Ransomware Holds Computers Hostage

Why your computer has just been kidnapped and what to do

Open briefcase with money inside

Nikola Nastasic / E+ / Getty Images

Ransomware attacks are on the rise. A type of malware, ransomware holds your computer hostage by encrypting its data or by making it inaccessible in some way. The ransomware then demands that you pay ransom money to the cybercriminal who installed the malware or tricked you into installing it. Often, the hackers demand payment in digital currency like Bitcoin so nobody can track the payments.

Ransomware amounts to criminal extortion.

What Is Ransomware?

Ransomware is usually a Trojan horse-type malware infection that renders a victim's computer inoperable. The virus frequently includes a pop-up message claiming to be from a law enforcement agency stating that the victim's computer has been involved in some illegal activity, such as downloading copyrighted material, pirated software, etc.

The pop-up notices displayed on infected computers often state that the victim will be arrested unless he or she pays a "fine" to the fictitious law-enforcement agency via wire transfer or by using some other anonymous form of payment.

While many people would be quick to realize that this is a scam, the content of the pop-up message can seem quite convincing, especially when official-looking government seals and logos accompany it. You might think that no one would fall for this type of scam. Still, according to Symantec, up to 2.9 percent of the people targeted by this scam will end up paying the money. They pay out of fear of perceived consequences or desperation to regain access to the data on their computers.

The sad part for victims that pay the "fine" or "fee" to the scammers is that most never receive the code needed to unlock their computer or regain access to the data that was encrypted by the ransomware.

How Can I Tell If I Have Ransomware on My Computer?

A computer infected with ransomware will become inoperable in some way. It will usually produce a pop-up message explaining what the scammer wants you to do. The key elements of a ransomware scam are the threat made by the software to you or your computer, accompanied by the perpetrator's request for payment. They will also provide you with the method that they want you to submit payment to them.

What Should I Do If My System Has a Ransomware Infection?

You are better off not complying with any demands made by the criminals who perpetrate these Ransomware scams. Their fabricated threats prey on fear. Even if you submitted payment to them, there is no guarantee that they will provide you with a code to unlock your system. Chances are, they won't do anything but take your money.

The best course of action you can take is to use an offline anti-malware scanner to detect and remove the Trojan horse malware that is holding your system hostage. Your chances of successfully removing the malware are higher if the ransomware is the non-encrypting type. Data affected by an encrypting form of ransomware is more difficult to rescue.

Either way, you should try to scan and remove the software and forget about sending the scammers any money as it would only encourage them to try the scam on more people.

Ransomware Removal Option

If all else fails, try contacting the folks at Bleepingcomputer. Bleepingcomputer is a web-based community technical support site that has a group of malware removal experts who donate their time to help malware victims who have tried everything else.

They will ask you to perform specific actions and provide them with various log files, which will require some effort on your part, but it's worth it if it helps you get rid of the malware that has taken up residence on your system and is holding your data hostage.

How Can I Prevent Ransomware From Being Installed on My System?

Your best defense is to avoid email attachments from unknown sources and avoid clicking anything in a pop-up window that you receive while browsing the internet.

Make sure your anti-malware software has the latest and highest definition files to be prepared for the current batch of threats that are in the wild. You should also have your anti-malware's 'active' protection mode turned-on so that your computer can detect threats before they infect your system.

Sometimes malware developers will code their malware to try and evade detection by some of the more commercially popular anti-malware scanners. For this reason, you should consider installing a Second Opinion Malware Scanner. Second opinion scanners act as a second line of defense should your primary scanner let something slip through its defenses (this happens a lot more than you would think it would).

You should also make sure that your operating system and application security updates have been applied so that you are not vulnerable to ransomware that enters systems via exploiting unpatched vulnerabilities.