HS Logo

Scam tells computer users U.S. Department of Homeland Security has locked their computers, agency warns

The U.S. Department of Homeland Security reports increased activity concerning computer users receiving fraudulent messages claiming that their computers have been locked by the U.S. Department of Homeland Security and the National Cyber Security Division. The messages say users must pay a fine to unblock their computers. Some Missourians have received these messages.

According to DHS’s United States Computer Emergency Readiness Team (US-CERT), the messages are part of a scam and arrive after users have visited websites that have installed malware in their computers. According to media reports, the scammers usually demand a ransom of $300 to unlock the computer. The user may get an official looking message saying that the computer “has been locked due to suspicion of illegal content downloading and distribution.” The scammers may demand that the use pay the ransom by purchasing a prepaid card and transferring the value to them.

US-CERT and DHS make the following recommendations:
Users who are infected with the malware should consult with a reputable security expert to assist in removing the malware, or perform a clean reinstallation of their OS after formatting their computer's hard drive.
US-CERT and DHS encourage users and administrators not to pay the perpetrators and to report the incident to the FBI at the Internet Crime Complaint Center (IC3). Use caution when encountering these types of email messages and take the following preventive measures to protect themselves from phishing scams and malware campaigns that attempt to frighten and deceive a recipient for the purpose of illegal gain.

  • Do not click on or submit any information to Web pages.
  • Do not follow unsolicited Web links in email messages.
  • Use caution when opening email attachments. Refer to the security tips in Using Caution with Email Attachments for more information on safely handling email attachments.
  • Maintain up-to-date antivirus software.
  • Users who are infected should change all passwords AFTER removing the malware from their system.
  • Refer to the Recognizing and Avoiding Email Scams for more information on avoiding email scams.
  • Refer to the security tip in Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.