What is ransomware?
Ransomware is a specific type of malware that encrypts data files (such as MS Office Documents, pdf files, text files, image files, music files and video files) on a computer, holding them hostage until a ransom is paid that will – hopefully – release the password to decrypt them.
Many types of ransomware are network aware, meaning that they are capable of travelling from one computer to another on an office network, infecting each machine they touch. If allowed to spread undetected and unchecked, this can result in a catastrophic loss of data that can cripple any business.
Ransomware can be very profitable for the hacker holding the irreplaceable data of a company hostage. Both offices and individuals need to be extremely vigilant when accessing internet sites, opening emails or clicking on links in text messages.
Where to look for it
Bogus email is one of the primary ways that machines can become infected. Messages that appear alarming or unfamiliar are delivered to your inbox masquerading as a false warning that you have committed a criminal act, that some mythical Microsoft service has identified your machine as being infected with a virus and must be cleared or that your financial institution has noticed suspicious activity with your account.
In each case, a link is provided in these emails that are disguised as a “solution” to your apparent “problem”. UNDER NO CIRCUMSTANCES SHOULD YOU CLICK ON THIS LINK!
Some of these emails may appear laughably amateurish, others authentic-looking enough to fool even the most scrutinizing eye, but in ALL cases they are malicious, dangerous and may cost you dearly.
If you ever receive any unsolicited emails of this type from any financial institution, credit card company, law enforcement, government agency, etc… do not trust the information in them. If you feel a need to verify the validity of the information, look up the contact details independently and telephone or email them. DO NOT use any email addresses or telephone numbers from the suspect email.
Always maintain caution when browsing the internet. There are thousands of malicious sites out there just waiting for you to visit them so they can infect your computer with malware. Sites to be particularly cautious of are ones that offer free downloads of software, music and movies. Always immediately leave any site that requires you to download an “installer” or install a codec before playing streaming content. This is malware inviting you to infect your computer. If your browser flashes up a security warning about a webpage, back away quickly. This may be a legitimate site that has been temporarily infected by malware and will be safe to visit once the webmaster has cleaned it, or it may be a 100% malicious site trying to entrap you – either way it is better to play it safe and heed the warning. Always be wary.
POP-UP BANNERS AND ADVERTISEMENTS
Even on supposedly safe, popular sites like Facebook and Yahoo, you have to be careful. Perfectly legitimate sites have been infiltrated by bogus banner advertisements that lead to malicious sites that will infect your computer. It is always best to avoid clicking on any banner ads. Not all of them are malicious, but either way, it’s clickbait so steer clear. It’s much better not to take a chance.
Similarly, if you ever arrive on a webpage and a strange banner pops up, warning you that malware has been detected on your computer and that you need to click on the banner immediately to take action to clean your system, don’t do it!.
Close the web page immediately. Close the browser if you have to – but get away from that page and do not click anything on it. Clicking anywhere on the page is dangerous and it’s exactly what the spammers/hackers want you to do.
What to do
There’s an old saying– you’re not paranoid if everyone really is out to get you. Well not everyone on the internet wants to infect your computer with malware but there are far too many who do and they want and need your help to do it.
When working on the internet, always be vigilant; always be skeptical. This includes browsing websites, opening email and downloading programs. Do not click on links, do not open attachments, and do not open email unless you implicitly trust the source behind it.
And if you are unsure, don’t take any chances. You can always call the official number of the company or institution to verify the information. Remember, never call the number or click on the website link provided in the email.
Don’t trust, verify. Any links, emails, downloads or anything that can be opened or clicked on that come from an unknown source, are too risky to play with. Avoid or delete as is appropriate.
Backup, backup, backup! If the worst should happen and your computer becomes infected and your data is encrypted by ransomware, a regular, reliable backup of all your important data, will allow you to recover much more quickly and without having to pay a cent to criminals. However – even with a good backup – it is important not to start restoring data until after your infected computer had been professionally, competently and completely cleaned of the malware. If this means wiping the computer clean and starting from scratch, then so be it.
If there is one thing to keep in mind to help keep you vigilant when working on the internet, it’s this: it is better to be safe than sorry.