The word “ransom” probably evokes movie images of cut-out magazine letters pasted together, demanding money in exchange for a loved one.
These days, however, scammers have taken their ransom schemes high-tech with the proliferation of malicious computer programs known as “ransomware.”
Like many computer viruses, ransomware often arrives in phishing e-mails pretending to be from legitimate sources. The programs, for example, can masquerade as notices from your bank, receipts for alleged purchases, or messages from law enforcement, said John Breyault, vice president of policy for the National Consumers League.
What makes the ransomware threat particularly tricky, however, is the rate at which it is evolving. Attacks can be disguised as tempting free video or game downloads or even embedded in the code of otherwise legitimate websites, according to the FBI. There are even reports of Internet-connected smart TVs falling victim to ransomware.
Once the target clicks on the links or downloads the programs, the ransomware goes to work, encrypting all the files — every work document, Adele song, and vacation photo — on the computer. The user receives a notice demanding payment in return for unlocking the files.
“These fraudulent e-mails will often look official; however, they are loaded with infected links and attachments,” Breyault said.
Though ransomware has been around for years, it is on the upswing.
These attacks increased in 2015 and are expected to surge further this year, according to the FBI. Ransomware can be aimed at consumers, businesses, or other institutions; in some cases, ransomware attacks on hospitals have resulted in patients being turned away, Breyault said.
To avoid falling victim to ransomware, consumers should follow many of the same common-sense steps they already use to keep their computers virus-free.
Use a reputable security software and keep it updated, Breyault advised. Back up your files regularly using an external hard drive or a subscription-based cloud computing service like IDrive, CrashPlan, or Carbonite, so your files will remain accessible even if your hard drive is attacked.
But perhaps the best defense is to avoid the attacks all together, Breyault said.
“The best defense against ransomware attacks is to avoid clicking on suspicious links or attachments,” he said.
What should you do if, despite your best efforts, you suspect you have unleashed a ransomware program on your computer? Shut down your computer immediately to stop the spread of the encryption.
Have a consumer question or complaint? Reach Sarah Shemkus at firstname.lastname@example.org.