Case 1: I was searching internet and then received a message saying Samsung phone was in lockdown for looking at porn and i was asked to send email to them to have it unblocked. After that, i recieved email saying I have to pay $300, or my bank account and credit cards will be frozen and I can go to jail.
Case 2: Hi,i was on my iPhone and i got locked out of my brower. How do i stop it from locking me out? It says i need to pay a $300 fine randomly because i violated a pornography law.It says i need to send a message to a number with a prepaid card code in it.
In essence, the message of paying $300 to a number through paypay or a prepaid card is a piece of ransomware developed by the cybercriminals to steal money from the victims.This nasty ransomware can attack various systems including diffrent versions of Android and iOS. So phones and tabletswith these systems can be targeted by this virus. There are many different variants of this ransomware prevailing in different nations. The most popular ones include the FBI prism scam, Police-mobile-block.com alert, Metropolitan Police Warning, UKjustice@europe.com unreal notice, “Cannot Open Page” popup, Cybercrimegov@post.com message, Federaljustice@australiamail.com blackmail, police-block.site website etc. circulating in such countries as USA, UK, Australia, NewZealand and so on.
There some common traits that can help identify this scam virus. These traits are concluded based on a close study of many variants of the ransomware. They have been proved to be effective and efficient to fight against the ransomware. First of all, it usually pretends to be a law enforcement authority of the targeted country to drive the victims so nervous as to hurry to pay an unreal fine to the cybercriminals. The FBI agency is the authority the FBI prism virus prevailing in USA tries to pretend to be; the UKjustice@europe.com unreal notice wants to disguise itself as the UK justice; While the Federaljustice@australiamail.com blackmail claims itself to be the federal justice department. No matter whether the victims have viewed illegal pornography or not, they are all threaten to pay an imaginary penalty to resolve the issue. If not, the law enforcement agencies will take legal action to put them into prison. To make it look real, the ransomware often steals logo and other marks of the agency to present together with the threatening text. Although all this is just a trick the ransomware uses to fool the victims into paying, many honest users have fallen for the line. They end up hurrying to make the payments without the problem fixed. So when you come across the message of paying $300 to a number through paypal or a prepaid card, whoever it claims itself to be, no matter how real it looks, you should stay calm all the time and never make any payment therefore. The accusation is not real, there is no lawsuit against you. It is just a trick of such a ransomware to rip you off.
Secondly, the virus is difficult for ordinary users to get rid of. For some variants, they block the whole device of the victims. The user of the infected device can do nothing with the infected device without get the virus deleted. The FBI prism scam can be the typical example of such variants. The victims of the FBI prism scam can’t even power off or restart the device, not to mention running an antivirus program to remove it. Even though the attacked device has been managed to restart successfully in some way, by taking off the battery, for example, the virus will show up to block everything as soon as the device is back on. The FBI prism scam virus often targets devices with android system like Samsung, LG and Motorola phones or tablets. In some cases, the ransomware works only to block the web browser of the victims. Such variants include UKjustice@europe.com unreal notice, “Cannot Open Page” popup, Cybercrimegov@post.com message, Federaljustice@australiamail.com blackmail, police-block.site website etc. These variants are often found on the Safari web browser of Ios devices such as iPhone and iPad. Although the victims of such variants are allowed to use other features of the device except the internet access using Safari, the ransomware can’t be removed in ordinary way by ordinary users completely. And it is believed the virus is left without disposal in time, more serious damages and losses may be brought about. Undoubtedly, the ransomware needs to be completely removed. While it is unwise to pin your hope on the hackers by paying the unreal fine. Many victims report that they make payments as the ransomware requires. But the virus stays all the time. The problem can’t be resolved by paying the hackers. In fact, the ransomware can’t be deleted completely at lower cost by an experienced expert of a legit company in a safe way. Therefore, if you can’t handle the problem to unlock the device, you should turn to an expert in a legit company for help rather than anchor your hope on the cybercriminals.
