Previously, we’ve covered the definition of malware (quick refresher: it’s short for “malicious software”) and detailed how these programs can include viruses, spyware, keyloggers, worms and botnets. Now there’s a new and highly dangerous addition to this list: “ransomware.”
It works like this: While happily surfing online or reading email, you click on a link that seems interesting. Suddenly, your screen locks, and you get a message that all of your data has been encrypted by a hacker and is inaccessible unless you pay a ransom to “unlock” it. In some instances, a virus installs child pornography, and the message notes that you’ll be reported to the FBI if you don’t pay a certain sum (check out this article for an example of a typical message).
These situations fit the description of ransomware, which is becoming increasingly common on smartphones and tablets as well as PCs. Security firm Symantec estimates that criminal gangs steal over $5 million a year from unsuspecting victims. But even paying the “fine” doesn’t stop ransomware, because the malware remains on your device or computer and has to be manually removed.
Fortunately, there are strategies that can help with ransomware prevention:
- Always, always validate a link before clicking on it. Seriously, always. Even though online surfing can take you from news stories to kitten videos in mere seconds, build some time and deliberation into your quick-click tactics. Attackers rely on users who click on links in suspicious emails or fraudulent links on websites. Stop ransomware by making sure those links are legitimate before you surf.
- Back up your data regularly. If malware becomes so malicious that your device or computer will take time or professional help to remove, it’s useful to have your data accessible in a “clean version.” That way, if you have to wipe your entire drive and start from factory settings, you won’t lose everything.
- Fine tune your email spam filters. Most ransomware arrives in emails with attachments that have “.EXE” or “PDF.EXE” as a file extension. If you can filter files by extension, you can block email that includes that designation. If you use these types of executable files in your business, arrange for clients and colleagues to use password-protected ZIP files instead.
- Update your security software. Just like you should always validate links, you should always install security software updates and patches when they’re available. Security experts are constantly developing ways to stop ransomware, but those efforts won’t do you much good if you skip software patches.
Are you already a victim of ransomware? In this case, the best tactic is to do a malware scan of your device or computer to identify the ransomware and remove the malicious program. Here’s a step-by-step guide for removal that can help.
With huge threats like ransomware being perfected daily by sophisticated attackers, it’s never been more important to focus attention on protecting your privacy online. Lower your chances of becoming a victim with our identity theft protection services — and get assistance if your identity becomes compromised.
Image courtesy of FLickr user Redjar.