One of the fastest growing threats to personal computers or business computer systems is called ransomware. This type of attack locks up your computer (or a group of computers), leaving you unable to use it, until you pay the fraudster ransom. Usually the attackers will release your computer once the ransom is paid, but they often leave behind a form of invisible malware so they can hold your computer hostage again. Ransomware programs are being created daily to outsmart computer users by appearing as harmless emails, documents or attachments.
What is ransomware?
Ransomware is malicious software that puts an encrypted “jail” around your files. Once the jail in place, the ransomware makes accessing or using the files impossible. When the ransomware has successfully infiltrated your computer, the malicious software will ask for a ransom (in the form of some currency, dollars, Bitcoin, etc) in order to unlock the files for use. Ransomware will slowly affect every file on your computer – and in the case of a business, the attached computer network. In some circumstances, the ransomware will also delete your files from your computer if you do not pay within a given amount of time.
How is ransomware spread?
Ransomware is mainly distributed through email and may be embedded in Microsoft Office documents or PDFs.
How can I prevent a ransomware attack?
Your diligence in reviewing your emails and other communication channels is one of the best steps you can take. Use these tips:
To Protect Yourself:
- Ensure that you are only opening emails from people you know. If you don’t know the sender, delete the email immediately.
- Ensure that you are only opening documents from people you know. If you were not expecting an email or document from a particular person, verify by phone with the sender before you open anything.
- If you receive an email asking you to “enable content” or “enable macros,” do not enable either.
- Verify the business and identity of anyone who calls claiming to perform computer maintenance. If you do not know the company, collect basic information over the phone and verify the information through a third party source like the Yellow Pages.
To Protect Your Business:
- Educate your staff on the two tips above regarding emails and email attachments.
- In some cases, you may receive a phone call from someone claiming to be computer support, Microsoft or another entity. Do not allow anyone other than verified staff or contracted third parties to performance maintenance on your computer network.
For more information on the growing threat of Ransomware, visit the Federal Bureau of Investigation’s website.