On Getting a Ransom Message
Kidnapping for ransom is not only a hot topic of crime movies but a real-life reality as well. The level of crime varies country wise. It, however, is on a considerably large scale in third world countries, especially the war-hit regions. A typical example of kidnapping for ransom is the Hollywood top-rated movie “Die Hard“. John McCane’s got a Ransom note for the safe return of her daughter, who was kidnapped, for a large sum of money.
The ransom notes have transformed from paper to digital. The data on our computers is a new hostage now. ‘Ransomware’ is a term coined for this innovative Cyber hiking. It is but the latest of online frauds generating hefty cash for the global e-hikers. Let us try to understand how hikers access a computer and what safety measures are possible to assure.
How Does It Look?
Your computer stops to open your much-needed files. You fail to access your snaps, and the same starts happening with your other data inventory, videos d every sort of your storage. The data is intact safely stored on your computer, but you are unable to open it. In extreme cases, access to your computer or web site stops completely. At this point, you get a message (usually email) for paying a certain amount to someone for the release of access to your computer and the data on it. A ransom is asked in cryptocurrency, the bitcoin, the first choice in most cases. Need not to rush to buy a cryptocurrency for following the remittance instructions. Instead, go through the guidelines provided below.
Ransomware is a piece of software that scrambles files and demands a payment before unscrambling.
It is the most stringent malware so far. It works silently, making it known after it completely takes over a company, agency, or department. No particular computer is the target of ransomware. It can attack any computer. It spread through social networking, email, SMS, and clicking links. Spoofed emails deceiving people to open malicious attachments is a common technique of its spread.
The other popular way is to ask for downloading a file through legitimate social media networks. A harmless-looking link often leads to a download from an infected site that places the malware on the user’s computer without mention. The hackers then track infected computers through their systems and ask for an online payment that is not traceable by law enforcement authorities. Cryptocurrencies and similar systems are the most preferred payment methods by hackers.
Check Your Computer First.
Sometimes it is another less harmful ‘fake’ ransomware notice. The actual ransomware locks your computer screen, making your files inaccessible.
Type 1. Encryption Ransomware
- Your Windows computer shows that “Windows can’t open this file,” or that the file is of an “Unknown file type.”
- Mac users are advised there is “No associated application,” or “There is no application set to open the document.”
Encryption ransomware can reach your data that includes documents, files, photos, and website files. The landing page of a web site displays other than a routine programmed message in case of a ransomware attack. You will get an email or message on your screen informing about the hacking of files and the method of payment for the release and restoration of your computer data.
Type 2 Showing Text
The second scenario is that your computer is locked. You are not getting a message in an email or on a computer screen. You see a random text on starting your computer that seemingly appears from a law enforcement authority, anti-crime department, or e-crime agency. The text varies from the hacker to hacker, asking that you are involved in illegal activities. You are asked to pay a fine to get your files resorted.
Why You Pay?
Should you or anyone other pay a ransom? Ethically it is supported. Paying ransom means funding illegal activity. These funds are going for more criminal activities. On the other hand, it is a way of encouraging hackers to stick to such scams. By paying, you are losing your hard money and facing the risk of a next attack from the same hacker. It is even not sure that hackers will release your computer after getting the payment.
The Way Forward If Infected
The best approach if your computer gets infected with ransomware is to stay calm. The following steps below, however, can help in limiting the damage.
- The immediate first reaction to know the infection is to disconnect your computer from the internet. It will stop sending your data to the hacker.
- Note the available information about the virus and effected files if you still have access to your data, especially the files marked by your security software or operating system.
- If failed, check the message details, and also note the date of the changing of files. It is essential information for restoring from an earlier safer backup.
- Access to another computer to search and study details about the virus.
- Use a clean device for changing passwords for all your accounts that you logged from the infected computer.
- Consult the matter of a Cybersecurity expert if he can clean your infected computer.
Get Rid of Ransomware
The next step is to get rid of the ransomware. The following step can help.
1. Identify Type of Ransomware
You need to identify the malware. Not all, but many now are known. The security companies have developed solutions against some known ransomware. Check the details on Google and sites like ID Ransomware or Crypto Sheriff by the ‘No More Ransomware!’ project.
2. Report to Authorities
Some countries, especially the developed ones, have laws and investigation expertise on Cybersecurity issues. Report the attack to authorities if you think there exists a framework for the rescue. Reporting remains less valid in third world counties where Cyber laws are on-existing, and the investigation help is not readily available to rescue the prey.
3. Assessing Options
The first option after getting a message is to decide to pay or not to pay. We never encourage to pay. What to do? – is a question next. Below are the alternatives you can follow now.
- Option 1. Try removing the malware. It needs a level of expertise. Refer it to an expert if you do not have the skill. The security experts are of the view that ransomware is a difficult malware to remove.
- Option 2. The best way is to format your disk. You will lose the whole of your data along with the removal of the ransomware.
4. Restore From a Backup
Restoring from backup again is an easy option if you have access to your files. You can, however, run a backup even if your computer is locked.
- If you have access to your PC
There is software designed to remove ransomware, many of them available for free download. Ransomware removal tools are designed to unlock your encrypted files without paying the hacker. Search, download, and install any such utility and run it. It will start guiding you with the next actions. Keep on following the steps, complete the process, and restart your computer. There is every hope that your computer is now free from the monster.
- If your PC is locked
Though a little but there is hope that you can still get back the files from a locked computer. The secret tool for getting the access back is called Trend Micro Ransomware Screen Unlocker Tools.
Boot your computer in ‘Safe Mode’ with Networking. Reboot system after installing it on the affected machine. Hold the keys [Ctrl]+[Alt]+your computer [T]+[I] to launch the ransomware scan and removal. If you’re trying to access Safe Mode with Networking via the BIOS menu, download an alternative version of the tool on an uninfected computer. Save it on a USB stick and use it to boot the locked machine. It will scan and remove ransomware from the infected computer.
- On a Mac
Most of the ransomware attack on a windows computer, but it does not mean that Mac is safe from it. The KeRanger ransomware virus, circa 2016, was the first, targetting the MAC successfully. Thanks to Apple’s built-in anti-malware ‘Xprotect’ it was detected and blocked. Follow the instruction in this guide if your Mac is under attack. Again restoring from an earlier dated backup is an easy and readily available option if you are in the habit of taking a frequent backup.
The best rescue ever is protecting your computer in the first place from an attack of ransomware. The following steps can help in taking advanced care of your system to avoid a ransomware attack.
- Only run the trusted and reputable antivirus software. The very best option is to run only an operating system supported or recommended antivirus like Windows Defender in case of windows.
- Try to keep your system updated like operating system, antivirus software, and all browser-related components (Java, Adobe, and the like), and all other third party programs.
- Frequently clean your web browsers from all junk. Only install the trusted toolbars.
- Don’t open email attachments from any unknown, unverified sources. Also, avoid clicking URL links in the email that you are not sure about.
- Make a habit of taking frequent and sound backups. It is a sure way to reverting to clean data in case of an attack.
- Take extra care about text messages (SMS) claiming to be from your bank. Avoid sending them any of your data.
Must Read @ Mind Classic