See how we can help make tax planning and preparation less taxing

Learn more

Ransomware 101

person working on laptop that has ransomware attack warning in red onscreen

From the home user to the largest corporation, ransomware is now an issue for anyone who uses the internet. And now, with remote work and online learning so prevalent, it’s all too easy to become a victim of a ransomware attack.

Ransomware is most frequently spread by phishing emails and “drive-by downloading” (when a user accesses an infected website). It only takes one click to encrypt your data and be informed that if you don’t pay a ransom to unlock your data, you’ll lose it forever.

While you can’t prevent attempted attacks, here are several steps you can take to recognize and avoid being victimized by them:

  1. Keep your antivirus software up to date—Features that monitor your files for suspicious attempts at encryption—the main weapon of ransomware—can be added to many antivirus programs today. If the software you use now doesn’t protect you against ransomware, you can find one that does.

  2. Learn to recognize phishing emails—While your email program will filter some junk mail, cybercrooks may still slip through, pretending to be a trusted contact like a bank or other business. They’ll send you an official-looking email with a link or attachments (receipt, invoice, etc.). The attachments may look like genuine Word or PDF files, but they’re actually executable files that launch the ransomware when they’re downloaded and opened. If the email asks you to follow a link to provide information, don’t. Call the sender directly if you’re unsure whether the email actually came from them. 

  3. Bulk up your passwords—In what’s known as a “brute-force” password attack, hackers attempt to access your network by trying as many passwords as possible—often with the help of bots—until they gain access. Change default and easily guessed passwords to combinations of upper- and lower-case letters, numbers, symbols and even phrases. And consider using multi-factor authentication for extra security.

  4. Browse carefully—How do you avoid infected websites? To be honest, it’s not always possible. Some sites will just install malicious downloads without your knowledge, so stay away from infection-notorious gambling, pornography, pirated video streaming or peer-to-peer (P2P) file sharing sites. If your browser warns that a site is infected, don’t click through. Look for a lock icon before the domain name, which tells you the site is safely encrypted. Never download software that a pop-up asks you to install. And remember to ABC: Always Be Cautious.

  5. Don’t forget the Internet of (other) Things—PCs aren’t the only devices susceptible to a hack. Thanks to mobile devices, the Internet of Things (IoT) and wi-fi, there are now other devices that can allow cybercrooks to enter through a network’s back door: Virtual Alexa-style assistants, security systems, smart TVs, wearable health monitors, even smart appliances. 

  6. Perform regular backups—Get into the habit of performing backups on a regular schedule, preferably on a removable drive you don’t keep connected to your system. Better to have to reconstruct a week or month of information instead of a year’s—or more.

If the worst does happen and you’re the victim of a ransomware infection, DON’T PAY THE RANSOM. You’re only funding the next attack, and since you’re dealing with criminals you have no guarantee they’ll even give you the encryption key if you pay.

The U.S. Cybersecurity & Infrastructure Security Agency (cisa.gov) instructs home users to immediately contact their local FBI office or local U.S. Secret Service office to request assistance—and to help send a tough message to cybercrooks that they’ve messed with the wrong person.