13 March 2013

AFP scareware attacks on the rise

On 6 March 2013, SCAMwatch issued the following information:

SCAMwatch is urging people to continue to be alert to a scareware scam where scammers posing as the Australian Federal Police (AFP) try to scare you into handing over money to regain control of your computer.

A SCAMwatch alert on this scam was previously issued in October 2012, yet contacts to the ACCC have continued to increase since the beginning of the year.

This scam involves internet users finding that their computer has been frozen, with a pop-up alert appearing on their screen. The alert claims to be from the AFP and states that the user’s computer has been locked because they have visited an illegal website or breached various laws. The scammer claims that they will unlock the computer if a fee is paid.

The AFP does not solicit funds and this message is not associated with the AFP in any way.

Don’t let a scammer ransom you – if you pay, you are not guaranteed that you will regain control of your computer and there will likely be significant data losses once the virus is removed or computer unlocked.

How these scams work

  • You visit a website or receive an email that scammers have infected with scareware.
  • Out of the blue, your computer freezes and you receive a pop-up alert from what appears to be a reputable authority such as the Australian Federal Police. The alert may include a police logo to make it appear legitimate.
  • The alert states that your computer has been frozen because you have violated a law or visited an illegal website. Common claims made by the scammers are that you have violated laws around privacy, copyright or child pornography.
  • In order to unlock the computer, you are instructed to pay a ’fine’ – usually $100 or $199 – using a prepaid money service. These services involve you purchasing a money voucher from a store, which can then be used to make online payments.
  • If you pay, the scammers may or may not unlock your computer. Even if you do regain access to your computer, malware may continue to operate so that the scammers can use your personal and financial details to commit fraud.

Protect yourself

  • Be wary about which websites you visit and do not open emails from unknown senders – emails may contain malware and some sites may automatically download malicious software on your computer.
  • Before you download a file, make sure it is from a reputable source. If the file, is a program (for example, if the file name ends with .exe) make sure you know exactly what it will do.
  • Always keep your computer security up to date with anti-virus and anti-spyware software and a good firewall. Only buy computer and anti-virus software from a reputable source.
  • Be careful what you store on your computer – if a scammer gains access to your personal data, they can use it to steal your identity and your money. If you think your computer has been infected, contact your bank or financial institution immediately and change your passwords.
  • If you receive a pop up alert and are unable to perform any functions on your computer, it may have been infected and you might need a computer specialist to remove the malware. If you are able to perform some security functions on your computer, use your security software to run a virus check.
  • If you have received this scam, unfortunately your computer’s security has been compromised. Even if you have managed to regain control of your computer – whether by your own means or by paying the scammer – it could still be infected with malware. Use your security software to run a virus check but if you have any doubts, contact your anti-virus software provider or a computer specialist.


You can report scams to the ACCC via the report a scam page on SCAMwatch or by calling 1300 795 995.

More information

The original post from SCAMwatch is available on its website.

Stay Smart Online has previously issued information about ransomware from CERT Australia, as well as warnings that these types of scams will increase in 2013.

Information provided by SCAMwatch

ACCC logo


Thank you to those subscribers who have provided feedback to our Alerts, Advisories and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.


This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

Host of subscription service

The Commonwealth has engaged Ladoo Pty Ltd to host the Stay Smart Online Alert Service. All URL links should show the domain send.ladoo.com.au at hover over. URL links related to the administration of the service ('View online', 'Update your profile preferences' and 'unsubscribe') should direct you to web pages hosted by Ladoo Pty Ltd.


Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] dbcde.gov.au
Web:  www.staysmartonline.gov.au
You are receiving this message at the address robert.novelli [at] communications.gov.au.
Update your profile preferences
If you no longer wish to receive the SSO newsletter, you can unsubscribe.

© 2012 Australian Government. All rights reserved

Connect with Stay Smart Online