The European Cybercrime Centre (EC3) is Europol’s cybercrime division that does good cross-border work across Europe, but scammers are using their name to try and trick users into paying a bogus fine.
People have reported having a warning page purporting to be by Europol, either as a full-screen popup/pop-under or as a page takeover which warns:
All activities of this computer have been recorded. All your files are encrypted.
The page is actually either a popup advertisement or an ad injected where users have been force-forwarded to the page by an unscrupulous ad that is targeting file sharing and adult websites. It is preying on the idea that users may see the page soon after illegally downloading a song or movie, or watching some porn, and they will be conned into paying to get out of the situation.
The warning goes on to say:
All your files are encrypted to prevent their distribution and use. Due to violations of the law, your browser has been blocked because of at least one of the reasons below.
- You have been subjected to violation of Copyright and Related Rights Law
- You have been viewing or distributing prohibited Pornographic contents
- Illegal access has been initiated from you PC
User are then presented with the option to pay £200 (payable by Ukash) to get away from these legal threats and to unlock their PC, with the threat reading:
To unlock you computer and avoid other legal consequences, you are obliged to pay a release fee of £200, payable through Ukash (you must purchase the Ukash card and enter the code). You can buy the card at any store or gas station, payzone or paypoint
The page we saw came from the URL (don’t click):
http://europol.europe.eu.id942218557-3990674006.h4420.com/?flow_id=7917&404231=18971/case_id=74295
Whilst this may look like europol.europe.eu at first glance, the domain of the page is actually h4420.com, a domain which is registered with a user privacy firm based in China. The IP address for the webpage itself is actually in San Francisco in the US, but with the Chinese user privacy I would imagine the fraudsters are based in China.
Now, it should be quite clear that if you have been caught downloading illegal content, then the police do not offer a “get out of jail free” card for a small fine and this is a fine. Ukash is one of the digital money operations that does not have such strict requirements for people to sign up, and it is extremely difficult for the police to track where these payments go once they go outside the EU or US.
Obviously we do not condone illegal downloading, but similarly don’t end up getting conned out of your money by some internet fraudsters purporting to be the law. Whilst this page may look scary and does stop you closing the browser tab or window – your computer has not actually been locked (unlike some scams which are doing the rounds), and a quick Ctrl+Alt+Delete to close your browser will work just fine.