The ransomware attack attempts to lock the computer, and posing as an unofficial notice from a law enforcement agency, claims that the victim's PC has been determined to have visited illegal websites.
Only payment for a fine, claims the message, will restore the computer's functionality.
Various versions of the alert messages have been seen - here's one example:
Part of the poorly-worded alert reads as follows:
Attention!!!Of course, it's very likely that you haven't been visiting extremist websites or viewing child abuse material. That may just be the hook used by the fraudsters to trick you into taking the warning seriously.
The process of illegal activity is deleted. According to UK law and Metropolitan Police Service and Strathclyde Police investigation your computer is locked!
The following violation is detected: You IP-address "[redacted]". Forbidden websites containing pornography, child pornography, Sodomy and called violence against children on, violent material toward people were visited from this IP-address!
Moreover and e-mail spam was sent you're your computer, emails containing terroristic materials. This locking serves to stop your illegal activity.
To release a lock your computer you should pay the fine in amount of £100. In the case of ignoring the payment, the program will remove illegal materials while keeping your personal information is not guaranteed.
Ransomware is nothing new. We've seen plenty of examples in the past where cybercriminals have duped users into coughing up cash in order to get their computer working properly again.
But the threat of legal action, and what - on first glance - might appear to some computer users to be a sign that they are in trouble with the police, could be enough to scare some into electronically transferring funds post haste.
The police recommend that anyone who is duped by the scam should contact their credit card company immediately, and underline that they would never use such tactics to make contact with the public or demand funds.
It's likely that the messages are appearing on computer users' screens because they have become infected whilst visiting compromised websites, or have been duped into installing malicious software onto their computer.
Sophos has linked Mal/Bredo-Q to some of the reports we have seen of this particular ransomware attack, but of course it's perfectly possible that malicious hackers could use other malware to display the same or similar messages posing as police warnings.
As always, keep your security patches and anti-virus solutions updated, and your wits about you.