In case you weren’t aware, the extortion racket has hit cyberspace.
As the name suggests, "ransomware" is a malicious attempt to hold a computer or smartphone hostage — or rather, the data that resides on it.
Cybercriminals then demand an immediate payment for its release.
These scams are not only prevalent but they’re growing significantly, and hitting small to mid-sized businesses (SMBs) as well as enterprise organizations and regular consumers, too, says security experts Symantec.
Just this week, iPhone users were victimized by thieves.
Ransomware was discussed in detail Symantec’s Internet Security Threat Report 2014, Vol. 19. The report found all targeted attacks (including ransomware) have grown by 91 percent compared to 2013 – 30 percent of which were aimed specifically at SMBs. Symantec also found smaller businesses were more vulnerable to attack than large enterprises.
Another startling fact: approximately 60 percent of small businesses who suffered a targeted attack closed within six months.
How 'ransomware' works
Quite simply, thieves try to extort money from you to unlock your Internet-connected computer, usually via credit card payment or some form of money transfer.
While you might think there’s a live person on the other end, ransomware is usually a Trojan virus written by a tech-savvy scam artist at an earlier time – but the threat is just as serious.
Ransomware can be spread in several different ways, be it spam that led to a “phishing” attack or via a so-called "drive-by download," where a browser's vulnerability is exploited should you visit specific malicious websites.
Even if a victim pays the ransom to un-freeze the computer, there’s no guarantee the thieves won’t do it again – after all, they’ve paid once already. Thieves are netting between $100 to $500 USD for each successful ransom payment, says Symantec. Increasingly, attackers are holding data hostage through high-end encryption and threatening to delete the information forever if the fee isn’t paid within a specified time limit.
If you get this extortion message, never pay the criminals to release your computer — even though Symantec says a small percentage of victims do end up paying ransoms (nearly 3 percent, according to a 2013 report).
Instead, try to restore your computer to a prior state using "System Restore" (type System Restore in the search window). If this doesn’t work, restart your computer in "Safe Mode" (usually by pressing F8 when booting up) and then run Internet security software to remove the threat.
How to fight it
You can protect yourself from ransomware in a handful of ways:
* Always back-up your important files on a regular basis. You can use an external hard drive, online (“cloud”) service, USB flash drive or recordable media (such as a disc).
* Use computer security software that protects your PC (and wallet) against viruses and spyware attacks, and be sure to update the definitions quite often -- if it's not set up to do this automatically (which is recommended). Also be sure to keep your operating system updated with the latest version.
* Delete suspicious emails from your bank, ISP, credit card company, and so on, instead of clicking on the link that takes you to a phony site asking you for personal information. Never click on attachments you're not expecting. Same goes for your mobile phone, perhaps with a text message from a seemingly legitimate source, but in fact is a “smishing” attempt (SMS phishing scam).
* When browsing the web, think before clicking on links and banners. Authors of ransomware also like to use pop-up windows that warn you of some kind of malware on your machine. Don't click on the window -- instead, close it with a keyboard command or by right-mouse clicking on your taskbar.
* Don't install programs from untrusted sources. Only download and install apps and software from verified sources like official websites and app stores (but be sure to be familiar with the developer first and read comments from previous customers).
* Be cautious about using free Wi-Fi hotspots (such as at a coffee shop) or public computers (such as in an airport lounge). You never know what nearby cybercrooks are scheming to get a hold of your information.