You flip open your laptop but instead of the usual set up, a skull and crossbones appears. Maybe your keyboard is locked. The freeze could be happening on your smartphone. Whatever the device, it’s not working, and you get that sinking feeling. Digital apocalypse.
Next comes the prompt to panic. Underneath the image there’s a message: Pay up or lose everything on your device. Maybe it says, "This operating system has been locked for security reasons." Maybe it informs you that you looked at something illegal and have to pay a fine or risk imprisonment.
Let’s say that the ransom is affordable, between .00684 and .11 bitcoin ($20 to $300). Payment is usually demanded in bitcoin. Oh, and remember these are mustache-twirling criminal types. There’s a ticking clock. You have 24 hours to pay up or lose everything.
That may seem like a decent price, given what’s at stake. Symantec found that almost three percent of people who "get got" by ransomware pay to regain control of their digital assets. It’s big business, with some operations making as much as $400,000 a month, at least in theory based on estimates and bitcoin paid out to known fraud-connected accounts.
Perhaps you speak fluent victim-ese, and your reaction is outrage. Scum of the earth. You pay, but with daggers in your eyes. Or maybe you pay, because you think, "Fair enough. I was careless. How do I get bitcoin?" Either way not so fast.
Fairness is somewhat relative when you’re being extorted, and then there’s the fact that not all ransomware scams operate on the "up-and-up." Many of them function like a C-corporation, they have "victim service reps" on call to guide you through the process of buying bitcoin and regaining access to your machine. Others, not so much. You pay, and you’re still locked out.
So how can you avoid finding yourself in such a potentially damaging situation?
1. Cover Your Assets
Back up your devices daily. There is nothing to lose if you do this. Literally. Ransomware relies on the idea that most people tend to be pretty fallible. In a perfect world, everyone would have their digital existence buttoned up, with daily backups stored in an encrypted form on air-gapped devices. If that were the case, ransomware wouldn’t exist. If that is the case in your home, ransomware isn’t a threat.
2. Use Security Software
Whenever possible, use security software. Don’t automatically assume that because you are using an Apple product you are completely safe. Make sure that whatever protection you use is up-to-date and your subscription is current. There are new threats and variations on the main forms of attack being released daily, so if you’re using an old version of perfectly legitimate software, you might be vulnerable.
3. Update Everything
Updating your security software is crucial, but it’s equally important to update all the software and apps that you use. If you receive a notice about new firmware, install it. Updates are your friends. While this is particularly important when it comes to updates to the operating system you use, it applies equally to your browser and whatever plug-ins you’ve installed along the way. All of these aspects to your digital life are so many doors waiting to be pried open by criminals. Software vulnerabilities are the number one way ransomware worms its way into your life.
4. Think Like a Crook
Most of the ransomware attacks out there use various forms of social engineering to get the required malware on your machine. The attacks look like something of interest to you. It could be a steep discount at your favorite retailer. It could be a PDF attached to a work email that makes perfect sense to open given the text that accompanied it. It could be a text from a business or service you use. Always think twice before you click. Attachments and links to malware-laced websites are the main vectors for ransomware. When in doubt, do a little research.
Get offline as fast as you can if you have become infected. Some of the malware currently being used has more than one capability, and if you are online, your machine could be commandeered to do work on behalf of the operation that infected your device. This could range from using your computer’s resources to mine bitcoin to roping it into a botnet that serves spam or launches a distributed denial of service attack.
The best solution to the ransomware plague is to maintain good cyber hygiene. Keep your wits about you at all times, because there are people out there all the time trying to get you, and they will succeed the moment you let down your guard.
Adam K. Levin is a consumer advocate with more than 30 years of experience and is a nationally recognized expert on cybersecurity, privacy, identity theft, fraud, and personal finance. A former Director of the New Jersey Division of Consumer Affairs, Mr. Levin is Chairman and founder of CyberScout and co-founder of Credit.com. Adam Levin is the author of Amazon Best Seller "Swiped: How to Protect Yourself in a World Full of Scammers, Phishers, and Identity Thieves." He is the security and credit expert for ABCNews.com and writes a weekly column for The Huffington Post, Inc. Magazine, The Hill, and Newsmax. Mr. Levin is a go-to expert appearing on many national TV programs including "The Today Show," "Good Morning America," "MSNBC Live," "Fox and Friends," "NBC Nightly News," "ABC World News Tonight," "Cavuto Coast to Coast," "Bloomberg Surveillance," as well as national radio throughout the country. Read more of his reports — Go Here Now.
© 2023 Newsmax. All rights reserved.