Ransomware, malware are evolving – what to do if you become a victim

New threats mean brushing up on new protections

Malware can be nasty for many reasons, the most obvious is that it can slow down your computer or make it vulnerable for other tools to infect your system.

At its worst it’s nothing more than a heavy spam tool, but at its best you end up with something a little closer to ransomware.

Ransomware – if you’re not already familiar – is a type of malware that holds your computer hostage. It restricts access to certain apps, system tools, or websites and then demands the user pay a fee (ransom) to have the malware removed.

For advanced users, ransomware is a nuisance and requires an hour or two – and special tools – to remove.

For casual users, ransomware can be downright horrifying. Especially, since some of the tactics used by these infections are intimidating.

For example, many forms of ransomware will lock you out of your computer, or the add/remove programs panel so that you cannot remove it the easy way. The most dangerous ransomware can encrypt your personal files – or hide them – so you cannot access the content until you pay the ransom.

Personal files affected can be anything from important business or tax documents to personal photos and videos.

As you’ve no doubt realized by now, ransomware is not something you want to encounter, but it happens – even to the most tech literate of folks. And it doesn’t help that it’s on the rise either.

There’s a lot you can do to prevent it, but in the event your computer is seized by ransomware, there are steps you can take to remove it, as well. If you do find yourself face to face with an infected computer, it’s important not to panic, and be sure to review the resources we have provided below.

How do computers get infected?

Because ransomware is a form of malware, it can infect computers in the same way.

• Download: Most people think they are safe if they don’t download files or content often but that’s not necessarily true. One of the most common ways for malware and ransomware to get onto a computer is that it’s downloaded by one of the users. This can even be done unknowingly, after you click a malicious advertisement, link, or even interact with a pop-up.
• Exploits: This type of infection is less common, but it does happen. Some malware can infect machines by getting past security vulnerabilities in apps, virus software, or the operating system. The most common form of exploit infection comes from web browsers and web applications such as Flash.
• Email: With email infections, you still need to click on a link or download a file. That is why you should always be careful when opening emails – especially from people you don’t know. Regardless, hackers can embed an infected file or link in an email that attacks as soon as you interact with it.
• Phishing: Phishing is when hackers create a web form or site that looks identical to an official one. You access the site by accident by following an email or web link and are tricked into submitting your login details and personal info. These types of sites can also be used to trick you into downloading ransomware after you let your guard down thinking they are safe to browse.

How to protect yourself and your computer

One the best ways to protect yourself from malware and ransomware is preventative maintenance. That is, you should be carrying out these tasks on a regular basis before something happens.

1. Create Data Backups: Whether you backup your personal or business related content to a cloud account or another local drive matters little. Heck, if you have the opportunity do both. What matters is that you are making frequent backups, especially of your important documents. In the event your computer is infected by ransomware, you will likely lose some amount of data so it’s best to have everything backed up. This also protects you from the occasional hardware failure too, which is known to happen.
2. Keep Everything Up-to-Date: You’ll want to keep all your applications, operating systems, security tools, and anything else you use up-to-date (especially your web browser). Not only does this take care of bugs and performance issues, but also security problems that developers patch out.
3. Secure Your Computer: Use anti-virus and malware software to protect your computer from harm. As mentioned in the step above, always keep your security tools up-to-date, as well.
4. Avoid Suspicious Links, Ads, and Attachments: Sometimes, you make a mistake and click on the wrong page element or open an attachment you didn’t mean to. It happens to the best of us. Still, you should always do what you can to avoid anything suspicious. Avoid emails with attachments from people you don’t know. Double check emails for phishing links even if it’s a company you trust. Avoid suspicious websites, especially ones that use pop-up ads. Most importantly, just use common sense to avoid bad areas of the internet.

Under no circumstances should you ever pay money to remove ransomware or malware. If you don’t know what to do, enlist help from a professional.

There is no guarantee the malware author will restore your computer, files, or apps even after you pay. They may even try to extort more money out of you if you do so.

What to do when you get infected

If your computer has been infected, do the following immediately:

1. Disconnect your computer from the network or disable internet access. This will prevent the infection from spreading. It will also prevent the ransomware from making things worse in some cases.
2. If you have a recent system restore point – from before the malware appeared, obviously – then give that a try. If you have recent backups of your data, then just format your operating system and conduct a clean reinstall of Windows. Many people choose not to do this, but it’s really the best – and safest – option.
3. Boot into safe mode and run your anti-virus software to remove the infection. Most virus tools include an option to conduct a boot scan, which will remove infected content before booting into Windows. Use this option if it’s available.
4. Download the EMSIsoft Emergency Kit scanner on another computer and move it to a portable flash drive. Important:Before using the tool on the infected computer, run it on a computer that has internet accessso it can update the database.
5. If your files were encrypted or hidden by the ransomware – use this site to identify what type of malware you encountered. Once you identify the malware, you can find a decrypting tool to restore your files or locked data.

Are there any other tools I can use?

Alternate tools to fight off a computer infection include:

• MalwareBytes Anti-Malware
• MalwareBytes Anti-Ransomware
• Kaspersky TDSSKiller – Rootkit removal tool
• Kaspersky WindowsUnlocker
• IObit Malware Fighter
• McAfee Stinger

#FightRansomware