Ransomware Holds Computers Hostage

Why your computer has just been kidnapped and what to do

Open briefcase with money inside
Nikola Nastasic/E+/Getty Images

Ransomware attacks are on the rise. A type of malware, Ransomware holds your computer hostage by encrypting its data or by making it inaccessible in some way. The Ransomware then demands that you pay ransom money to the cybercriminal who installed the malware or tricked you into installing it. Often, the hackers demand payment in digital currency like Bitcoin so the payments can't be tracked.

Ransomware amounts to criminal extortion.

What Is Ransomware?

Ransomware is usually a Trojan horse-type malware infection that renders a victim's computer inoperable. The infection frequently includes a pop-up message claiming to be from a law enforcement agency stating that the victim's computer has been involved in some kind of illegal activity, such as downloading copyrighted material, pirated software, etc.

The pop-up notices displayed on infected computers often state that the victim will be arrested unless he or she pays a "fine" to the fictitious law enforcement agency via wire transfer or by using some other anonymous form of payment.

While many people would be quick to realize that this is a scam, the content of the pop-up message can seem quite convincing, especially when it is accompanied by official-looking government seals and logos. You might think that no one would fall for this type of scam but according to Symantec, up to 2.9 percent of the people targeted by this scam will end up paying the money, either out of fear of the perceived consequences or because they are desperate to regain access to the data on their computers.

The sad part for victims that pay the "fine" or "fee" to the scammers is that most never receive the code needed to unlock their computer or regain access to the data that was encrypted by the Ransomware.

How Can I Tell if I Have Ransomware on My Computer?

After your computer is infected with ransomware, the malware will render your computer inoperable in some way and will usually produce a pop-up message explaining what the scammer wants you to do. The key elements of a ransomware scam is the threat made by the software to you or your computer, accompanied by a request for payment by the person perpetrating the scam. They will also provide you with the method that they want you to submit payment to them.

What Should I Do if My System Has a Ransomware Infection?

You are better off not complying with any demands made by the criminals who perpetrate these Ransomware scams. Their threats are fabricated and are meant to prey on fear. Even if you submitted payment to them, there is no guarantee that they will provide you with a code to unlock your system. Chances are, they won't do anything but take your money.

The best course of action you can take is to use an offline anti-malware scanner to detect and remove the Trojan horse malware that is holding your system hostage. If the ransomware is the non-encrypting type, then your chances of successfully removing the malware is likely higher than if your data has been encrypted by an encrypting form of ransomware.

Either way, you should try to scan and remove the software and forget about sending the scammers any money as it would only encourage them to try the scam on more people.

Ransomware Removal Option

If all else fails, try contacting the folks at Bleepingcomputer. Bleepingcomputer is a web-based community technical support site that has a group of malware removal experts who donate their time to help malware victims who have tried everything else.

They will ask you to perform certain actions and provide them with various log files, which will require some effort on your part, but it's totally worth it if it helps you get rid of the malware that has taken up residence on your system and is holding your data hostage.

How Can I Prevent Ransomware From Being Installed On My System?

Your best defense is to not click on e-mail attachments from unknown sources and avoid clicking anything in a pop-up window that you receive while browsing the Internet.

Make sure your anti-malware software has the latest and greatest definition files so that it is prepared for the current batch of threats that are in the wild. You should also have your anti-malware's 'active' protection mode turned-on so that your computer can detect threats before they infect your system.

Sometimes malware developers will code their malware to try and evade detection by some of the more commercially popular anti-malware scanners. For this reason, you should consider installing a Second Opinion Malware Scanner. Second opinion scanners act as a second line of defense should your primary scanner let something slip through its defenses (this happens a lot more than you would think it would).

You should also make sure that your operating system and application security updates have been applied so that you are not vulnerable to ransomware that enters systems via exploiting unpatched vulnerabilities.