How to defend against ransomware

In September, the FTC hosted a workshop on ransomware, one of the most serious online threats facing people and businesses today — and the most profitable form of malware criminals use. How does ransomware work? Hackers hold your files “hostage”— often encrypting them — then demand payment, typically in bitcoins, for you to get them back.

Missed the workshop? Check out our videos featuring conversations with security researchers, technologists, law enforcers, and business leaders. Want some bite-sized takeaways? Here are some tips to protect your devices from ransomware, and what to do if you’re a victim.

How can I defend against ransomware?

  • Update your software. Use anti-virus software and keep it up-to-date. And set your operating system, web browser, and security software to update automatically on your computer. On mobile devices, you may have to do it manually. If your software is out-of-date, it’s easier for criminals to sneak bad stuff onto your device.
  • Think twice before clicking on links or downloading attachments and apps. According to one panelist, 91% of ransomware is downloaded through phishing emails. You also can get ransomware from visiting a compromised site or through malicious online ads.
  • Back up your important files. From tax forms to family photos, make it part of your routine to back up files on your computers and mobile devices often. When you’re done, log out of the cloud and unplug external hard drives so hackers can’t encrypt and lock your back-ups, too.

 

What if I’m a victim of ransomware?

  • Contain the attack. Disconnect infected devices from your network to keep ransomware from spreading.
  • Restore your computer. If you’ve backed up your files, and removed any malware, you may be able to restore your computer. Follow the instructions from your operating system to re-boot your computer, if possible.
  • Contact law enforcement. Report ransomware attacks to the Internet Crime Complaint Center or an FBI field office. Include any contact information (like the criminals’ email address) or payment information (like a Bitcoin wallet number). This may help with investigations.

 

Should I pay the ransom?

Law enforcement doesn’t recommend paying the ransom, although it’s up to you to determine whether the risks and costs of paying are worth the possibility of getting your files back. If you pay the ransom, there’s no guarantee you’ll get your files back. In fact, agreeing to pay signals to criminals that you haven’t backed up your files. Knowing this, they may increase the ransom price — and may delete or deny access to your files anyway. Even if you do get your files back, they may be corrupted. And you might be a target for other scams.

Worried about ransomware affecting your business? Check out our Business Blog for specific tips.

Comments

Good information for all of us to keep abreast of and read carefully to remember for safety on the internet. Thanks.

Thank you very much for this article; it is very informative.

Thank you so very much for your excellent advice. Printing this now for future reference and handoffs to my friends/family.

Hi, I regularly get landline calls from these ransomware jerks who know too much about me from Dell. They spoof their phone number and don't quit phoning. How can I get them to stop? Complaining to Dell does nothing, as the damage is done.

I also get the phony Dell calls. Don't allow them access to computer and report the phone # they called you from to FTC. That's all you can do.

Thank you for this information. It helps protect people like me to stay updated and aware. I sure appreciate your support and hard work. Good job!

If they want to fix your windows first tell them your window are not broken and you washed they yesterday. This confuses them. When they say computer windows, say my computer does not have windows I have android; then ask them to quit bothering you. This really confuses them more. I have not had a call for a month.

Although it will be hard to run down these crooks, we need a hard, very hard, harsh law on the books in the unlikely even they are caught...Including harsh sanctions against foreign entities....

Thank you I will pass this on to my group

I received a message from a user dior223 on match.com I sent him a message and shortly after he either blocked me or shut down his account, should I be worried, and no I did not give him any personal info or any kind of funds. Should I be worried, seems strange?

Very good information, especially regarding the Bitcoins section.

I feel the government should and could do more to stop all the robo calls and sales calls and ransom ware attacks. I am sure they could trace down the culprits if they were threatening government officials. Am I wrong?

They would but the GOP receives donations from many of these individuals so that probably won't happen.

I real!y appreciate this information. Thank you...!

How can the ransom ware be stopped, when the "Do not call list" doesn't work. It is wasted time on this end to sign up & then report the unwanted calls & nothing is done about it.

Leave a Comment

Comment Policy

Read Our Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.