You’ve heard it a million times: Don’t click on links in an email unless you know who sent it and what it is.
But sometimes the link in an email is just so darned convenient. For example, you ship a package to a friend, and then you get an email with a link to track the delivery. It’s safe to click that link, right?
Maybe not.
Scammers are sending emails that look like courtesy messages from legitimate companies — especially shipping companies — to spread a new ransomware called Cryptolocker. So what’s ransomware, and why should you care?
Ransomware is a type of malware that prevents you from using your computer until you pay a certain amount of money. It’s essentially extortion, with all the data on your computer at risk unless you pay.
Cryptolocker works by encrypting all the files on your computer — your photos, your documents, your tax refunds — anything you’ve saved to the hard drive or any shared folders. Once the files are encrypted you won’t be able to open them without the encryption key — which you can get only from the criminals behind Cryptolocker.
After Cryptolocker has encrypted your files, it displays a message like this:
The criminals demand payment through an anonymous payment type like Bitcoin or Green Dot cards, and promise to give you the key if you pay the ransom in time (for example, $300 to be paid within 72 hours).
Unfortunately, once Cryptolocker has encrypted your files, there’s no way to recover them. You could pay the ransom, but there’s no guarantee you’ll get the encryption key.
So what can you do?
Back up your files. Right now. And often.
An external hard drive is a good option, but be sure to disconnect it from the computer when you are not actively backing up files. If your back-up device is connected to your computer when Cryptolocker strikes, the program will try to encrypt those files, too.
What else can you do?
The best way to avoid downloading Cryptolocker — and other kinds of malware — is to practice good computer security habits.
- Instead of clicking on a link in an email, type the URL of the site you want directly into your browser. Then log in to your account, or navigate to the information you need.
- Minimize “drive-by” downloads by making sure your browser’s security setting is high enough to detect unauthorized downloads. For example, use at least the "medium" setting in Internet Explorer.
- Don’t open “double extension” files. Sometimes hackers try to make files look harmless by using .pdf or .jpeg in the file name. It might look like this: not_malware.pdf.exe. This file is NOT a PDF file. It’s an EXE file, and the double extension means it’s probably a virus.
For more tips about how to avoid, detect, and get rid of malware, watch our video: