Online Security

13 April 2016

Ransomware: don’t let yourself be blackmailed!


An increasing number of computer users are falling victim to Ransomware or Cryptoware. This new form of Malware is contained in a malicious attachment to an email which, once opened, blocks access to the files on a computer, even if they are on a connected backup device. The result is that you are only allowed to access your files once you have paid a certain amount of money (so a ransom) to the hacker. How can you recognise ransomware? And how can you prevent your computer from becoming infected and avoid permanently losing your data?

A wolf in sheep’s clothing

Ransomware is often hidden in emails with funny content, or that announce that you have won the lottery, or that lead you to believe that they have been sent by an official body (for example the police, the government, etc.). This type of Malware masquerades as a.pdf,.pptx or.doc file, but in actual fact is an executable.exe file. Once you click on the file, it’s too late! The program blocks the contents of your computer and you can no longer access your files. Here it is worth noting that one of the ways to detect such files is to change your settings in Windows so that file extensions become visible. Doing this will enable you to see if the email contains an executable, .exe file.

A few tips to protect yourself from ransomware
  • Make certain your machine has a reliable antivirus that is regularly updated.
  • Regularly update your operating system, your browser and the programs you use most often.
  • Be very cautious when you receive an email with an attachment from someone you don’t know, and never open such an attachment or click on a hyperlink you aren’t sure about.
  • Watch out if there are a lot of spelling mistakes or grammatical errors in the message as this is often an indication that the email cannot be trusted.
  • Before clicking a hyperlink, always hover over it as in most cases you will be able to see if the URL is trustworthy and whether it redirects to the sender or the organisation in question.
  • Always make backups, but be careful: only connect your external hard drive or USB stick to your computer when you are making a backup. This is because Cryptoware can also infect an external hard drive that is connected to your computer. Also, think about making a backup in a cloud environment (e.g. Google Drive) and always keep your backup device physically separated from your PC.
So you clicked a link or attachment and your files are blocked. What now?

Never pay the hacker to regain access to your files. Instead, contact the police and register a complaint.

There are tips and software available on the internet which can help you restore your data, but don’t expect any miracles. The best thing you can do is contact a specialist who will try to fix your infected machine.