In the last two months I’ve learned of three friends who were the victims of various forms of ransomware. The object of ransomware is to block access to your computer’s data and/or operating system until you pay a ransom to the crooks. Two of my friends weren’t sure how they’d gotten hacked, but suspected that it was something they clicked on while surfing the Internet or in an email, which is the most common way of contacting this Trojan Horse type of virus. Even more devastating is that the newer strains of ransomware will encrypt your cloud files (Dropbox, OneDrive, etc.) and even your backup files if they’re accessible.

The third victim received a phone call from someone purporting to be connected with Microsoft who told her that her Windows license was out-of-date and her computer was in bad shape. He offered to fix it if she would go to a web site and click on a link that would allow him remote access to her computer. This scam artist was very convincing and tried to get her credit card information by presenting her with an official looking invoice. When she hesitated he put a password on her computer so that she could not get to her desktop or any of her files. Although this was as much scam as ransomware, the effect was the same. If she had given her credit card information it is doubtful whether her computer would have been restored to her and all too likely that she would have found unauthorized charges on her card. Be aware that no reputable company will cold call you to repair your computer.

Other than disconnecting from the Internet it may seem that we cannot protect ourselves, but take heart. There are steps we can take to avoid or block these attacks and to prepare to recover if we should fall victim to ransomware.

1. Install and keep up-to-date a good Internet security program. Four programs that are consistently top-rated are Norton, McAfee, Bitdefender and Kaspersky. (Note: Some of the larger Internet hosts, such as Comcast and ATT, are offering free protection downloads to their customers.)
2. Keep good backups that are not directly connected to your computer. In other words, if you backup to an external hard drive, disconnect it when the backup is complete. It would be a good idea to have at least two drives and switch them out after every backup. Better yet, consider an encrypted backup service such as Malwarebytes, Carbonite or Mozy.
3. Consider ransomware blocking software such as CryptoPrevent by Foolish IT. (At this writing other blockers are few and designed for professional networks.)
4. Be suspicious! If a link or an email doesn’t feel right you can double-check the source by hovering your mouse pointer over the link or email address and watching for a pop-up or an indicator in the lower left corner of your screen that will show you the real web or email address of that link. (Example: Hover over this link to look for the address https://www.timeanddate.com/, a great site for keeping track of time changes and what’s going on in the sky.)

Be vigilant and stay safe. You can do it!