Ransomware is the most trending term these days, in the world of computing. In this article, we’ll tell you what ransomware is and what it can do to make your computer unusable. As a Windows user, you can take some safety measures to prevent yourself from becoming victim of ransomware attack.
What Is Ransomware And What It Does?
Ransomware can be treated as an upgraded version of malware which locks up your machine and make it unusable until you pay some money to the attacker. It is not necessary that even after you pay money, the attacker will unlock your system as claimed in ransomware message. The money received by attacker may be used to fund their illegal activities and further development of ransomware in order to earn more. Ransomware propagates with the help of a Trojan, generally through malicious files. Ransomware attacks can be suppressed with the help of Windows Defender and other security suites available in the market, provided if you take action against them as soon as they attack. It is worth to mention here that India stands 4th in the list of most ransomware attacked countries, till date.
When your Windows system is suffering from a ransomware attack, it will:
- Not allow you to enter and use Windows as the master boot records are compromised/encrypted.
- May not allow to use specific apps.
- Encrypt files so that you can never use them until their proper decryption occurs.
- Keep flashing a typical ransomware message asking you to pay money to unlock system.
Why Ransomware Attacker Targets You?
The first answer to this question is money. Second answer may to misuse the confidential information present on your system that could help them to earn more dollars. According to Microsoft, a ransomware attacker may target victim with either lockscreen ransomware or encryption ransomware. The former one prevents full access to machine and display a ransomware message to unlock the system. It asks you to call on some number to provide money and get the unlock code for your system. While in case of encryption ransomware, you can access machine but your files are encrypted and you may be able to open them only if you pay, but again there is no guarantee. In some cases, ransomware attackers may use the name, logo of your regional local authorities and display a message like – you’ve broken the law and you’ve to pay the fine. Some users may trust these messages because they looks like genuine ones but actually they’re not.
Let us clarify this with another example. The image shown below looks like a BSOD but is actually a ransomware screen.
(Image credits: Microsoft)
In this case, victim will generally call on the support number provided and then he’ll be asked to pay money. It should be clear in your mind that if a BSOD occurs, you should try searching the displayed error code on web and it should match the error message displayed on web results. If it doesn’t matches, the BSOD is fake. Also in the original BSOD, like the one shown below, there is no mention of any phone number.
So long story short, ransomware attacker may try to convince you to pay money, using different kind of tactics.
How Do I Prevent Myself From A Ransomware Attack?
“Prevention is cure” and this perfectly applies to ransomware incidences. If you stay alert and be smart, you may be able to prevent yourself from such attacks. Here are best practices that may help you to obstruct ransomware to load into your system:
- Be careful while surfing web and reading emails and do not carelessly click on any suspicious link which appears to be fake, unknown and unsafe website.
- Keep updating virus definitions for Windows Defender and keep it up-to date.
- Review Windows Firewall settings and properly configure it.
- Care should also be taken while opening attachments in emails.
- As soon as you see an email in your inbox which is completely irrelevant (judge it from subject/sender), don’t even open it and trash it asap.
- If you need to follow some links for your work purpose, keeping checking the URL/address bar of the browser regularly. If you accidentally landed on suspicious website due to redirects, terminate the session immediately and delete all cookies/cache/history of your browser.
- Do not post your email ID carelessly to public websites. Give it to only to those people whom you can trust.
- Do not install third-party programs from unknown vendors.
- Install latest Windows Updates as soon as they’re available.
- Periodically backup your important files to external drives, cloud storage.
- Disable use of SMBv1 protocol, which is enabled by default in Windows OSes.
Things To Do After A Ransomware Attack
If you accidentally become victim of ransomware attack, you should not loose hope and take action against it. Scan your whole system with your anti-virus program, it will help you to terminate ransoms. Try to develop proofs of attack and report to it cyber criminal cell/police authorities near to you. In case if you’ve paid money to attacker, immediately talk to your bank to block the money transfer. Attacking with ransomware is clearly an illegal activity and attackers may get imprisonment for it, if proved.
That’s all about ransomware attacks. Hope you find the article useful. Be smart and stay alert!