What is Ransomware

This is serious stuff, so let’s keep the definition simple. We know what ransom is, right? “Ransom” is a sum of payment commonly money, demanded or paid for release of something. Parsing the “ware” part is software installed that would invoke the ransom threat on your data files, folders, or your whole computer. The ransom may start at $500.00 and increase as you refuse or delay to pay the ransom.

Another point of view, Ransomware is considered a "scareware" as it forces users to pay a fee (or ransom) by scaring or intimidating computer owners. In a sense, it is similar to the FAKEAV malware that has been around for a long time but using a different tactic. Instead of capturing the infected system or encrypting files, FAKEAV coaxes users into purchasing their bogus antimalware software by showing the fake antimalware scanned results.

No matter, Ransomware is on the rise and getting very serious.

How do you get it?

A growing number of cybercriminal organizations are using deceptive or compromised links and websites to install malicious software. It can also arrive as a payload, either dropped or downloaded by other malware. Some ransomware is delivered as attachments to spammed emails. This threat is not singled out to Windows. This threat effects also Macs, Linux systems, Droids, and iPhones.

What does it do?

Once the malicious code is in the system, it is executed and the effect is immediately shown. The ransomware can either lock the computer screen or encrypt predetermined or all of the files with a password (normally an encryption key). Generally, the ransomware effect will show as a full-screen image, webpage from a browser, or popup notification. This will prevent victims from accessing their files and/or prevent the user from using their system. Below are some samples of ransom messages as they will show on the computer.


Recent attacks have also displayed images that impersonate law enforcement. These messages will show the instructions on how users can pay for the ransom if you decide to get your data files and system back.

What can you do to prevent this attack?

Messages from Microsoft for Microsoft Window users to help protect you as much as possible.

Can I recover from this attack?

Once your computer is encrypted by the Ransomware threat, you can consider your system and data files gone. However, you can recover your system with the following solutions:

Warning: The file or folder will replace the current version on your computer. The replacement cannot be undone.

Note: If the Restore button isn’t available, then you can’t restore a previous version of the file or folder to its original location.

Important: Some ransomware will also encrypt or delete the backup versions that will not allow you to do the restore actions. If this is the case, you need to rely on backups in external drives (not affected by the ransomware) or OneDrive.