Ransomware is malware that prevents you from accessing your computer or the Internet. It is often the direct result of a computer virus or social engineering that allowed a human to gain access to your PC. Ransomware relies on scare tactics to trick users into thinking they have done something wrong, or extortion by encrypting the contents of a hard drive to prevent access to valuable files. Did you know you can get infected by ransomware simply from visiting a malicious website? That’s all it takes.
So how can you protect yourself from this scam?
Identify And Remove Ransomware
The first step to protect yourself from ransomware is recognizing it when it happens. Typically, a user affected by ransomware will receive a law enforcement pop-up that looks somewhat legitimate. These pop-ups will attempt to scare a user into thinking they have done something illegal on their computer and will provide instructions on how they can buy their way out of trouble.
The image above shows how a user can purchase a Moneypak and provides instructions on where to send the codes.
How To Remove Ransomware
- The FBI would never send anything to your computer. They would knock on your front door.
Never provide anyone with your credit card information or send them MoneyPak coupons. There’s no guarantee they’ll unlock your computer, anyway.
Use Windows Update and a current antivirus to keep your system secure. Scammers often use known exploits to infect your PC with ransomware.
If you get a ransomware pop-up, immediately disconnect from the Internet.
Be prepared for disaster. If you use a computer, expect it to fail and always have a reliable backup of your data. Erasing and reinstalling is the only true way to be sure you are no longer infected. Having a backup and recovery plan will make the choice to reinstall an easy one. Learn how to backup to a NAS.
Always run the latest version of Internet Explorer (even if you use another browser by default) and remove Java Add-ons. You can always add it back later if you find you need it. In IE, go to Tools>Internet Options>Programs tab>Manage Add-ons.
Be suspicious of links in emails and never open email attachments unless you are expecting an attachment from a friend or co-worker. Attachments can contain executable files that instantly infect your PC.
Create a Standard User account and run as that. If you run as Administrator, viruses also have admin rights.
If you suspect you are infected, run Windows Defender Offline. This is a Microsoft program that allows you to boot to a USB or DVD to run a scan prior to booting into Windows. Note, if you’re infected you may need to download this from a different PC.
Be wary of Microsoft phone calls. Just as with the FBI, Microsoft will never call you. If you get one of these phone calls, they try to convince you to allow them to remotely access your computer. Never allow a stranger to remotely access your PC. Just hang up. Here is an example of the Microsoft phone scam if you’re already not aware of them.
Unfortunately, today’s ransomware is much more sophisticated than it was in the past. The best defense for ransomware is to have a good backup and recovery strategy.
Now that you know what ransomware is, be sure to take steps to prevent being scammed.