Learn

Personal Resource Center

Scam alert: Malware and ransomware

Money and world wide web icon
Did you know? Ransomware is the "digital kidnapping" of data. Cybercriminals demand a ransom to release valuable files back to the owner.

What are malware and ransomware attacks?

Malware — short for "malicious software" — is any type of software created to disrupt or damage a device's operation, gather sensitive information, or give someone access to your computer. Cybersecurity terms you may have heard before, like viruses, spyware, and ransomware, are all different types of malware.

Ransomware is a specific type of malware that aims to gain access to a victim's files so the hacker can lock and encrypt them before demanding a ransom from the file owner in exchange for unlocking the file. The National Cyber Security Alliance's StaySafeOnline2 initiative calls ransomware "the 'digital kidnapping' of valuable data — from personal photos and memories to client information, financial records, and intellectual property."

When the kidnapped files contain personal files, this threat is scary enough, but when you're working from home, your company's files could also be at risk, making ransomware an even more daunting — and costly — menace.

How does malware get on my computer?

Cybercriminals sneak malware onto people's devices in a variety of ways,3 including exploiting software vulnerabilities (weak spots in the code that hackers have found a way to exploit) and tricking people into downloading malware themselves. Hackers also hide malware in fake computer programs and mobile apps and then post them online, hoping to lure people into downloading them.

Another malware delivery method is phishing, which occurs when someone sends fraudulent emails in an attempt to access your personal information by clicking a link or downloading a file.

According to the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), phishing is one common way ransomware is delivered. Another is through drive-by downloads.A drive-by download is malware that automatically downloads without your consent — and often without your knowledge. In this case, it's not a file that is infected, but the website itself. The website may have been built by a hacker for this purpose or it could be a legitimate website that a cybercriminal has hacked into and compromised. Either way, simply visiting the site is enough to trigger a download of malware such as ransomware.

Why are people who work from home more at risk?

Remote workers tend to have fewer cybersecurity protections and protocols compared to those working in an office under the careful eye of their IT department. For example, many home WiFi networks rely on routers set up by residents with little or no cybersecurity knowledge and may expose users to malware attacks.

Plus, when working from home, people are more likely to blend their personal and professional work on the same device. This can make them less careful about the links they click on or files they download compared to what they might do on a work device in the office.

What can people do to protect themselves?

Awareness and a few easy precautions can go a long way toward making your devices more secure when working from home. Here are a few tips for protecting yourself against malware, including ransomware:

  • Back up your data regularly and store your backups separately from your computer, such as in an external hard drive. Keep your external hard drive disconnected from your computer when you're not actively backing it up.
  • Update your operating software and browsers regularly. Software updates help to protect you from the newest types of ransomware attacks.
  • Install reputable antivirus software and keep it updated. These can intercept suspicious downloads and also flag web pages that may be compromised.
  • Avoid clicking links directly from emails, even when they look official. Small changes in a URL can take you to a malicious site. Type trusted website addresses into your browser instead.
  • Open email attachments website downloads with extreme caution, particularly if they are compressed or ZIP files. Only download files from trusted senders or reputable websites. And if you get an unexpected file from a trusted sender and it lacks appropriate context, double-check with them to be sure the file is really from them. Sometimes a hacker can gain access to their email, and then entice you to open a malicious file because you generally trust the email address from which it came.
  • Treat flash drives, external hard drives, and anything else you plug into your computer's USB port with the same suspicion as email attachments. Malware can live on these devices as well.
  • Only download mobile apps or computer programs from reputable sources. When choosing among apps, opt for those that have been around for some time and have plenty of positive user reviews.
  • Be extra suspicious of emails and websites during major events like natural disasters, epidemics and health scares, economic concerns, political elections, and holidays. According to CISA, increased phishing attempts often increase5 on those occasions.

What if I become a victim of a ransomware attack?

If you receive a ransomware demand, it's up to you decide if it's worth it to pay for the release of your files. The FBI urges people to not pay ransomware attackers,6 but a Forrester Research report called the decision to pay "a valid recovery option"7 in some circumstances. If you do choose to pay, never give your bank account information to the hacker. Cryptocurrency is the typical method of payment. If you suspect you've been a victim of malware or receive a ransomware demand, CISA advises home users to contact your local FBI office8 or local U.S. Secret Service office.9

This content is general in nature and does not constitute legal, tax, accounting, financial or investment advice. You are encouraged to consult with competent legal, tax, accounting, financial or investment professionals based on your specific circumstances. We do not make any warranties as to accuracy or completeness of this information, do not endorse any third-party companies, products, or services described here, and take no liability for your use of this information.

  1. Christiaan Beek, et al., "McAfee LabsThreats Report," McAfee, published August 2019, accessed March 26, 2020. Back
  2. StaySafeOnline, "Malware and Botnets," accessed March 26, 2020. Back
  3. Lenny Zeltser, "Stop That Malware," SANS, published June 2018, accessed March 26, 2020. Back
  4. Cybersecurity and Infrastructure Security Agency, "Security Tip (ST19-001) Protecting Against Ransomware," published April 11, 2019, accessed March 26, 2020. Back
  5. Cybersecurity and Infrastructure Security Agency, "Security Tip (ST04-014) Avoiding Social Engineering and Phishing Attacks," revised March 11, 2020, accessed March 26, 2020. Back
  6. FBI, "FBI, This Week: Advocating Against Ransomware Payment Demands," published August 22, 2019, accessed March 26, 2020. Back
  7. Forrester, "Forrester's Guide To Paying Ransomware," published June 5, 2019, accessed March 26, 2020. Back
  8. https://www.fbi.gov/contact-us/field-offices, accessed March 27, 2020. Back
  9. https://www.secretservice.gov/contact/field-offices/, accessed March 27, 2020. Back