Imagine if someone took everything from your room and refused to give it back unless you gave them money. That’s basically how ransomware works, but with the data on your phone or computer.

What’s Ransomware?

Ransomware is a type of malware. Malware is short for malicious software (Malicious, by the way, is a way to describe someone's actions as evil or with bad intent). Basically, malware is anything that gets downloaded onto your device and hurts it. Ransomware, specifically, takes your files and makes them so that you can’t access them. Once that happens, the hacker says they’ll only give them back if you pay them a ransom.

How it Happens

In order to infect your device with ransomware, a hacker has to get access to your phone or computer. The most common ways that can happen are:

• Email—scammers trick you into clicking a disguised link that downloads malware.
• Vulnerable software—hackers find holes in software that is not properly protected. If you download something, even if it seems safe, you may accidentally infect your computer.
• Pirated software—scammers that have disguised malware as something trustworthy so that you’ll download it, kind of like a Trojan horse.
• Removable devices like a USB drive—hackers infect a device hoping you will plug it into a computer.

Once ransomware is on your computer, the hacker can encrypt your data so you can’t access it. You can think of it like this: ransomware enters the computer, gathers as much data as it can get its sticky little hands on, rushes that data into a room, and locks the door. The only one with the key to that door is the hacker.

Staying Safe

Be careful of where you click. Whether you’re following a link or downloading a new game, you should be cautious. One wrong move can have big consequences. Always make sure the link you're clicking, or the file you want to download is from a trusted source. When in doubt, don’t click.

Back up your data. Creating a backup of your data means you have a copy of it somewhere safe, like an external hard drive or the cloud. That way, if someone did try to ransom your data back to you, you would already have it.  

Only use devices you trust. For some people, access to a private computer may not be the easiest to come by, leaving those people relying on public computers to access important files. If they were to go to a public library and access a computer that a hacker has targeted. If using a USB drive, they could then influence the spread of ransomware, by simply inserting it into another device the hacker gains access to it. In the end, creating trouble for the original victim and any future person to use any device the USB is plugged into after infection.

If it Happens to You

Step 1: Try to figure out where the attack came from.

Step 2: Separate the infected device from all other devices by deleting any paired devices from the Bluetooth settings or even physically unplugging any other devices connected to the computer.

Step 3: Report the attack to the FBI using the Internet Crime Complaint Center.

Step 4: Try to remove the software.  If you can identify and get rid of the malware, you'll be able to restore the data. Or you may have to wipe your computer entirely if you are unable to find the software, which is why having backups for files is important. While it might be costly, another option you can also take is bringing it to a pro. Paying the ransom may not actually make the hacker return your things and leave you alone, so it’s best not to do so if you can avoid it.