If you’re reading this posting, odds are that you or someone you know is the victim of a ransomware attack.
We’ve said that we at Trend Micro are here to help you and this post is meant to tell you exactly what we think you should do if you’re looking at a ransomware screen.
Most importantly, here’s what you shouldn’t do: pay the ransom.
I can’t emphasize that enough: don’t pay the ransom.
Remember, you’re dealing with criminals. There’s no guarantee you’ll actually get all your files back. Even if you do, you’re only helping ransomware continue to be a problem by rewarding the criminals.
If you’re able to, you should go ahead and turn off your computer as soon as possible and disconnect any network or wifi connections. There’s a chance you may be able to stop the attack before it’s complete.
Next see if you can restore from a recent backup. Backups are an important thing in general and very important in ransomware situations to recover copies of the files you’ve lost.
If you don’t have a backup that you can use then you should go to our ransomware resource webpage here. On this page you’re going to find two key resources we’re providing:
Once you recover from this situation, you should take some time and take steps to prevent future ransomware infections. Unfortunately, ransomware isn’t guaranteed to be a one-time occurrence. If you’ve been infected once, you could be infected again (sometimes by the same attacker). So be sure to see part one of this series that outlines things you can do to help prevent ransomware.