Imagine that you want to pull up a certain file on your computer. You click on the file and suddenly a notice flashes on your screen saying your computer is compromised and to get your files back, you need to pay up. This is known as ransomware, a nasty type of malware that is no longer reserved for multimillionaires and corporations. Cybercriminals are holding hostage computer files and sensitive personal documents of ordinary people for their own financial gain.
Here’s everything you need to know about how ransomware makes it on to your devices and seven digital safety habits you can start today to prevent it from happening to you.
How Does Ransomware Get On Devices?
Ransomware infects connected devices – smartphones, laptops, tablets, and desktops – when the device owners unknowingly click on links or popups that have malicious software embedded within them.
Phishing attempts are a common vehicle for spreading ransomware. The cybercriminal veils their malicious links in emails, texts, or social media direct messages that urge a quick response and threaten dire consequences. For example, a phisher may impersonate a bank and demand the innocent recipient click on a link to recover a large sum of money. Instead, the link directs not to an official bank website, but to a malware download page. From there, the ransomware software takes hold and allows the cybercriminal to stalk and lock your most important files.
What to Do If Your Device Is Infected With Ransomware
If a cybercriminal reaches out to you and notifies you that they have your files hostage, do not engage with them and never pay the ransom. Even if you do pay the ransom, there’s no guarantee that the criminal will release your files. They’re a criminal after all, and you cannot trust them. Giving in and paying ransoms bolsters the confidence of cybercriminals that their schemes are successful, thus they’ll perpetuate the scam.
Remain calm and immediately disconnect your ransomware-infected device from the Wi-Fi. This will prevent the program from jumping from one device to another device connected to the same network. Then, on another device, visit the No More Ransom Project. This initiative, supported by McAfee, has a repository of advice and code that may rid your device of the malicious program. Additionally, report the event to the Cybersecurity & Infrastructure Security Agency. An agent may be able to help you unlock your device or advise you on how to proceed.
7 Digital Safety Habits to Prevent Ransomware
The best way to prepare for ransomware is to prevent it from happening in the first place. These seven online habits are a great way to keep your devices and the valuable personally identifiable information they store from falling into the hands of cybercriminals.
1. Back up your data
A cybercriminal has no leverage if your device doesn’t house anything of value. Back up your most important files every few months, either to the cloud or save them onto a hard drive. This way, if you do get a ransomware infection, you can wipe your device and reinstall your files from the backup. Backups protect your data, and you won’t be tempted to reward the malware authors by paying a ransom.
2. Take password protection seriously
When updating your credentials, you should always ensure that your password is strong and unique. It’s dangerous to reuse the same password across accounts because all it takes to put your accounts at risk is for one data breach to leak your password onto the dark web. It’s nearly impossible to memorize all your different password and username combinations, so entrust a password manager to store them for you.
3. Enable two-factor or multi-factor authentication
Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification to enter an online account. For instance, you’ll be asked to verify your identity through a one-time code sent to a cellphone or to answer a security question in tandem with a correct password. This additional step in the login process deters ransomware plots because if you store your important documents behind a multi-factor authentication-protected cloud program, the criminal has nothing of value to hold hostage.
4. Be careful where you click
Don’t click on links or respond to emails, social media direct messages, and texts from people you don’t know. This is important since phishers often trick people into downloading malware and ransomware software through disguised links.
Using a security extension on your web browser is one way to browse more safely. McAfee WebAdvisor, for instance, alerts you when you’ve ventured onto risky sites that could harbor malware. Websites that claim to have free TV shows, movies, and software are among the riskiest.
5. Only connect to secure networks
Public Wi-Fi networks – like those at libraries, coffee shops, hotels, and airports – are often not secure. Since anyone can log on, you can’t always trust that everyone on the network has good intentions. Cybercriminals often hop on public networks and digitally eavesdrop on the devices connected to it. So, you can either avoid public Wi-Fi altogether and only access the internet through 5G, or you can enable a virtual private network. A VPN is a truly private network that encrypts your internet traffic, making you completely anonymous online.
6. Update your devices to the latest software
Don’t ignore your devices’ notifications to update your software. Keeping your software up to date is an excellent way to deter cybercriminals from forcing their way onto your device. Software updates usually include critical security patches that close any holes that a ransomware plot could squeeze through.
7. Sign up for a comprehensive security solution
To boost your peace of mind, opt for an extra layer of security with a solution like McAfee+ Ultimate, which includes up to $25,000 in ransomware coverage. McAfee+ Ultimate also includes a VPN, password manager, and safe browsing extension to keep your online comings and goings private.
Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.