This has all the hallmarks of an incipient panic. I remember the panics over Jerusalem, Datacrime, Michelangelo and others. The big thing that those had in common, was a deadline The National Crime Agency (NCA) is stirring this one up, and they've set a deadline - two weeks, meaning June 16. And what are they recommending?
Update your operating system (modern OSes already do this automatically).
Think twice before clicking on links or attachments in unsolicited emails (aren't people already doing that?).
Do a backup.
Of all their advice, the third is the most useful, and the least likely to be followed.
"Users are typically infected by clicking on attachments or links in
emails which may look like they have been sent by genuine contacts". So these aren't unsolicited emails, they're emails from people you already knew.
An increasingly loud series of warnings from the media, who simply love this sort of thing, it's a real circulation-booster. And then, on June 16 (two weeks from now), the media switches smartly into reverse and castigates anyone who issued a warning (except themselves, of course) because on June 16 ... nothing happens.
A big increase in fake security software - you can read my recent blogs for an incident where a scammer tried to convince me to pay them loads-a-money and install a trojan on my computer. Lots of emails warning about the two week deadline, and advising "click in this link to protect yourself".
The NCA thinks that 15,500 UK computers have this thing (which they name as GOZeuS or P2PZeuS. If they're right, that's actually a very small number out of the many millions of computers in the UK.
But what I haven't seen anywhere, is any reason for the two week deadline. What is supposed to happen on June 16?
So, here's some advice from someone who has been in this field for 25 years. Me, that is.
1. Do a backup, at least once a week, probably once a day. Yes, I know you aren't actually going to do this because it's "too difficult". But the reason for doing it, is that your computer will fail. Probably not on June 16, probably not this year, probably not next year. But one day, it will simply not work. What, did you think computers lasted for ever?
2. Run Linux, not Windows. Linux, as of 2014, doesn't get hit by this sort of thing. Yes, I know you have some wonderful program that only works with Windows and you aren't going to run Linux.
3. Don't do banking online. I don't. I don't use cash machines, either. Because A) I don't see how either of those can be made secure, and B) as far as I can tell, banks don't really care about computer security. A cash machine on the inside (not on the outside) of a bank might be OK.
When I buy things online, I go via Ebay, Amazon, or one of a very, very small number of other sites. Ebay offers a conflict resolution - I can get a refund if I'm scammed. I pay via Paypal; Paypal offers a conflict resolution - I can get a refund if I'm scammed. And my payment to Paypal is via a credit card with limited funds, and if you use a credit card, you can dispute the transation and *always* get a full refund, unless you've actually, physically, signed a sales slip. So I have three layers of protection.
Roll on June 16th. It's always fun to watch a panic in action.