Have you ever wondered what the most common crypto scams are and how to avoid them? Our “Hello Crypto Safety” series analyses trends and shares best practices to stay safe from these attacks.
In this episode, we focus on “ransomware scams,” which can be among the most common and dangerous types of attacks for an organization.
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only.
What are ransomware scams, and how do they occur?
A Ransomware scam occurs when the scammer pretends to have locked up a computer system and demands payment to release it. Ransomware scams are nothing new; in crypto, threat actors demand ransomware payments in cryptocurrency because they believe the payment provides them more anonymity. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data.
During ransomware, the scammer first either tries to access your system through a phishing scam or uses a weakness in your system to exploit it. During a phishing attack, they could, for example, send emails to you or your users containing malicious attachments or through drive-by downloading. Their goal is that a user unknowingly visits an infected website, and then malware is downloaded and installed without the user's knowledge.
Once they gain access to your IT systems, scammers lock them. For example, your web browser or desktop is locked with a message about how to pay to unlock your system. Another example is when your files have a new file extension appended to the filenames.
The scammer then asks for a payment in crypto to release your system.