How ransomware works
These aggressive assaults begin in a similar manner to scareware. You’re duped into clicking on an infected popup advertisement or you visit an infected website. However, instead of just trying to trick you into buying fake antivirus software, the bad guys hold your computer hostage and attempt to extort payment.
The criminals often ask for a nominal payment, figuring you’ll be more likely to pay to avoid the hassle and heartache of dealing with the virus. They may ask for as little as $10 to be wired through Western Union, paid through a premium text message or sent through a form of online cash.
Protect yourself from ransomware
As with other attacks, you can work to avoid ransomware. Experts advise taking these steps to avoid attacks or protect yourself after an attack:
- Use reputable antivirus software and a firewall. Maintaining a strong firewall and keeping your security software up to date are critical. It’s important to use antivirus software from a reputable company because of all the fake software out there.
- Back up often. If you back up files to either an external hard drive or to an online backup service, you diminish the threat, says Eisen. “If you back up your information, you should not be afraid to just turn off your computer and start over with a new install if you come under attack.” Eisen backs up his data regularly, so every six months, he simply restores his computer’s system to default and starts afresh. “I would highly recommend it,” he says.
- Enable your popup blocker. Popups are a prime tactic used by the bad guys, so simply avoid even accidentally clicking on an infected popup. If a popup appears, click on the X in the right-hand corner. The buttons within a popup might have been reprogrammed by the criminals, so do not click on them.
- Exercise caution. Don’t click on links inside emails, and avoid suspicious websites. If your PC does come under attack, use another computer to research details about the type of attack. But be aware that the bad guys are devious enough to create fake sites, perhaps touting their own fake antivirus software or their de-encryption program.
- Disconnect from the Internet. If you receive a ransomware note, disconnect from the Internet so your personal data isn’t transmitted back to the criminals, says Eisen. He recommends simply shutting down the computer. If you have backed up your data, you can re-install software. If you don’t feel comfortable doing so or you are unable to start fresh, you may need to take your computer to a reputable repair shop, says Eisen.
- Alert authorities. Ransomware is a serious form of extortion. “Local police are probably not equipped to deal with this,” explains Siciliano. “However, the local FBI would want to know about it.”
Don’t be tempted to give in and pay the ransom, warns Siciliano. “Paying them would be a mistake because they will further extort you and most likely not release your information.” Taking precautions to protect your information and maintaining vigilance are the best solutions to avoid becoming a victim in the first place.
Copyright (c) Studio One Networks. All rights reserved.
In light of the recent ransomware attack on WABD, I decided to do a little research on how to protect myself against ransomware. There are, of course, a myriad of anti-ransomware programs out there, some free, most commercial. And, of course, they vary in effectiveness, as well as methods of detection, prevention, and recovery. Most of the anti-ransomware sites that I've visited advised that the best defense against ransomware is prevention:
- BACKUP, BACKUP, BACKUP! I can't emphasize this enough. If your data is ever encrypted by ransomware, the chances of recovery are almost nil. You'll either have to pay the ransom and hope they (the ransomware criminals) send you the key to de-crypt your data, or you risk losing it forever. By having a backup, especially on an external drive which you can disconnect upon backup completion, you will have a safe copy of your data to restore the compromised data of the ransomware attack.
- DO NOT CLICK ON EMAIL LINKS from untrusted email sources. A lot of ransomware attacks begin when an email link is clicked and it triggers a download of the ransomware virus onto your machine.
- DO YOUR OWN RESEARCH regarding anti-ransomware software solutions available out there. I'm in the process of comparing them myself, and will probably choose one soon that fits my needs and budget.
- DON'T PANIC. Use common sense when surfing the web and receiving unsolicited emails from unknown sources, back up your data (especially your writing), and get a decent anti-ransomware program to compliment your anti-virus software. This should protect you from receiving a rude message like the one WABD received from ransomware criminals.
Instead of trying to undo the biting of the old apple/I bite a new one instead/And with a toothless grin/Become a Dionysian among Christians.
Many, many thanks for that info Bro, will be invaluable when I get to my son's house for Christmas.
He told me to take my PC and I was in two minds not to bother, as car packed full but he wanted to give it a going over and boy does it need it now.
I have been ridiculously careless with copying my work and could have lost most of it without Richard's valiant efforts.
I shall now back everything up onto a separate hard drive and get him to look into this malware. What despicable scum of the earth would knowingly cause such havoc and I dare say heartbreak to so many. Incomprehensible wickedness.
A lesson learned at this end. 😉
I've had ransom ware on 2 computers, it went away when I did the following:
When it appears on screen, don't touch the keyboard or mouse.
Press & hold the power button on your PC until it closes down your computer.
Re-start & run a full scan with up to date anti virus software.
the ransomware is gone.
I got infected by the FBI virus once and cleaned it out very quickly and easily by downloading the Kapersky Windows Unlocker CD on another computer and using it to boot up the infected one. It works a treat. I keep it in my CD box permanently now in case I get infected again. You can download it in ISO form from here: