I recently read a staggering statistic about ransomware. It stated that the FBI projects greater than $1 billion in losses from ransomware attacks in 2016 alone. In the first quarter of 2016, $209 million was collected by criminals. These are scary statistics because this is something that can easily happen to you or me as a consumer or employee.
What is ransomware?
Ransomware is a type of malicious software (malware) that freezes your computer or mobile device until a certain sum of money is paid (typically ranging anywhere from $100-$10,000.)
Ransomware can destroy personal and business files and is deployed through phishing attacks that can be activated by any employee of an organization. Some say ransomware is “user-friendly” since it’s a phishing attack that is both convincing and easy to open, thereby creating more risk to files and devices. These types of malware attacks are very damaging and can destroy personal and business files, leading to stolen data, locked computer networks and large financial losses.
Typically, ransomware scams are perpetrated in the following ways:
- Spear phishing emails
- The sender appears to be someone you know or someone relevant to your business.
- The message is personalized, and may include your name or a reference to a recent transaction.
- Advertisements or pop-up windows
- Your computer freezes and a pop-up message appears. The message threatens a loss of your files or information, it may also tell you that your files have been encrypted.
- Downloadable software
- Ransomware can be presented as downloadable games or file-sharing applications.
What can you do to protect yourself against ransomware attacks?
The encrypted files can essentially be considered damaged beyond repair, but if you follow the tips below, it can be nothing more than a nuisance and you can keep ransomware from wrecking your day:
- Back up your files and save them offline or to the cloud.
- Always use antivirus software and a firewall. Be sure they update automatically.
- Patch or update software.
- Use pop-up blockers.
- Don’t open emails, links, or attachments if you don’t recognize them…even if the message comes from someone in your contact list.
- Only download software from sites you know and trust.
- Disconnect from Wi-Fi.
- Alert local law enforcement and the FBI’s internet crime complaint center (IC3), https://www.ic3.gov/default.aspx, if you encounter a potential attack.
- If you’re a business, provide employee training on how to spot a phishing email and what steps to take if a phishing email is suspected.
Whether personally or in a business situation, it’s critical that you protect yourself from ransomware and avoid paying cybercriminals. When these attacks are successful, the money often goes straight into the hands of organized crime and terror groups. Have additional questions about ransomware? Ask us!