Ransomware encrypts or prevents access to your data unless you pay a ransom. Ransomware may spread to other computers or storage devices on your network if your computer is linked to the internet.
Some of the ways you might become infected with ransomware are as follows:
- Visiting risky, dubious, or phony websites are some of the ways you might become infected with ransomware.
- Opening file attachments from persons you don’t know or that you weren’t anticipating.
- Clicking on malicious or harmful links in emails, Facebook, Twitter, and other social media posts, as well as in instant messenger and SMS chats
A bogus email and webpage are easily identified since they have poor spelling or otherwise appear strange. Look for unique spellings of corporate names (such as “PayePal” instead of “PayPal”), as well as uncommon spaces, symbols, or punctuation (like “iTunesCustomer Service” instead of “iTunes Customer Service”).
Ransomware may infect any PC, whether it’s a personal computer, a PC on a business network, or a government agency’s servers.
How can I contribute to the security of my computer?
- Ensure that your PC is running the most recent version of Windows and has all of the current updates.
- Enable Windows Security to help protect you from viruses and malware (or Windows Defender Security Center in previous versions of Windows 10).
- Enable Controlled Folder Access in Windows 10 or 11 to safeguard your crucial local folders from unapproved applications such as ransomware or other infections.
- With Microsoft 365 enhanced security, you can identify and recover from ransomware.
- If your PC’s maker hasn’t already enabled File History, back up your files. Find out more about File History.
- Use Microsoft OneDrive to back up important files. Ransomware detection and recovery are incorporated into OneDrive, as well as file versioning, which allows you to restore a previous version of a file. Your work is automatically saved as you edit Microsoft Office files in OneDrive.
- Make use of a modern, secure browser like Microsoft Edge.
- Restart your computer weekly at the very least. This keeps your operating system and programs up to date and makes your system run quicker.
If you believe you have been infected,
When you suspect your PC has been attacked, use antimalware software such as Windows Security. For example, if you read about new viruses in the press or detect unusual activity on your computer.
If you do become infected with ransomware,
Unfortunately, a ransomware virus normally does not manifest itself until you receive a notice, whether in a window, an app, or a full-screen message, demanding money to recover access to your computer or data. These notifications are frequently displayed after you have encrypted your data.
Try completely wiping your computer using Windows Security. This should be done before attempting to retrieve your files. Backup and Restore in Windows also includes information about backing up and restoring files for your specific version of Windows.
It is a waste of money to pay to get your files recovered. Even if you pay the ransom, there’s no assurance you’ll be able to access your computer or recover your data.
What should you do if you’ve already paid?
If you have already paid the ransom, you should notify your bank and the local police department as soon as possible. If you used a credit card, your bank may be able to reverse the transaction and refund your money.
You may also report fraud and scams to the following government websites:
- Go to the SCAMwatch website in Australia.
- Visit the Canadian Anti-Fraud Centre in Canada.
- France, see the website of the Agence Nationale de la Sécurité des Systèmes d’Information.
- Germany, see the website of the Bundesamt für Sicherheit in der Informationstechnik.
- Ireland, see the website of An Garda Sochána.
- Visit the Consumer Affairs Scams webpage in New Zealand.
- Go to the Action Fraud website in the United Kingdom.
- Go to the On Guard Online website if you are in the United States.
If your region isn’t included here, Microsoft suggests contacting your local federal police or communications authority.