If you are working on your computer and a large message pops up demanding payment to allow you access to your files - you are a victim of ransomware. You don't believe it, so you check some files and find that when you open them, they don't make any sense as the data really has been encrypted. Although this is mainly an issue for Windows users, it has also been reported on Andriod devices and security researchers know it can be can be created for Apple devices.
So how did this happen to you? The ransomware probably got downloaded when you clicked on a link in an email or an email attachment. It can also get onto your computer via adverts (which may be on reputable sites) or when you downloaded and installed some software that had an extra component added by a criminal. Criminals are also creating links to download ransomware on social media sites such as Facebook and Twitter. They take over someones account - someone you know and trust - and start adding links.
Follow these guidelines to reduce the risk of being hit by ransomware:
- Don't click links in emails, or attachments in emails that you were not expecting. They could be from that long lost cousin you didn't know existed, or a wealthy business owner or royal in a far away country looking for help to transfer funds. But now they are more likely to be from a valid source, client or supplier and look very convincing. If you are not expecting the email, then be suspicious. Contact the sender and make sure it actually came from them
- Be suspicious of links on social media sites where the text around the link doesn't seem to make sense, or where there is just a link and no other text
- Make sure you apply software updates as they are released; to the operating system and software packages, mobile apps and browser plug-ins like Flash Player, Adobe Reader, Java and Silverlight
- Keep your anti-virus and anti-malware software up-to-date
- Never enable the execution of macros in documents, unless you have verified their senders and have confirmed with them that the documents should contain such code
- Backup all your data on a regular basis so if you do get hit by ransomware you can recover the data. Ideally, backups this should be done on a daily basis and to more than one place; for example, one 'cloud' provider and a hard drive
- Test your backups on a monthly basis to check that a) everything is being backed up and b) you can restore some files. The last thing you want to find is that when you need to use the backup it is missing files, or files on the backup are corrupt. If you have outsourced your IT support, then ask the company that does your backups to send you an email every month to confirm the backups have no issues