Is Ransomware Holding Your Computer Hostage?

Your data has just been kidnapped

Open briefcase with money inside
Nikola Nastasic/E+/Getty Images

Ransomware may sound like some kind of underground fashion trend but it's far from it. Ransomware is a type of malware that holds your computer hostage by encrypting its data or by making it inaccessible in some way. The Ransomware then demands that you pay ransom money to the cybercriminal who installed the malware or tricked you into installing it.

Ransomware amounts to criminal extortion. Ransomware is usually a Trojan horse-type malware infection that renders a victim's computer inoperable.

The infection frequently includes a pop-up message claiming to be from a law enforcement agency stating that the victim's computer has been involved in some kind of illegal activity, such as downloading copyrighted material, pirated software, etc. The pop-up notices displayed on infected computers often state that the victim will be arrested unless he or she pays a "fine" to the fictitious law enforcement agency via wire transfer or by using some other anonymous form of payment.

While many people would be quick to realize that this is a scam, the content of the pop-up message can seem quite convincing, especially when it is accompanied by official-looking government seals and logos. You would think that no one would fall for this type of scam but according to Symantec, up to 2.9% of the people targeted by this scam will end up paying the money, either out of fear of the perceived consequences, or because they are desperate to regain access to the data on their computers.

The sad part for victims that pay the "fine" or "fee" to the scammers is that most never receive the code needed to unlock their computer or regain access to the data that was encrypted by the Ransomware.

How Can I Tell if I Have Ransomware on my Computer?

After your computer is infected with Ransomware, the malware will render your computer inoperable in some way and will usually produce a pop-up message explaining what the scammer wants you to do.

The key elements of a Ransomware scam is the threat made by the software to you or your computer, accompanied by a request for payment by the person perpetrating the scam. They will also provide you with the method that they want you to submit payment to them.

What Should I do if my System has a Ransomware Infection?

You are better off not complying with any demands made by the criminals who perpetrate these Ransomware scams. Their threats are fabricated and are meant to prey on fear. Even if you submitted payment to them, there is no guarantee that they will provide you with a code to unlock your system. Chances are, they won't do anything but take your money.

The best course of action you can take is to use an offline anti-malware scanner to detect and remove the Trojan horse malware that is holding your system hostage. If the Ransomware is the non-encrypting type, then your chances of successfully removing the malware is likely higher than if your data has been encrypted by an encrypting form of Ransomware. Either way, you should try to scan and remove the software and forget about sending the scammers any money as it would only encourage them to try the scam on more people.

If all else fails, try contacting the folks at Bleepingcomputer.

Bleepingcomputer is a web-based community technical support site that has a group of malware removal experts who donate their time to help malware victims who have tried everything else. They will ask you to perform certain actions and provide them with various log files, which will require some effort on your part, but it's totally worth it if it helps you get rid of the malware that has taken up residence on your system and is holding your data hostage.

How Can I Prevent Ransomware From Being Installed on my System?

Your best defense is to not click on e-mail attachments from unknown sources and avoid clicking anything in a pop up window that you receive while browsing the Internet.

Make sure your anti-malware software has the latest and greatest definition files so that it is prepared for the current batch of threats that are in the wild. You should also have your anti-malware's 'active' protection mode turned-on so that your computer can detect threats before they infect your system.

Sometimes malware developers will code their malware to try and evade detection by some of the more commercially popular anti-malware scanners. For this reason, you should consider installing a Second Opinion Malware Scanner. Second opinion scanners act as a second line of defense should your primary scanner let something slip through its defenses (this happens a lot more than you would think it would).

You should also make sure that your OS and application security updates have been applied so that you are not vulnerable to Ransomware that enters systems via exploiting unpatched vulnerabilities.