The Federal Bureau of Investigation (FBI) Denver Field Office has issued a critical warning about a rise in cybercrimes involving free online file converters. Cybercriminals are exploiting these tools to install malware on users’ computers, potentially leading to data theft or ransomware attacks. A recent incident in Colorado highlighted this growing threat. The scam targets individuals seeking free services to convert documents, such as changing Microsoft Word files to PDFs or merging images. While the tools seem to work as expected, they secretly install harmful malware that can compromise personal information and leave the computer vulnerable to further attacks.
“The best way to thwart these fraudsters is to educate people so they don’t fall victim to these fraudsters in the first place,” said FBI Denver Special Agent in Charge Mark Michalek in a statement. “If you or someone you know has been affected by this scheme, we encourage you to make a report and take actions to protect your assets. Every day, we are working to hold these scammers accountable and provide victims with the resources they need.”
To conduct this scheme, cybercriminals across the globe are using any type of free document converter or downloader tool. This might be a website claiming to convert one type of file to another, such as a .doc file to a .pdf file. It might also claim to combine files, such as joining multiple .jpg files into one .pdf file. The suspect program might claim to be an MP3 or MP4 downloading tool.
According to FBI Denver, these converters and downloading tools will do the task advertised, but the resulting file can contain hidden malware giving criminals access to the victim’s computer.
The tools can also scrape the submitted files for:
- Personal identifying information, such as social security numbers, dates of birth, phone numbers, etc.
- Banking information
- Cryptocurrency information (seed phrases, wallet addresses, etc.)
- Email addresses
- Passwords
Unfortunately, many victims don’t realise they have been infected by malware until it’s too late, and their computer is infected with ransomware or their identity has been stolen.
In addition, the FBI Denver Field Office recommends taking the following actions to protect yourself from this scam:
- Take a breath, slow down and think. Be aware of your actions online and what risks you could be exposed to.
- Keep your virus scan software up to date and scan any file you receive before opening it to help eliminate malicious software from being installed on your computer.
If you are a victim of this scam, here are some steps to take:
- Contact your financial institutions immediately. Take steps to protect your identity and your accounts.
- Change all your passwords using a clean, trusted device.
- Make a report at IC3.gov.
- Run up-to-date virus scan software to check for potentially malicious software installed by the scammers. Consider taking your computer to a professional company specialising in virus and malware removal services.