A particularly harmful and unfortunately very fashionable variant of computer virus is ransomware , a type of malicious computer program that prevents us from accessing our files and asks us for money to fix it.
Its most common variants act by encrypting the files of our equipment, documents, photographs, which cannot be opened by our usual programs. The malicious program will then generate a warning demanding an amount of money to have the solution to the problem.
Since its form of transmission is through fraudulent emails, although it may also be due to accessing a malicious website on a vulnerable computer, a very important part of the defenses against this type of cybercrime is in our hands .
Computer viruses of the ransomware type need our collaboration, usually opening an attached file or accessing a link, so knowing how to distinguish legitimate emails from dubious emails is our main line of defense.
Knowing how to distinguish legitimate emails from other dubious ones and knowing if the file that we are going to open is of a dangerous type are our main defense weapons against this type of extortion.
Knowing how to distinguish emails is not always easy since criminals use apparently reliable senders, in some cases supplanting the identity of official bodies such as the Tax Agency or the Post Office, and request that the user open an attached file, access a link, etc. . At the moment in which we carry out this action, our computer becomes infected. However, it is possible to follow some simple tips that help us distinguish dangerous emails from those that are not.
- Avoid opening suspicious unsolicited emails, the urgency to reply to the message, misspellings and requests for personal data are some of the indicators of fraudulent emails.
- Be careful with files attached to an email or downloaded from a link.
- Carefully read the subjects of the emails and texts, avoiding premature clicking on the links: wrong words, wrong spelling or wrong syntax, as well as the mixture of languages are always symptoms of fraudulent email, the tone of “automatic translation” is always significant .
- Take extreme precautions against emails from unexpected senders , especially for those that include attachments. When in doubt, delete the email and ask the sender.
- Disabling the Windows policy that hides the known file extensions will make them visible and can help us recognize such an attack.
The purpose of this virus is to hijack the data of the infected computer, the files that this user has access to are unusable and, in order to access them again, the “hijacker” asks for a cheap amount. The problem can be compounded by the fact that this virus not only affects the computer itself, but is also capable of infecting network folders that the user can access.
It is important to highlight that, although the means of protection against viruses and malicious programs that we may have on our computer and network act against these viruses in particular, with computer viruses it is the same as with “nature” viruses, in the sense of that new variants are generated daily against which we must protect ourselves. So security measures must always be active on our part, aimed at preventing the possibility of infection and minimizing the effects of a possible incident.
What to do if you observe strange behavior?
In case of observing strange behavior on your computer, act quickly:
- If you are on a network, disconnect the network cable.
- Turn off the computer immediately (even by removing the power cord or pressing the power button for one second to force shutdown).
- If you are connected with a Wifi, turn off the router.
- If you have any external hard drive unplug it immediately.
Once we have carried out these actions, it is time to ask for specialized help . If you have a computer assistance service (such as the MGS Seguros Domestic Computer Assistance Service ), call by phone and request instructions, if you do not have it is worth consulting a specialized store before starting the equipment again.
Preventive and mitigation measures
The first measure is not specific to the problem of ransomware, since it is the only defense against data loss caused by human error or disk failure, to perform regular Backups . These copies should be on two media, a physical copy on an external disk and a second copy on a cloud storage service.
Along with making backup copies of our files, the most important measure to avoid this type of disaster is to regularly update the operating system, the programs we use to navigate and manage our email, and antivirus protection programs.
Preventive measures against ransomware are specified in the regular making of backup copies and the constant and scrupulous updating of our computers and especially the antivirus programs that we must always have installed and active.