It’s always a good idea to back up your computer files. But now, it’s a great idea.
In most forms of ransomware, infected computers “freeze” and essentially are held hostage until a ransom is paid. Perhaps the best-known and most widespread scheme: False messages claiming to be from the FBI, accusing computer users of watching child porn or some other illegal online activity. A “fine” is demanded to unfreeze the computer.
That and other types of ransomware usually can be fixed — though sometimes a professional using specialized software is necessary.
There is nothing new about ransomware — different forms of it have been circulating since as far back as 1989 — but in recent weeks Internet security firms have reported a surge in computers affected. Once CryptoLocker infiltrates your computer, it encrypts your files — making them unreadable and permanently unusable unless you decrypt them with the attacker’s “private key,” which is unlikely to happen even if you part with the demanded ransom.
Currently, infected users are instructed (via the displayed warning) to pay $300 to receive this private key within 100 hours or “the server will destroy the (private) key,” warns a pop-up that freezes your computer, and “nobody and never will be able to restore files.”
Although anti-virus experts are hard at work, currently there is no fix. And while techies can often remove ransomware that simply freezes computers, encrypted files are trickier. So an off-computer backup of files — such as a USB drive — can be good insurance.
Since there’s no guarantee (or even evidence) that paying the demanded ransom will retrieve files from infected computers, it’s also wise to follow these to avoid this situation in the first place. That means:
- Don’t click on email attachments unless you know the sender and what the attachments are.
- Be careful when surfing on music sites or doing online searches of celebrities or other “in-the-news” topics. They often lead to malware-laden websites or links.
- Avoid “free” online offers for screen savers, games and the like unless downloaded from reputable vendor websites.
- Scan your computer using anti-virus software (from a known provider) regularly, and keep its updates and patches up to date. (Malware often masquerades as anti-virus scanning software, so make sure you are using a reputable anti-virus software.)
- Make regular backups, and store them somewhere safe, preferably offline.
This post originally appeared on Identity Theft 911.