Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website. Ransomware can be devastating to an individual or an organization.

1. New ransomware variants appear on a regular basis.
Always keep your security software up to date to protect yourself against them.

2. Keep your operating system and other software updated.
Software updates will frequently include patches for newly discovered security vulnerabilities that could be exploited by ransomware attackers.

3. Email is one of the main infection methods.
Be wary of unexpected emails, especially if they contain links and/or attachments.

4. Be especially wary of any Microsoft Office email attachment that advises you to enable macros to view its content.
Unless you are absolutely sure that this is a genuine email from a trusted source, do not enable macros and instead immediately delete the email.

5. Backing up important data is the single most effective way of combating ransomware infection.
Attackers have leverage over their victims by encrypting valuable files and leaving them inaccessible. If the victim has backup copies, they can restore their files once the infection has been cleaned up. However, organizations should ensure that backups are appropriately protected or stored offline so that attackers can’t delete them.

6. Using cloud services could help mitigate ransomware infection, since many retain previous versions of files, allowing you to “roll back” to the unencrypted form.

Five Simple Dos and Don’ts:

1. Don’t pay the ransom.
   I can hear someone asking, “But won’t you get your files back if you pay the ransom?” Just like a bully who tires of the keep-away game, you likely will get your files back if you pay. But you may not. Sensing a sucker on the hook, you might get asked to pay again and again. But let’s say you’ve got an honest thief, one willing to unlock your files if you pay. Why would you ever give money to a crook? Especially one who will use the money to fund playing bully to a host of other people? It just doesn’t seem right to me.
2. Don’t click on attachments in email.
   There are a lot of different gangs running ransomware scams, who use different ways to try and infect you. One of the most popular is using spam. The email could be saying there was a package for you that couldn’t be delivered. Or a cool screensaver that you should install. Whatever the con, the bad guys want you to click on an attachment to install the malware. Don’t do it. Just don’t click.
3. Do keep software up to date.
   The bad guys know about weaknesses in the software on your PC before you do. And they try to use them to get on your machine. It’s called exploiting a vulnerability. Patching removes the vulnerability. If you’re asked if you want to update your software – Do. It. Now. Waiting only helps the bad guys.
4. Do use security software.
   If you have a friend who is a security expert, who spends 24/7 keeping up on all the latest malware threats and watches over your shoulder whenever you are on your computer, you’ll be pretty safe on the internet. Otherwise, get good security software to do that. Make sure it is more than Anti-Virus. I recommend Norton Security.
5. Do back up.
   No one ever thinks anything bad will happen to them, until it does. I sure hope you never have ransomware infect your machine. But if it ever does, wouldn’t it be nice to have a copy of all your files somewhere safe? You can tell the bully where to get off. Everyone knows they need to back up their files. Now you have one more very good reason to do it.