Ransomware

Ransomware is a type of malware you may find on your system or device after a successful virus or malware attack. Ransomware is different from other kinds of malware. Like keystroke loggers, it focuses on you and your data, but it makes no secret that it’s there. As soon as it’s on your system, ransomware announces itself to you. Ransomware works by taking control of your system and holding your information hostage until you pay the ransom to your attackers to get your data back. Ransomware is one of the most blatant and obvious criminal money-making schemes out there. And because it can be the most immediately painful to you by locking up your data, it’s also one of the most successful schemes out there. Antivirus and anti-malware help protect your data by stopping ransomware attacks before they can touch and harm your data.

• Ransomware can track affected users’ geographic locations and scare them with a scam faking their respective countries’ police force.
• To avoid being traced, ransomware does not usually accept credit payments. Instead it asks for payment in the form of vouchers that can be used to buy goods and services online.
• Some ransomware variants do not send a popup message—they verbally request users to pay up, often in the users’ native language.

Like most virus and malware attacks. Ransomware attacks happen through a combination of exploiting vulnerabilities in software, tricking users through the use of Trojan horses, and social engineering attacks to convince you to download the ransomware. Once the ransomware is on your system it will identify files that the attackers think are valuable to you and lock them away in an encrypted format so you can’t use them. The ransomware will appear on your screen with some set of instructions that explain that it’s taken your files hostage and give you information on how to make payment to get your files back. Typically if you follow the instructions and pay the ransom, you will get access to your files again. But at this point, the attackers often have your credit card information so you’re at risk of further financial losses.

Over the past year, researchers have seen a variation on the ransomware scheme where the message will claim to be from a law enforcement agency like the FBI, or Interpol. The message will claim that they’ve caught you engaged in illegal activity and that you have to pay a fine right away. What’s particularly tricky about this tactic is that these attacks often target someone visiting online porn or illegal file sharing sites. Users are already feeling guilty about their activity and the criminals know this and are playing on this. As with regular ransomware, you’ll get instructions on how to pay the ransom (in this case called a “fine”). Once again, if you pay the fine, you’ll get access to your files.

Because ransomware attacks lock up your files in hard-to-crack encrypted files, recovering from a ransomware attack can be very difficult. The best thing you can do for yourself and your data is to prevent ransomware from getting on your system in the first place. Because it can defend against attacks that lead to ransomware, as well as detect and delete ransomware itself, up-to-date antivirus and anti-malware is the best way to keep ransomware off your systems and devices and keep your data under your control.

Trend Micro recommends the following product to help you regain control of your system:

FOR SMALL & MEDIUM BUSINESS

WORRY-FREE BUSINESS SECURITY SERVICES

Hosted by Trend Micro experts—maintenance free and no server is required.

• Web threat protection
• Antivirus, antispyware, and antispam
• URL filtering

• Data loss prevention via USB
• Data loss prevention via email
• Protection for Android devices
• Protection for both PCs and Macs

Learn More >