FightCybercrime.org

Recognize, report and recover from cybercrime.

Ransomware

Learn about ransomware and its dangers, how to protect yourself and what to do if your device is infected.

Get Started Report Cybercrime
Home » Scams » Hacked Devices & Accounts » Ransomware

The Basics of Ransomware

Ransomware is a malicious software that can encrypt your files and personal information, making them inaccessible. In order to regain access, you are typically required to pay a ransom to the attacker. Typically spread through phishing emails or by downloading infected files from the internet, once a person’s system is infected, the ransomware will begin encrypting files and personal information. Ransomware can be extremely devastating, as it can prevent you from accessing important files and data. In some cases, ransomware can even lead to identity theft. 

Ways Ransomware Can Infect Your Device

There are several ways that ransomware can be downloaded to your device:

  • Email attachments: Ransomware can be spread through email attachments, often disguised as something else such as an invoice or a shipping notification. If you open the attachment, the ransomware will be downloaded and can begin encrypting your files.
  • Infected websites: You can also get ransomware by visiting an infected website. The website may have been hacked and contain malicious code that will download the ransomware to your device.
  • Peer-to-peer networks: Ransomware can also be downloaded from peer-to-peer networks, such as BitTorrent. It’s often bundled with other software or files that are being shared illegally.

Once ransomware is on your device, it will scan your hard drive for files to encrypt. It then displays a message telling you that your files have been encrypted and demands a ransom be paid in order to decrypt them. The message will usually give you a deadline to pay the ransom, and if you don’t pay within that time frame, the price will increase or your files will be erased.

If you have been infected with ransomware, do not pay the ransom. There is no guarantee that you will get your files back even if you do pay.

Step 1:Recognize

Red Flags of Ransomware

There are a few warning signs that you may be infected with ransomware:

  • Unexpected changes to system or application files
  • Difficulty accessing certain files or applications
  • System crashes or unusual error messages
  • Strange activity from unknown IP addresses
  • Demands for payment (usually in cryptocurrency) to restore access to files or systems
  • Pop-up windows demanding payment to prevent malware infection

Step 2:Immediate Actions

If you suspect that your device has been infected by ransomware, it is important to take action immediately:

  • Do not pay the ransom. There is no guarantee that you will get your files back even if you do pay.
  • Disconnect from the internet and power down your device.
  • Contact a professional who can help you remove the ransomware and restore any files that may have been encrypted. There are a few different ways to remove ransomware, but the most effective is to use a specialized removal tool.
  • Once the ransomware has been removed, you should change all of your passwords and run a full scan of your device to make sure no other malicious software has been installed. If you find other malicious software, go to our malware page.
  • Take steps to prevent it from happening again in the future. This includes having a reliable anti-virus program installed and keeping your operating system up to date.

Step 3:Report

Reporting any type of cybercrime, including ransomware, is imperative to help others avoid being scammed. As a society, the more people that report online scams and fraud, the more national reporting data that is collected, and the better chance law enforcement has to catch the criminals and decrease cybercrime.

Report to FBI

Step 4:Recover

How to Avoid Future Ransomware Attacks

There are steps you can take to protect your devices from ransomware. Here are some tips:

  • Back up your data regularly. This is the most important thing you can do to protect your data from ransomware. Store your backups offline, so they can’t be encrypted by ransomware.
  • Keep your software up to date. Install security updates for your operating system and applications as soon as they’re available.
  • Don’t open email attachments from unknown senders and don’t click on links in email messages from unknown senders.
  • Don’t download software from untrustworthy websites. Only download software from websites you trust.
  • Use a security suite that includes anti-malware protection. A security suite can protect your computer from ransomware and other malware.

Take 5 Steps for Better Online Security

It’s important to strengthen your online security to help avoid all types of online scams. Take action to improve your digital posture by following these steps:

  1. Implement Multi Factor Authentication (MFA): Passwords are generally easy for scammers to crack, and even if you use strong passphrases, there’s still the possibility that a cybercriminal can obtain your passphrase in a data breach. Implementing MFA is a great way to maximize your security and ensure that you are the only one who can gain access to your accounts. MFA should be implemented on all accounts where it is available. Check your account’s security settings to see if it is something you can set up.
  2. Update Your Privacy Settings: Privacy settings allow you to control your personal information (name, address, phone number, date of birth, financial details, photos or videos, etc) and how that information is used. Review your privacy settings on all of your accounts including your social media accounts. Consider restricting who can see your friends list, contacts, photos and posts.
  3. Activate Automatic Updates: Automatic updates are a set of changes to an app, software or operating system that are automatically pushed by the developer to fix or improve it. Oftentimes, cybercriminals take advantage of security flaws to plant malicious software on your devices. By activating automatic updates, you will automatically patch security vulnerabilities to protect your data.
  4. Create Strong Passphrases: A strong passphrase is a string of unrelated words separated by hyphen, space, period, capitalized first letter or number. Use passphrases that are longer than 15 characters and include multiple words that do not have any obvious connection between them. The key to passphrases is randomness. Don’t repeat your passphrases between accounts and consider using a password manager to help you remember.
  5. Learn the Elements of a Phishing Attempt: Familiarize yourself with the elements of a phishing email. Phishing emails tend to include a sense of urgency and multiple grammar and spelling errors. If they are asking you to reveal personal information, be suspicious. If you get a strange email, try contacting the company another way to confirm they sent that email. If the email is suspicious, mark it as spam.

TestimonialHear from Other Victims

Without Fightcybercrime.org, I don't know if I would have been able to react as quickly to protect my personal information.
Mary - Indianapolis, IN

Latest News

The latest and greatest from our blog.

> How Ransomware Can Infect Your Device

How Ransomware Can Infect Your Device

Learn how ransomware can infect your devices, what to do if your device is infected and how you can protect yourself.

Read Full Article

Branding