How to Prevent and Remove Ransomware
Imagine logging on to your laptop to work on an important document or look at old family photos only to find that the folder is blocked. If you’re the victim of a ransomware attack this is usually about the time a popup or lockscreen will appear demanding payment in return for access to your precious files.
What is Ransomware?
Ransomware, as its name implies, is a type of malware (or virus) which is used to extort computer users into paying a ransom. Ransomware is usually covertly installed on a user’s computer via a trojan virus disguised as a legitimate link or attachment.
Ransomware can lock your computer, encrypt your data, or put embarrassing content on your system to prevent you from using it properly – or at all – until you pay.
3 Things You Need to Know About Ransomware
- Ransomware is becoming more and more common, according to the FBI. This means that the odds of your computer getting infected increase with time. A new form of online criminality that began in Russia has become so severe that the FBI issued an official warning.
- It is easy to get infected. Just how easy? Your computer can become infected if you simply click on an infected popup, accidentally get into an infected website, or simply open an infected email attachment.
- You may not know that you are being extorted. Sometimes victims are made to believe that they are being investigated by the police or the FBI. Remember this if you receive a message ordering you to pay a fine for downloading unlicensed software or illegal content onto your computer.
How to Remove Ransomware
Let’s start with a hard truth: preventing malware from reaching your computer in the first place is a much easier task than removing malware.
That being said, if you’ve been hit by one of the less tenacious forms of ransomware, off-the-shelf tools like Malwarebytes – or even some of Windows’ built-in tools – might be sufficient to remove the problem and regain access to your files.
Beyond that, companies such as Bitdefender, Trend Micro and Kaspersky all offer consumer ransomware removal tools that offer some level of effectiveness against certain specific strains of ransomware.
There are also companies that offer their services to deal directly with the criminal hackers behind the attacks, using a combination of negotiation and counter-hacking to try and reach a compromise resolution.
However, there isn’t any guaranteed method of getting your files back after a ransomware attack unless you pay the hackers. And even then, being labeled by ruthless criminals as someone willing to pay up is not a comfortable position to be in.
For direct downloads of free ransomware decryption tools check out No More Ransoms.
How to Prevent Ransomware
So, ransomware removal is a confusing mess that is only sometimes effective. That doesn’t mean that there’s nothing that you can do. If you’re worried about ransomware, there are effective preventative measures you can take to mitigate your risks.
Use recommended virus software. This is the single best method to prevent your system from being infected in the first place. Make sure to choose a well-reviewed security suite with good independent test scores for the detection of malicious programs both known and unknown.
Backup all of your files. If you have full – preferably multiple – backups of your files you negate the attackers’ main hold over you. No other method is as full-proof. Many of the virus products we recommend come with powerful backup capabilities, so take a look at those too.
Keep an eye on file extensions. If you see file extensions like ‘.exe’, ‘.vbs’ or ‘.scr’, you should be on alert, especially if the file purports to be a document or image. The best way to stay on top of this is to enable ‘Show file extensions’ in Windows settings.
Stay suspicious. Train yourself to take a breath before you click on a link or attachment. It’s very easy to click before thinking, especially if you feel you’re in a safe environment. Remember, even if that link came from a friend there’s always a chance that their system has already been compromised.