Speaking recently at a cybersecurity conference in Boston, FBI Assistant Special Agent Joseph Bonavolonta startled many people when, in discussing ransomware, he said “the ransomware is that good. To be honest, we often advise people just to pay the ransom.” I have been warning you about ransomware since 2012. Ransomware problems start when you find your computer frozen and a message on your screen tells you that your computer will remain frozen until you pay a “ransom.” CryptoWall and its predecessor CrytoLocker ransomware have been used effectively by criminals for years. The most recent version of ransomware being used is called Tescrypt. Companies and individuals have been the targets of ransomware. In fact, a number of police departments, including the Swansea Massachusetts police department have been the victims of ransomware and actually paid the ransom.
As with many types of malware, you download it when you click on tainted links or tainted attachments, which is why I always warn you not to click on any links or download attachments unless you are absolutely sure that they are legitimate. In many instances, the ransomware has come as hidden malware in a phony email purporting to be from Federal Express or UPS. As we approach the holiday shopping season, you can expect an upswing in people falling for this scam and clicking on links and downloading attachments in emails purportedly from these companies related to holiday shopping.
The best way to deal with ransomware is to avoid it in the first place. Have a good firewall, good anti-virus and good anti-malware software installed on your computer, tablet or other devices and keep the software up to date. However, remember that the security software companies are always playing catchup with the hackers, so your security software will not always protect you. The latest incarnations of most malware is generally at least thirty days ahead of the security software companies so you can never rely on your security software and your firewall to keep you totally safe. However, make sure that when security updates are available that you download them as soon as possible. Many people become victims of older versions of ransomware because they have not updated their security software. Also, you should always back up everything on your computer in the Cloud or on a USB drive or preferably both. Finally, never click on links or download attachments unless you are absolutely positive that they are legitimate and the only way to do this is to confirm that they are legitimate with the real companies you think may be sending you the email before ever clicking on a link or downloading an attachment.
If you are a victim of ransomware, here are a couple of free links that may help you. The first is a link to Microsoft’s Malware Protection Center with links and instructions for removing ransomware infections from your computer: http://www.microsoft.com/security/portal/shared/ransomware.aspx#recover. The second is to Malwarebytes Anti-Malware which will detect and remove malware such as trojans and spyware. The link is www.malwarebytes.org. Some types of malware cannot be defeated after it is installed, but it is always worth a try. However, the best course of action to take is to avoid downloading anything unless you are confident it is legitimate and always back up all of your data both in the cloud and offline so that even if you do become a victim of ransomware, you don’t have to pay because your data is already preserved.