Cybercriminals locking you out from your computer, collecting ransoms

HOUSTON (KTRK) -- It's a crime that's been making the rounds for a while, but now there's a new twist. Cyber criminals are gaining access to your computers and encrypting files, locking you out, unless you pay a ransom. In some cases, costing victims thousands. But there's a way to protect yourself.

IT Expert and private investigator Colman Ryan says, "I'm seeing a small ransom for a one-computer network. I'm seeing large ransoms for large networks."

Ryan says he's been getting a lot of calls lately about a unique cybercrime. Julia Armstrong fell victim after she got what she thought was an email from a friend.

"I opened the file and there was a button that said enable macros, and I clicked it" Armstrong told us.

A macro is a series of commands grouped together as a single command, to accomplish a task automatically. Sometimes used by cyber criminals to open a backdoor to your computer, it could allow them lock out everything on your hard drive, and that's exactly what happened to Armstrong.

Armstrong said, "I had school work. I had photos of my son from when he was born till now."

She could not access anything unless she paid up. Ryan says they're going after large scale networks as well, including health care organizations and municipalities, It's happening in the corporate world too. Employees believe they're opening an email that contains an invoice or purchase order. Email instruction informs the recipient that there's extra security and macros need to be enabled to view the attached file. Ryan says once that happens, it's game over.

"Previously with these viruses, I've been able to run an erase or undelete tools and get the files back, but they've gotten much smarter and they're deleting shadow copies," Ryan said. "Anytime I've made the decision or recommendation to pay the ransom, it was the right decision."

What makes this crime different is the way these cyber criminals are asking for payment, through bitcoin.

Earlier this year, a hospital system in California had to pay 40 bitcoin, roughly $17,000, to regain access of their files.

Sheldon Weisfeld with CoinVault ATM says his company is receiving calls weekly from victims asking for help, because Bitcoin is still a relatively new currency that many don't understand, and for the most part, untraceable.

Weisfeld said, "The crime that represents a significantly larger value, you can get the authorities involved in them. But the smaller value cybercrime, they typically not going to allocate their resources."

"Good luck in getting these guys. It makes it nearly impossible to track them down," Ryan explained.

As for Armstrong, her ransom was only $250, a small price to pay, she says.

Experts say be aware of who you're receiving emails from. You should never enable macros from an attachment if you are not 100 percent sure of its origin.