Ransomware is malware designed to scare computer users and force them to pay a ransom. In comparison with a term “scareware” used for defining programs that exploit victim’s fear, “ransomware” clearly defines a forceful way used by cyber criminals for money extortion. As an example, rogueware designed to scare computer users with false messages for selling useless programs but leave victim’s action optional. “Ransomware” completely blocks victim’s access to an infected computer and forces to pay ransom for getting access back.
Why Police or FBI Locked Your Computer?
Victims of a ransomware attack would resist responding to a request for any money transfer that looks obviously as a criminal attempt of money extortion. Though, cyber criminals employ social engineering for deception that would influence victim’s reaction and force a victim to pay ransom. Ransomware is often formed as a message that comes from authorities and law enforcement agencies that accuse a victim in a supposedly committed crime and request a fine for breaking the law.
Locked screen forces victims to read malicious message and take it serious after reading about a serious punishment for those who refuse to make payment. Visuals displayed by ransomware are also designed to scare victims on a subconscious level and make such a message looking credible. Seals of FBI and other agencies related to Cyber Crime investigation or a local police are usually used for this purpose. Handcuffs and mocked evidence collection performed with a help of victim’s webcam is also a common trick used for making victim’s scared. Not optional is a request for a fine (ransom) paid with Green Dot Moneypak, PaySafeCard, Ukash, and other like means that make money transfer anonymous and help cyber criminals walk free with your money. So, neither FBI nor other law enforcement agency is responsible for locking your computer, and there is no guaranty that paying ransom will unlock it.
How Can You Detect Ransomware?
Locked computer with a message asking for money displayed is a first sign. Do not panic, and take a careful look at details. Then, think and try to find more information if in doubt before making any payment. It is very unlikely that any country authorities would collect fines through payment systems that cannot track money transfers. Cyber criminals love Moneypak, Ukash, PaySafeCard and like payment systems because they let collect victims’ money without being arrested. So, request for making payment through prepaid cards is a sign of a ransomware scam. Improper language also helps to detect malicious intent. While language used in legal documents is often difficult to understand, it cannot be full of obvious grammatical and spelling errors and casual ways often present in ransomware messages. Most of ransomware related programs detect victim’s country by IP address and tailor displayed messages accordingly. While word-wide conspiracy of well-educated attorneys is barely possible, different flaws in ransomware messages are inevitable. Even free security software will detect known ransomware since it is one of the most dangerous threats, and it is better to have one installed.
How Can You Remove Ransomware?
The answer depends on ransomware design. Turning power off or restarting your computer and removing internet files might be sufficient effort against ransomware caused by scripts linked to an infected webpage. If this do not help, then rensomware infection already resides in your system. Try to use System Restore utility that can help to remove or disable installed malicious components. However, cyber criminals often block user’s access to Windows system tools, and you need to start your computer in a Safe Mode that circumvents third-party programs and disables such blocking. Unfortunately, there is ransomware protected by a rootkits that are started as system drivers despite of Safe Mode feature and completely blocks security software that can detect and remove this malware. Then, you will need special tools for killing rootkits before you will be able to remove a screen locker that tries to extort your money.
Should You Pay a Ransom?
Do not support cybercrime. It is often just a useless waste of your money. There is only one type of ransomware that can limit your choices to only one. It is called crypto-locker that encrypts files on victim’s computer. There is no reliable way to get encrypted files back in a different way and avoid paying ransom. Computer users that have valuable content encrypted are forced to pay cyber criminals for decryption unless they use backup or cloud storage for data protection. However, not all ransomware that claims file encryption is a crypto locker. Cyber criminals often scare victims with file encryption but only lock victim’s access to certain files. So, do not pay before you are sure that your computer is infected with a real crypto locker. Using special software can protect your computer against this ransomware infection, but there is no reliable software that can decrypt garbled files. So, it is difficult to avoid paying ransom if you didn’t store a copy of your valuable data in a different place, but only a true crypto locker can leave you without different choice and less expensive problem solution.
How to Protect Your Computer against Ransomware?
While protection against ransomware is incorporated in any anti-virus product, it can only prevent detection if signatures of malicious components are saved in the virus database. Newest species of ransomware virus can infect computers that are protected, and computer that is not protected is open to any of ransomware infections. The size of a ransom runs up to $500, and it is not wise to save on security products that help to protect your computer against ransomware infection. Since there is no full-proof protection that software can offer, it is also important to follow safe practices that help to prevent infections. Clicking links and buttons placed in suspicious popup boxes with some attractively looking offers can help cyber criminals to infect your computer with ransomware. Visiting websites related to games and adult content is just as dangerous as using torrents and sharing content on peer-to-peer networks. The newest way of infection involves fake advertising linked to malicious websites. So, it is better to remove adware as soon as you get it and avoid clicking suspicious ads and all links placed on suspicious websites. It helps to prevent ransomware infection.