New Trojan scam extorts money from Canadians with fake legal threats

The Right Click

Fraud investigators with the RCMP are warning Canadians of a new "Trojan" software that maliciously attempts to extort money from users through fraudulent legal threats.

"The Reveton Trojan, once downloaded and activated, causes computers to seize and display a fraudulent message purporting to come from the RCMP, CSIS, FBI or some other law-enforcement agency," CBC reports.

Reports of a purported legal message from CSIS earlier in the year became the first sign of the scam's presence in Canada. Once a user's computer locks, a pop-up message claiming the computer has been flagged for the downloading of child pornography appears on the screen. The user is then instructed to submit a $100 payment — via an online channel such as PaySafe or Ukash — in order to unlock the computer.

But the scammers appear to be evolving from their original scenario.

"More recently they've been claiming that the illegal behaviour the consumer is accused of is downloading music," says Daniel Williams, RCMP officer with the Canadian Anti-Fraud Centre in North Bay, Ontario.

[ More Right Click: Why you shouldn't write back to a 'phishing' attempt ]

Exacerbating the issue is the fact that paying the fee does not unlock the computer. In order to resume operation, an infected computer must stripped of the Trojan software, which may require the assistance of a computer technician.

Williams understands that an RCMP offer to unlock a purported child pornographer's computer in exchange for the $100 payment may seem far-fetched, but the scammers are banking on the initial shock of the criminal accusation to circumvent a rational response.

The "ransomware" variations of the Trojan software were initially spotted in Canada, the U.S. and various countries throughout Europe, according to the Finland-based security firm F-Secure.