By Stephen Cobb, Sr. Security Researcher, ESET
By now you've surely heard about ransomware, in which crooks use strong encryption techniques to lock up your files. These criminals typically offer only one way out: pay the ransom, or kiss your data good-bye. Even if you pay, there’s no guarantee you’ll get the key to get your files back.
Use these 5 tips to help keep ransomware from holding your digital life hostage.
1. Keep your software programs up-to-date. Update your operating system and software with the latest patches and updates. Enable automatic updates if you can.
2. Back up your data. The single biggest thing you can do to foil a ransomware attack is to keep a regularly updated backup of the files that are important to you. You can do this with an external drive, a cloud backup service, or both. Bear in mind that ransomware will try to encrypt not just the files on your internal hard drive, but also on any USB drives, external drives or cloud-file storage that has been assigned a drive letter. So it’s important that any backup service is either not assigned a drive letter or, disconnected when not actively doing a backup.
3. Tweak your settings. If you’re an advanced user, there are some settings in your system that you can tweak to foil the current generation of ransomware. Check out our We Live Security blog post devoted to the subject, written by ESET security researchers.
4. Learn to spot a “phish.” Phishing schemes use various means to trick you, and are one of the most common ways that data-nappers plant ransomware on your machine. One trick is to masquerade as an email from a well-known company, designed to look like the real thing. Take this quiz and see how well you can spot a phish (Internet Explorer has issues with this quiz; we recommend using another browser.)
5. Install an internet security suite. Install a full-featured security suite, such as ESET Smart Security Premium, that provides comprehensive protection—not just antivirus. Look for the following:
- Antispam that filters out emails that might contain ransomware-spreading attachments or links to ransomware-laden websites
- Anti-phishing that prevents you from visiting suspicious sites masquerading as trustworthy ones.
- An exploit blocker that protects against security holes in software often used to spread infections and adds another layer of protection by fortifying applications on users’ systems that are often exploited, such as web browsers, PDF readers, email clients or MS Office components.
- Software firewall that blocks ransomware from connecting to a Command-and-Control sever before encrypting your files, providing an additional layer of defense.