How to keep cybercriminals from locking up your computer, and what to do if they have

Fri, Jun 4, 2021, 12:19 PM 4 min read

Another week, another slew of ransomware attacks. This week, both JBS, one of the largest meat producers in the U.S., and the Massachusetts Steamship Authority, which services Martha’s Vineyard and Nantucket, saw their services disrupted by ransomware.

Those attacks follow last month’s Colonial Pipeline ransomware attack, which cut off 45% of the East Coast’s fuel supply for nearly a week, causing panic buying and shortages in a number of southern states. Then there’s the continuing spate of attacks on hospitals that skyrocketed during the height of the pandemic.

But ransomware doesn’t just hit major corporations—it’s been happening to everyday people for years, and it’s still a threat today.

These are the best ways to avoid being the victim of an attack, and what to do if you’re unfortunate enough to get hit.

Avoid opening unknown solicited emails or visiting unknown sites.
Use antivirus software.
Do not pay a ransom.
Store your most important files online.

What is ransomware

Ransomware is a type of malware that locks down your computer, keeping you from accessing your important files unless you pay a ransom — usually in the form of cryptocurrency. Think of ransomware as a lock on your content. The only way to supposedly get the key to the lock — and access to your photos and documents— is to pay up.

Criminals, of course, say they’ll give you the keys, but they’re criminals, which means you can’t trust them. They also like to scare victims by making their splash screens showing that you’ve been hacked look as frightening as possible. That’s all show, though.

That said, if you are infected, it’s very true that your files are likely locked down for good. Thankfully, there are some steps you can take to avoid ransomware attacks.

Tread carefully online

Ransomware works in two main ways: via email or a drive-by download. In emails, ransomware attacks come in the form of phishing emails or emails from cybercriminals masquerading as emails from known providers like financial institutions, shipping agencies, or major retailers.

Those emails will contain links or files that, when clicked on, will download ransomware onto your computer. But malware doesn’t show up on every kind of device.

Drive-by downloads are malware threats that download to your computer from a fraudulent website. Click the link to the site, and it will download the ransomware to your computer.

Ransomware on your iPhone is incredibly rare. Android ransomware poses a larger threat, especially for people who download apps from third-party app stores. That’s because of the closed off nature of Apple’s (AAPL) iOS and Google’s (GOOG, GOOGL) Android.

That’s not the same for Microsoft’s (MSFT) Windows or Apple’s macOS. The open nature of those operating systems, not to mention Windows’ huge install base, makes desktops and laptops prime targets for cybercriminals.

The best way for you to stay safe is to stick to the websites you know and only open emails from people you know. That isn’t always tenable, though, as scammers have become far more sophisticated at aping the emails of companies, and drive-by downloads can pop up on sites you may navigate to by accident.

To better protect yourself, online you should install an antivirus program on your laptop or desktop. A number of them can detect malware before you install it, preventing you from falling victim to it.

You can also change your settings on your Windows or macOS computer so that it asks you if you want to install a program, making it harder for ransomware to damage your system.

What to do if you’ve been infected

If you’ve downloaded ransomware, you’ll likely know you’ve been infected in short order. Most of the time, you’ll receive a popup telling you your files are now locked down. Believe me, it will be noticeable too. Cybercriminals aren’t exactly subtle when it comes to this kind of stuff.

There’s some good news and bad news here. If you have been infected, your files are definitely locked down and pretty much gone. There’s no reason to pay the cybercriminals, because there’s no guarantee they’ll give you the keys to unlock your content—and doing so only emboldens them to victimize others.

There are some things you can do, though. If you’ve been backing up important files online, like those photos from family holidays or tax documents, they’re totally fine. Just because your computer is compromised doesn’t mean your online accounts are. They’re completely separate.

Your best solution is to reformat your computer, which more or less means erasing its contents and starting fresh. Once you’ve done that, you should be free to reinstall all of your old programs and apps, and download any files you lost from your online storage.

Above all, remember: Cybercriminals are still criminals, and paying them won’t ever help you.

Sign up for Yahoo Finance Tech newsletter

Got a tip? Email Daniel Howley at dhowley@yahoofinance.com over via encrypted mail at danielphowley@protonmail.com, and follow him on Twitter at @DanielHowley.

More from Dan: