Good experience means more money. Even for criminals.
The latest global cyber attack has already sparked hundreds of debates on topics from IT security to healthcare spending. Needless to say, we at Chattermill thought about what this says about Customer Experience. After checking our own computers are safe that is.
Attackers have hijacked thousands of computers with vulnerable versions of the Windows operating system. The Trojan virus spread quickly through phishing emails that tricked users into downloading an infected file. Once a computer is infected all personal files on the computer’s hard drive are encrypted and a modestly polite ransom note (image above) is displayed to the user.
This is old school ransom with a user interface – Ransom 2.0. It is not using the letters cut out of the newspapers and fortunately nobody is kidnapped but this kind of crime causes huge damage.
But what was fascinating about this 21st century ransom note is how the criminals have obviously learned from some of the best practices in modern software. Let’s break it down:
Collect and act on NPS-powered customer feedback in real time to deliver amazing customer experiences at every brand touchpoint. By closing the customer feedback loop with NPS, you will grow revenue, retain more customers, and evolve your business in the process. Try it free.
Clear messaging: the note obviously skims over the fact that it is a crime, does not mention the word “ransom” but other than that it is clearly written with concise instructions and answers to common questions for and by real humans.
Multiple languages: given that the attack targets some of the least sophisticated PC users, having it available in the native language is a nice touch.
Free Trial: Apparently, you can decrypt some of your files for free. “Try now by clicking Decrypt”. Admittedly we have not tested this feature and don’t really want to have to do so…
Contact Us link: I could not find how this works, potentially the attackers use some form of encrypted chat or email. Still, I can’t count how many times I’ve been on a website of an actual big company where contact information was conspicuously hidden.
Helpful UI: Explanation links, color-coded timer, button to copy the bitcoin address etc. There isn’t much functionality, but what’s there is as easy as possible even if the design is not great.
Bitcoin is far from user-friendly in its current iteration and I doubt most people who were affected by the attack would be savvy enough to be able to work it out in only 3 days. Still, it’s a huge improvement (from a Customer Experience point of view) compared to having to drive to a remote location and leaving a bag of money, in small denominations.
Why are criminals, particularly ones as so inconsiderate they would attack the NHS and potentially endanger human lives care about their victims’ comfort? Obviously not because of their warm and fuzzy feelings or because they want a nice review. It is because they know, good customer experience means more money. Even in their twisted business.