Ransomware is a type of virus that encrypts your files and blocks access to your data, in an effort to receive a payment (ransom). The virus is automatically installed on your computer, usually after opening a malicious attachment in an email. Similar to phishing, the look of the email may be deceiving and may try to trick you into believing that it is legitimate.
Ransomware emails come from multiple different senders, and have had various types of attachments (such as documents, PDFs, Excel spreadsheets, zip files, etc.) The file name of the attachment might be very easy to confuse with something legitimate, such as "Resume" or "Spreadsheet". We've also seen cases where the ransomware emails imitate regular transactions, such as a mail delivery service asking you to download an attached form or someone asking you to verify an attached invoice/receipt.
If opened, non-standard characters will begin to populate your files; that is a sign your computer has been infected.
If your computer is infected with ransomware, you will lose your data. Here are recommendations to help protect your data:
- Be very cautious of opening any email attachments.
- Do not open any email attachments that you are not expecting.
- Do not enable any macros contained in that email attachment.
- Share files by using file-sharing resources available to you (Box, Network Storage Drives, etc.) instead of email.
- Make frequent back-ups of your data. You can use W&M systems such as Box or the Network Storage Drives, or use equipment such as an external hard drive to make back-ups.
- Forward any suspicious emails to [[abuse]].
For questions or concerns, contact the Technology Support Center at 757-221-4357 (1-HELP), [[support]].