows, including windows 7, but a call has been issued for both Windows 8 and Mac users to be wary.