To keep your business running smoothly, you need computer and network security. It is important to maintain your network and systems, making sure they are virus and malware free, current with security patches, and running at optimal performance.
Ransomware is a type of malware that prevents you from using your computer or accessing your data until you pay a certain amount or "ransom" to a remote entity. There are two types of ransomware:
- Lockscreen ransomware, which displays a full-screen image or webpage that prevents you from accessing anything in your computer, and
- Encryption ransomware, which encrypts your files with a password, preventing you from opening them
Most ransomware displays a notification, saying that the ‘authorities in your location have detected illegal activity in your computer’. To avoid prosecution, and regain access to your files, ransomware demand payment from you in the form of a "fine".
Paying the "fine" does not necessarily return your computer to a usable state. We do not advise that you pay. With ransomware, the threat of prosecution does not come from the legitimate authorities.
FAQ’s about ransomware
Q: Is it true that the legal authorities in my area have detected illegal activities in my computer?
A: No. These warnings are fake and have no association whatsoever with the legitimate authorities. The operators of ransomware abuse the tone, images and logos of legal institutions to give their scam an air of legitimacy.
Q: I cannot access my computer or my files. Should I just go ahead and pay these people to regain access?
A: No. Do not pay, regardless of how legitimate or threatening the claims look. You will only end up giving money to criminals, who have no intention of giving you back access to your computer or files.
Q: What should I do if I've paid the scammers?
A: In all cases, you should contact your financial institution and your local authorities. If you paid with a credit card, your financial institution may be able to block the transaction and return the money to you.
Q: How did the scammers know my IP address?
A: There are publicly available tools online that can check a computer's IP address. Getting IP addresses is common behavior for malware - in the case of ransomware, it is used as another scare tactic.
Q: How did ransomware get on my computer?
A: Ransomware, like other malware, can arrive in a variety of ways. However, in most instances, it is downloaded automatically into your computer when you visit a malicious website or a website that's been compromised.
Q: How do I regain access to my computer or files?
A: Do not pay the fine. Ransomware have varying behavior and will have to be removed in different ways. Refer to How to remove a ransomware infection for steps on how to remove ransomware.
For computer system security, contact Sudbury Computer.
Excerpts - microsoft