Protecting Yourself From Ransomware

You’ve probably heard the news about WannaCry, a ransomware attack that holds your computer hostage until you pay a ransom.  Ransomware can prevent you from accessing your data by locking your computer's screen or locking your computer files.  Although the WannaCry attack is largely contained, there’s no doubt that WannaCry variations and other ransomware attacks will occur in the future.  So how can you help to protect yourself?

  • No matter which operating system you use, it's important that you update it regularly. Windows operating systems are typically updated at least monthly, typically on so-called "Patch Tuesday." Other operating systems may not be updated quite as frequently or on a regular schedule. It's best to set your operating system to update automatically. The method for doing so will vary depending upon your particular operating system.  If your computer uses Windows XP or Vista as the operating system, it's very important to be aware that Microsoft support for Windows XP ended on April 8, 2014 and support for Vista ended on April 11, 2017.  This means that you will no longer receive software updates from Windows Update, including security updates that can help protect your computer from ransomware.
  • Keep your software applications up-to-date. Computer hackers are always finding new ways to penetrate the defenses of your software programs. Software vendors respond with patches that close newly found security holes. To stay protected, you need to download and install patches for both your operating system and your software applications whenever they become available. Software patches or updates often address a problem or vulnerability within a program.
  • Be sure to have anti-virus/anti-malware protection installed on your computer.  Security software will only protect you against the newest threats if it is kept up-to-date. That's why it is critical to set your anti-virus/anti-malware protection to update automatically.
  • Don’t open unexpected email attachments from unknown persons. In fact, just because an email message looks like it came from someone doesn't mean that it actually did. Scammers can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments.  To open an attachment, first save it to your computer and then scan the file with your antivirus/anti-malware software.
  • Don’t click on links embedded in email messages. It’s usually safer to go to the company’s website directly from your browser than by clicking on a link in an email message, unless you are absolutely certain that the email was actually sent by the person or company claiming to have sent the message. This will help you avoid becoming a victim of “phishing”. Phishing is the fraudulent process of attempting to acquire sensitive information by masquerading as a trustworthy entity. Phishing is typically carried out by email and often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
  • Back up all your data. While your computer may be an expensive asset, it is replaceable. However, the data and personal records on your computer may be difficult or impossible to replace. There are many hardware and software alternatives for backing up your data including USB flash drives and external hard drives (hardware) as well as archiving and disk imaging programs (software). Each method has its own advantages and disadvantages. For a simple solution, important files can be saved to an encrypted USB flash drive. It’s a good idea to keep your backup media in a locked and secure location.

For more information on protecting your computer from ransomware and other kinds of malware, please read our Consumer Guide Securing Your Computer to Maintain Your Privacy.