We can all agree that ransomwares are such a headache. Ransomwares are programs that searches a hard drive for user-valuable information (such as documents, tables, images, and databases) and encrypts everything it finds, locking the files. Then, it displays a message demanding payment to restore the data.
What to do if your device is infected with Ransomware?
If your gets encrypted, do not panic. There are some methods to restore your files.
- Do not pay. Each ransom payment represents a financial contribution to malware development and a signal to the cybercriminals that the scheme is profitable. And it may not work — you may get nothing even if you comply.
- Use the Crypto Sheriff service on the No More Ransom website to find out what malware has infected your drive. A decryptor may already exist for it, in which case you can use it to recover your data without spending a dime.
- No More Ransom, which is supported by Europol and various anticybercrime companies, hosts dozens of decryptors.
- If you’re unable to find a decryptor for the ransomware that attacked you, keep checking; one might be released any day.
Protect Yourself
As the old saying goes, “prevention is better than cure”. So, it’s a good practice to ensure that you are safe from ransomware threat.
Make Backups
Regularly save important files and documents to a cloud storage or to an external hard drive. Having a backup in the event of a ransomware attack means you don’t have to lose any work.
Be careful with messages
E-mail attachments and infected websites are the most common hiding places for ransomware Trojans, so treat all unexpected e-mails and messages as potential sources of danger. What makes a message suspicious, though? It’s a gray area requiring consideration and judgment.
- Make sure you know the sender. Treat content, attachments and links in e-mails from strangers with the utmost skepticism. This applies to messages in messaging apps, social networks, and forums as well.
- To encounter such messages less often, configure spam filtering and mail traffic scanning in your security solution.
- If you receive a suspicious link or file that you weren’t expecting from someone you do know, contact them by phone or in another format; their account or mailbox may have been compromised.
Avoid suspicious websites
Not limiting themselves to links in e-mails, cybercriminals employ a formidable array of tricks to dupe victims into downloading malware. If clicking on a banner results in an unexpected Web resource appearing, or the screen prompting you to download something, close the page immediately. You are very likely seeing an infection attempt.
Update software in a timely manner
To penetrate devices, cybercriminals often exploit known vulnerabilities that developers have already patched. Anyone who doesn’t update their software regularly is at particular risk. Turn on automatic updates wherever possible, and regularly check for updates for apps that don’t update automatically.
Install a security solution
Modern security solutions can identify and block malware in real time. For example, antivirus software includes a range of tools to protect users against ransomware. Even in the unlikely event that a particularly cunning piece of malware makes it past file antivirus protection, it won’t be able to do much.
Sources:
https://www.kaspersky.com/blog/ransomware-five-tips/41444/
https://www.kaspersky.com/resource-center/threats/how-to-prevent-ransomware
https://www.kaspersky.com/blog/anti-ransomware-all-in-one/31324/