Tens of millions of email users could be targeted in a “mass spamming event” designed to collect people’s financial details.
The National Crime Agency (NCA) said small and medium businesses have been receiving the fraudulent messages, which appear to be legitimate communication from banks.
Each email comes with attachments that look like files such as a voicemail, fax, an invoice or details of a suspicious transaction, but is in fact malicious software that encrypts the user’s computer.
The screen will then display a countdown timer that demands the payment of two Bitcoins in ransom, worth around £536, for the decryption key.
Lee Miles, deputy head of the National Cyber Crime Unit (NCCU), said: “The NCA are actively pursuing organised crime groups committing this type of crime.
“We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public.”
The NCCU is trying to uncover who is sending the emails. Anyone whose computer is infected should report it to www.actionfraud.police.uk.
Experts are advising internet users not to click on any attachments like those described, to update anti-virus software and operating systems, and to back up files.
If a computer is infected it should be disconnected from the network and a professional called in to clear the machine.