What is ransomware?

Ransomware is a malicious type of software – known as malware – that holds your PC to ransom by encrypting your files and demanding money to unlock them. 

It’s also known as the FBI Virus or FBI Moneypak as it often shows the FBI logo in the ransom message.

Seven common password mistakes... and how to avoid them

Saga Home Insurance provides cover that goes beyond what you might expect. For more information and to get a quote click here.

What does ransomware do?

There are lots of different types of ransomware but they all do the same thing: prevent you from using your PC or accessing your files without paying the criminals behind the ransomware.

Ransomware is designed to scare victims. Often, ransomware will display a message that claims you’ve committed a crime, such as visiting an illegal website and threatens to report you to the police unless you hand over money. These claims are designed to frighten you into paying the criminals and stop you getting help to remove the ransomware.

Ransomware will display instructions on how to pay the ransom – usually around £100 – as well as a countdown clock that, once reached, will destroy the key needed to unlock your files.

Three best free antivirus software for your PC

How do I get ransomware?

Ransomware is often installed when visiting a malicious website, often via pop-up windows that appear when you load the webpage. 

It can hide inside files attached to emails, or inside files you download from the internet. 

Ransomware often pretends to be a legitimate file, such as a game that you want to play, especially if you’re not downloading the file from its official website.

10 tips for using public wi-fi safely

What should I do if I get ransomware?

Don’t pay. There’s no guarantee that your files will be unlocked and you could expose yourself to more demands from the criminals. Paying makes you a target for more malicious software attacks.

How do I remove ransomware and get my files back?

First, run Windows Defender Offline. You can download this from Microsoft using a different uninfected PC onto a USB drive or copy it to a DVD, then restart your infected PC using the Windows Defender Offline media. Scan and remove the ransomware. 

You can also try tools, such as Trend Micro Anti-Ransomware, that can remove ransomware.

You won’t be able to unencrypt your files. If you use Windows’ File History, you can restore backed-up files from an external hard drive, once the ransomware and encrypted files are removed.

10 sure-fire signs your computer has a virus

How do I stop ransomware?

Ensure you have up-to-date security software and keep Windows up-to-date. 

Use Smart Screen in Internet Explorer to stop ransomware being installed via a malicious website. 

Don’t open email attachments or download files from people or sites you’re not familiar with.

Regularly back-up your PC to an external hard drive too, and also copy files to cloud storage services, such as Microsoft OneDrive or Google Drive. These files will be safe from any ransomware infection.

For more tips and useful information, browse our technology articles