Finally, the ransomware requires payments through prepaid cards like iTunes gift cards, Moneypak, Ukash and Green Dot. These payment methods are favored by scammers because they are irreversible and untraceable. It makes impossible for the victims to take legal action against the hacker when they find the accusation is just a scam and protect the cybercriminals from being brought to justice. Hence, never try to take chances to resolve the problem by paying the nonexistent penalty. Or you will face financial losses without getting nothing fixed.
Screenshots of Variants of the Ransomware
It will take control of your mobile phone or tablet rapidly once it is downloaded.
It will pretend itself as a legit warning and then ask for a ransom.
It will not allow you to call, text or even access your home screen on the infected device.
It will not let you power off the device or do anything else except for inputting the demand Ukash/Moneypak code.
Remove the ransomware on iOS devices (“Cannot Open Page” popup as example)
We used to think that Apple iOS gadgets were well immune to viruses and malware programs. Unfortunately, over the past years, hackers have turned their attention to our iOS mobile gears. Usually, the introduction of the “Cannot Open Page” popup virus can be completed in a short time. And as soon as infection, it pops up immediately to lock your iPhone or iPad without signs if you visit a phishing site, open a junk e-mail attachment, click on an unknown link or download an application from an unsafe source. In addtion, your devices will be easily infected by this virus after jailbreaking of the system. As to the removal of the “Cannot Open Page” popup, manual removal performed by the expert in this field proves to be the only effective way to get rid of this scam virus.
Remove the ransomware on android devices(the FBI prism scam on Samsung device as example)
Once your phone or tablet is blocked by the FBI prism scam, you will have no access to its home screen. Thus, you need to bypass this FBI prism scam block and then you have the chance to locate the scam on your Android device. Here are some instructions on bypassing this FBI prism scam on your phone or tablet.
Step 1: Restart the safe mode on your infected phone or tablet.
For Samsung Galaxy S4: 1. Power down. 2. Turn on and repeatedly tap the soft-button for “Menu.”
For Samsung Galaxy S3 and others: 1. Power down. 2. Turn on, then press and hold Volume Down (Galaxy S3 and others), Volume Up (HTC One and others), or Volume Down and Volume Up together (various Motorola devices) when the vendor’s logo appears.
Note: “Safe Mode” on Phone and tablet starts up without loading any third-party add-ons and different devices have different ways to access safe mode.
If you have managed to select Safe Mode successfully, you will see the text “Safe Mode” at the bottom left corner of the screen. As the picture shows below:
Step 2: If you can find “Safe Mode” on the left hand corner, that means your phone or tablet is in safe mode already, then you can contact an expert for further ransomware removal instruction.
Note: The ransomware removal guide is so complicated, and it requires sufficent skills. If you are not an Android device repair expert, do not try by yourself. In case you lose your confidential data and photos, an expert is needed during the process of manual removal. Yoocare/Yoosecurity experts can provide you with the most professional service of the ransomware removal.
The message of paying $300 to a number through PayPal or a prepaid card is undoubtedly a ransomware the cybercriminals design to rip off its victims. There are three traits for your reference to identify this ransomware on your device. First, it disguises itself as a powerful law enforcement agency to threaten you to pay nonexistent penalties for viewing illegal pornography. It threatens to put you into jail if you refuse to pay. Secondly, it will block your web browser like Safari on Ios devices or lock the whole android devices. You can’t unlock or unblock the devices unless the virus is completely removed. Finally, it asks to pay fines through a prepaid card like MoneyPak which is irreversible and untraceable. If you find the warning message on your device, you should calm yourself down and turn to an expert in this field to properly handle it. Either antivirus tools or payments made as the ransomware requests can’t solve the problem. Manual removal is by now the most effective way to deal with this virus. To completely get the warning message off iPhone or iPad, you can contact YooCare PC experts 24/7 online for help right now.
Published by Sarah Poehler on April 7, 2017 8:01 pm and last modified on April 16, 2017 3:21 am.