CBS2 Exclusive: 'Ransomware' May Be Lurking In Job Resumes
NEW YORK (CBSNewYork) -- Something as innocent as a job resume could wind up wiping out everything on your work computer.
As CBS2's Carolyn Gusoff reported, resumes were pouring in to Doris Kennedy's real estate office when an email came in looking just like all of the others.
"We had an ad running on the Internet to hire for a secretary," Kennedy said. "It just said resume attached, so I didn't think anything other than that."
But after clicking on it, all of her business computer files went blank; word documents, spread sheets and photos had vanished.
Then a demand for ransom popped up in order to free her files, Gusoff reported.
"If I wanted to return those documents back to me or re-access them, I'd have to contact them and make a payment," she said.
"Congratulations," the pop-up taunted. "You have become a part of a large community Cryptowall."
It's malware that's running rampant across the globe and it's now tougher to crack than ever. It avoids anti-virus detection and can masquerade as a job resume.
The price to unlock can be up to $10,000 -- double if not made by a deadline, Gusoff reported.
Suffolk Leg. Tom Cilmi called the malware "extortion" and said a business owner's best protection is awareness.
"One click and their business is pretty much on stand by," he said.
The FBI and local police said they want to hear from victims. Suffolk County police are investigating Kennedy's case and are offering advice.
"Back up your files. If you have a back up to all of your files, then no need to pay the ransom," said Acting Suffolk County Police Commissioner Timothy Sini.
Kennedy, a chamber of commerce president, refuses to pay the ransom, but realizes the prices she may have to pay.
"It's just crazy that they can capture your files and hold it ransom and there's not much that can be done about it," she said.
Kennedy said she now realizes that if she had looked closer, she may have recognized the resume scam. It was sent to undisclosed recipients -- a mass mailing, not an individual looking for a job.
Criminals are difficult to track because they are paid with digital currency, officials said. The FBI estimates U.S. victims have been scammed out of more than $18 million with what they call "ransomware."
