Brianna Ulrich of Long Beach, Calif., recently opened an emailattachment from FedEx. Within seconds, her entire computer waswiped clean.

“There was a message that said I had to call them, that thepolice were involved,” Ulrich said. “But when I called, they toldme they had attacked my computer and I had to pay a ransom to getit back. I thought it was a joke.”

It wasn't a joke, it was a computer virus called ransomware.

A California hospital recently paid $17,000 to hackers to regainaccess to its computer files, and Ulrich was a victim of the sametype of crime, which is hitting companies and random people.Ransomware attacks were up more than 400% in the third quarter of2015 compared to a year earlier, according to Intel's McAfeeLabs.

“They had my photos and credit card information and my creditunion information,” Ulrich said. “I can't believe I had to pay$1,200 to get my information back. But I did it. What choice did Ihave?”

Cybercriminal gangs attacking financial institutions will beupping the ante in 2016. Researchers at Dell SecureWorks CounterThreat Unit (CTU) expect that attacks will occur in more countriesand the criminals will expand their efforts to compromising mobiledevices and spreading ransomware.

Michael Foley, a senior McAfee security researcher, predictedthat attacks will expand this year beyond the 1,500 financialinstitutions in 100 countries that were hit in 2015 and despite theprogress that was made against a few criminal organizations lastyear. In 2014, about 1,350 banks in 35 countries were victimized,he said.

“Going forward, not only will major corporations continue to bein their sights, but small and medium-size banks and credit unionsthat do not have the resources to properly defend themselves willbecome favored targets,” Foley said. “The gangs are definitely notgiving up. This is their business and they are expanding theirhorizons.”

But there's more bad news: a new kind of Android malware stealsonline banking credentials and can hold a device's files hostage inexchange for a ransom. The malware, called Xbot, is not widespreadyet and appears to be targeting devices only in Australia andRussia, researchers with Palo Alto Networks wrote recently in ablog post. But they believe the mastermind behind Xbot may try toexpand its target base.

“As the author appears to be putting considerable time andeffort into making this Trojan more complex and harder to detect,it's likely that its ability to infect users and remain hidden willonly grow,” the Palo Alto researchers wrote.

Xbot uses a technique called activity hijacking to carry out attacksaimed at stealing online banking and personal details. When someonetries to launch an application, the malware launches a differentaction. Users are unaware that they're actually using the wrongprogram or function.

“So far we've found seven different faked interfaces,” Palo Altoresearchers wrote. “We identified six of them — they're imitatingapps for some of the most popular banks in Australia. Theinterfaces are very similar to these banks' official apps' logininterfaces. If a victim fills out the form, the bank accountnumber, password, and security tokens will be sent” to thecommand-and-control server.

The Palo Alto blog also reported that banks in the United Statesand the U.K. were the top targets of banking Trojans in general in2015, with U.S. banks targeted 471 times, while U.K. banks suffered309 attacks.

In addition to the ransom, which can range from $200 to $10,000,victims may face costs for network mitigation, networkcountermeasures, loss of productivity, legal fees, IT services andthe purchase of credit monitoring services for employees orcustomers.

Backing up the contents of computers may be one of the best waysto protect against the growing threat of ransomware, and while mostcredit unions perform backups, their members probably do not. Forthe safety of the credit union and the members, McAfee's Foleyrecommends that credit unions take the initiative to warn theirmembers and educate them with these tips.

Perform regular maintenance and updates on computers andhandheld devices. Back up files on an external hard drive as wellas on the cloud. Beware of what you're opening andclicking on when you are on the web. Install antivirus software anda firewall from a reputable company. Use automatic updates to helpensure you business's antivirus software and firewall areprotecting you against the most current threats. Enable pop-upblockers on your web browser to help avoid accidental clicks onpop-ups, which are used routinely by criminals to spread malicioussoftware. Educate employees about the risks and train them to besuspicious of unsolicited emails and to avoid clicking on links orattachments in emails.

“I wish I had backed up my photos because I didn't get thoseback,” Ulrich said. “I never thought a regular person like me wouldget hit by something like this. It's like a science fictionnovel.”