Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website. It has the ability to lock a computer screen or encrypt important, predetermined files with a password
How does a computer become infected with Ransomware?
Ransomware is often spread through phishing emails that contain malicious attachments or through drive-by downloading. Drive-by downloading occurs when a user unknowingly visits an infected website and then malware is downloaded and installed without the user’s knowledge.
Crypto ransomware, a malware variant that encrypts files, is spread through similar methods and has also been spread through social media, such as Web-based instant messaging applications. Additionally, newer methods of ransomware infection have been observed. For example, vulnerable Web servers have been exploited as an entry point to gain access to an organization’s network.
The level of this type of attack varies. Sometimes, users may be bombarded with endless alerts and pop-up messages. Other times, the computer will fail to work at all. Yet, another type of ransomware can impersonate a law enforcement agency by opening up a page that appears to be from a local law enforcement office and claiming the computer user was caught performing illegal activities online. Files are then locked in hard-to-crack, encrypted files, making it difficult for users to recover unless the ransom is paid.