Preventing the Infection of Ransomware in 2016

With a new year comes new ways for hackers to attempt to gain access to your personal information and data, and 2016 is no different. Actually, 2016 is foreseen to have the most frequent cases of the most malicious viruses ever: ransomware. Security Magazine predicts ransomware attacks to grow this year because “greater numbers of inexperienced cybercriminals will leverage ransomware-as-a-service offerings which could further accelerate the growth of ransomware.”

 

 

Ransomware is a virus that stops you from using your PC, and holds your PC or files for ransom. Some versions are called “FBI Moneypak” or the “FBI virus” because they use the FBI’s logos to trick people into sending the hacker money. The virus will often claim you have done something illegal with your PC and you will be fined by your local or federal government agency. Obviously the claims are false, but if you pay the fine to the supposed agency, then there is no guarantee that paying the fine will give you access to your PC or files again. Here is an example of a page that may pop up to convince you that you are paying the government for your illegal actions:

 

 

The virus can prevent you from accessing Windows, encrypt your files so you can’t access or use them, and stop certain apps, such as your web browser, from running. The hacker will demand you to do something to regain access to your PC or files; it is usually to send them money in the form of BitCoins over the internet or a MoneyPak. Ransomware has been known to charge over $1500 to give your data back, but of course that is not always the result of this expensive transaction.

 

A family of these ransomware viruses is called FakeBsod. FakeBsod uses a malicious piece of JavaScript code to lock your web browser and show a fake warning message when you visit a compromised webpage. The message says to “contact Microsoft technicians” because of an “Error 333 Registry Failure of operating system” on a blue screen. If you call the number shown on the blue screen, you will be asked to pay money to “fix” the issue. This is an example of the fake warning message:

After the ransom note has been displayed, the virus begins encrypting files. When a file is encrypted, the ransomware generates a key for each file that only the hacker knows. This means that the hacker holds your files hostage paying the ransom is no easy feat and there is a good chance that after you empty your wallet, your files may still be irretrievable.

 

Unfortunately there is no easy or guaranteed solution to restore a PC or its files after they have been infected with a ransomware virus. However, there are some steps you can take to protect your data from it:

  1. Back up your data regularly. Simply putting your most important files on a $10 thumb drive from Staples could save you hundreds of dollars in the event of a ransomware infection.
  2. Verify email sources. Many virus infections come from emails, so make sure you check the sender’s email address before opening any link or downloading anything from your email. Even if it seems enticing, don’t do it!
  3. Bookmark websites. Bookmarking your frequently visited and trusted websites can prevent you from visiting a malicious website by accidentally typing the wrong web address.
  4. Update your security software. Update any antivirus or security software you may have to provide an extra layer of protection for the latest ransomware viruses.
  5. Use specialized software to block encryption viruses. Computer Doctor can install specialized software to help protect you from this specific attack.

 

Hopefully you will be lucky enough to avoid these harmful and cruel viruses and you take the necessary precautions to protect your valuable data. In the horrible event that you believe your computer is infected with ransomware, please call the Computer Doctor at 862-7019 as soon as possible! The sooner you catch the infection, the more likely it is that your information can be retrieved. The Computer Doctor has dealt with ransomware countless times and is the best resource in the area to return your PC and files back to you— without encryption and at a much better price! He has a customized and tiered approach to ransomware. For your own specialized software to prevent a horrific infection, look at our Crypto Innoculation page!

Come see us at 50 Main Road North in Hampden, in the same building at River Town Family Eye Care. You can call us at 862-7019 if you have any questions! We also do Remote Support Sessions as well as House Calls. If you bring in your computer for a virus removal, mention this article until February 15 and receive 10% off!