Would you pay an extortionist to get your stolen photos and files back?

Cybercriminals are now “kidnapping” information to make money and there’s even a name for it –ransomware. In a ransomware attack, malicious software is installed on your computer to block access to your personal files or worse, make your device unusable. Cybercriminals then demand money to give you back access to your files or computer and they’ve already made hundreds of millions of dollars doing this.

  • The University of Calgary paid $20,000 in a ransomware attack that affected its systems.
  • A family in Winnipeg chose to pay $800 to get precious family photos back from cybercriminals.
  • Approximately 50% of businesses were attacked with ransomware in 2015.

How does ransomware work?

When a device is infected with ransomware, some type of encryption is applied. It effectively locks you out of your files or your device. If you are a victim of this type of attack, you will receive a ransom message from the perpetrator asking for payment.

Top three ways cybercriminals will try to catch you

  1. In 2016, 97% of phishing emails were sent with the intent to deliver ransomware. Microsoft Office documents are commonly used – you’ll click on a document and see a dialog box with a prompt: “Enable macros?” Enabling macros will run a program that will wreak havoc on your computer. Back up your important files regularly. Be wary and don’t enable macros.
  2. Ransomware could be installed when you download files or applications from malicious or compromised website. Only open attachments and links from trusted people.
  3. Connecting an infected USB key to your computer could prompt ransomware to install. Never use a USB key that is not your own or from a trusted source.

How are ransoms collected?

Attackers usually require ransoms to be paid in Bitcoin or another “untraceable” electronic format of payment that have no physical form, and are not controlled by any banking entity.

In case you’re wondering, don’t pay!

Security experts advise not to pay because it encourages attacks. There’s no guarantee you’ll recover your data even if you pay. In certain cases, victims have paid the ransom only to be asked for a second and larger payment.

If you fall victim to ransomware and are asked to pay for the return of your data, do not pay. Contact the incident to the Canadian Anti-Fraud Centre at 1-888-495-8501, or by email to mailto:info@antifraudcentre.ca.