How do I stop
ransomware attacking
my computer?

Updated on 1 May 2018

What is ransomware?

Ransomware is malicious software, or malware, that infects your computer or device and demands a ransom, either by pretending that you owe money or preventing access to your files.  The good news is you can protect yourself.

There are four types of ransomware:

1. Non-encrypting: 

Also called scareware, non-encrypting ransomware displays a screen suggesting that you’ve done something wrong or experienced an error, and that you must pay a fee or a fine to fix the problem. This splash screen may copy formal logos like that of the Australian Federal Police to appear official and fool you into paying. 

2. Encrypting: 

Encrypting worms, or Crypto Worms, access and lock specific files and folders on your computer to prohibit you from seeing or using them. You'll then receive a message demanding payment to regain access.  

3. Leakware (Doxware): 

Leakware does not block access to files, but threatens to make sensitive or personal information public unless a ransom is paid.

4. Mobile ransomware: 

Mobile devices often don’t have security measures in place, making them more vulnerable to ransomware. Android, iOS devices and Windows devices have been targeted with demands for money to restore access or privacy. 

How can I protect myself from Ransomware?

Prevention is better than cure. Take these steps to protect your devices from ransomware:

1. Make sure you are careful what links you click on

2. Keep your system up to date

Make sure you have the latest version of your operating system, and enable automatic updates on your devices if you can. 

3. Download the latest plugins

Make sure that any plugins you have like Flash, Java and Shockwave are all up to date – these are prime targets for hackers.

4. Share with care 

Hackers learn a lot about you from what you share on your computer or device - including passwords. Be smart about any personal information you share online and check the privacy and security settings of your online accounts and apps.

5. Create strong passwords

The stronger the password, the harder it is to crack. A strong password contains at least six characters that are a mix of letters, symbols and numbers and uses upper and lower case. Don’t use predictable information that hackers can access like your date of birth or name. A password manager can help you keep track of your passwords if you need help remembering them. Read more on strong passwords in our article. You should also use 2-step verification.

6. Ensure you regularly backup your computer

What is 2-step verification?

This sends you a pin code or alert when you enter a password, to keep sensitive accounts secure. Read more on 2-step verification in our article.

1. Watch out for online scams

• Never click suspicious links in social media posts or websites, and only buy from reliable, secure businesses online that have positive reviews. 
• Never open attachments or click on links within emails from unknown or unusual senders.
• If you’re not sure about the sender, contact them directly via the phone, or use a secure browser like Safari or Google Chrome to view their website (check that your browser’s URL starts with HTTPS – the ‘S’ stands for Secure).  

2. Get security software

• Arm yourself with a good online security package. There are free and paid options. 
• Install security updates regularly.
• Do a virus or malware scan once a week as part of a regular backup routine. 

What should I do if I’ve been attacked?

1. Don’t panic 

And don’t pay a ransom. 

2. Remove the infection

Try using anti-ransomware to remove an infection. Stay Smart Online is an Australian Government website with easy to follow advice on how to protect yourself online, plus updates on the latest threats and how you can respond. www.staysmartonline.gov.au

3. Or restore from a backup

If you can't remove the infection, try restoring your computer or device from a backup; most manufacturers have guides that show you how to restore.