Ransomware, what it is, how to avoid it and what to do if we are infected

Who I am
Judit Llordés
Author and references

Ransomware can encrypt your files and force you to get paid - here's how to avoid ransomware or what to do if we got infected. The ransomware encrypts your most important files, and forces you to pay to regain access.

Ransomware is a type of malware that can block access to all files on your computer unless you agree to pay a ransom. If you have been infected with ransomware, you should avoid paying and instead go "restoring" your computer to the point before you caught the virus.

The best way to avoid being damaged by viruses such as ransomware is to back up your files often and keep your antivirus software and computer up to date.

Ransomware is particularly insidious: once it infects a computer, it is usually designed to encrypt all files until a ransom is paid.

The only thing you can do with an infected computer is to read the ransomware's payment instructions and submit the payment. Most of the time, the payment must be made in the form of bitcoin, and after making the payment, you will be provided with a decryption key.

Ransomware can affect both Macs and PCs, but the vast majority of them are made for Windows PCs.

How ransomware works

A ransomware infection looks like most other types of malware. Typically, you become infected with ransomware by opening an infected file that arrives via an email or website.

The ransomware can be part of a phishing email; for example, you may receive an email asking you to verify an invoice or pay an invoice, but the attached file is actually the ransomware payload.

Once infected, the ransomware moves quickly to encrypt your files and lock you out of tools that can be used to stop the attack. Depending on the variant of the ransomware, it might also delete or encrypt files stored on external hard drives, network devices, or connected cloud services (OneDrive, Dropbox, etc.). Then you will be told to pay a certain amount of money, usually within a few days, or you will lose your files.

What to do if you get infected with ransomware

If you've been infected with ransomware, most security experts recommend that you don't pay the ransom. Not only does paying for it encourage criminals, but there is no guarantee that you will get the decryption code or that it will work properly. 

Instead of paying the ransom, proactively protect your computer before it gets infected. This means making sure that all important data is backed up.

The safest way to back up your data is with an external hard drive, using backup software that uses versioning. Versioning ensures that each backup of your PC is treated as a separate version, so if you happen to back up an infected file, you can “roll back” to a previous version that hasn't been infected yet. 

And don't leave the drive permanently connected to your computer; when the backup is complete, disconnect it so that the malware cannot infect it. 

Furthermore, there are tools at your disposal to fight ransomware even after an attack. No More Ransom and ID Ransomware, for example, are free services that you can use to try to decrypt an infected computer. Both tools have an ever-growing ransomware database that can help you. 

How to avoid ransomware

Ransomware is just another type of malware, so the same tips for avoiding viruses apply here as well.

  • Use anti-malware software, and especially consider protecting yourself with anti-ransomware software. Some popular anti-ransomware tools include Acronis Ransomware Protection, Check Point ZoneAlarm Anti-Ransomware, and Malwarebytes 4.
  • Keep your Windows or Mac computer up to date with the latest security patches and updates. The famous WannaCry ransomware attack spread faster among older Windows computers that hadn't installed new updates in years.
  • Never click on links that you don't completely trust. This is age-old advice; don't open emails and attachments unless you trust the source and don't visit or click links on risky websites. Try to stick to credible and legitimate sources for downloading software, both on your computer and on mobile devices. 

Further Reading:

  • What is JavaScript?
  • How to protect your PC from ransomware?
  • Does Windows 10 Need Third Party Antivirus?
  • On January 14, Windows 7 support will end, what to do
  • What is malware and how does it work?

add a comment of Ransomware, what it is, how to avoid it and what to do if we are infected
Comment sent successfully! We will review it in the next few hours.