Police in Victoria are warning citizens not to use USB sticks if they don’t know the origin. Residents of Pakenham, a suburb of Melbourne, have reportedly been finding unmarked USB sticks in their mailboxes and what’s frightening is they are actually putting them in their computers.

USB Sticks
Photo by OpenClipart-Vectors (Pixabay)

Simply avoid USB sticks if it’s not yours

If you found an apple in your mailbox whould you eat it? Why would anyone in their right mind but an unknown USB stick in their own computer in this day of hacks, leaks, and general malware? I can hear you saying it already, “I wouldn’t.” Perhaps you wouldn’t but in a recent study by The University of Illinois, nearly 50% of those that found one of the 297 USB sticks dropped randomly on campus, used them with the medium time of just under seven hours with one being used in under ten minutes.

Police are reporting that a number of Pakenham residents are not only finding the USB sticks in their mailboxes but actually willfully, if unintentionally, infecting their computers with not the offer from Netflix they expected but malware that takes their computers hostage until a ransom demand is paid according to Pakenham Police Sgt. Guy Matheson.

“The USB drives are believed to be extremely harmful and members of the public are urged to avoid plugging them into their computers or other devices,” said the Victoria authorities in a statement.

This is not the first incident of this happening worldwide.

In July a Twitter user purported to be in France wrote, “Received a #USB #key in my #mailbox. Never EVER plug in such present.”

Whether or not that person learned this the hard way is anyone’s guess.

Andrew Tierney, consultant at cybersecurity firm Pen Test Partners recently spoke of the crime with the BBC while pointing out that this is a rare attack aimed at individual households.

“However, it’s still a common form of attacking businesses, where the gains are much greater,” he said.

“Most cybercriminals are looking for volume, so it’s much easier to get hold of people’s information by phishing. It’s unclear whether the devices were sent in the post, but putting a USB stick in someone’s letterbox by visiting the property and potentially getting your fingerprints on them creates a much greater risk of getting caught.”

“You’d be surprised at how many people would fall for plugging an unknown USB stick into their computer. Some users may become distrustful at the stage only when the software asks them to download a program, but Word files can still be harmful,” said Mr Tierney speaking to the University of Illinois’ study.