If you’re reading this posting, odds are that you or someone you know is the victim of a ransomware attack. Ransomware continues to grow as a prevalent threat . The number of new ransomware families we saw in the first half of 2016 alone has already eclipsed the total 2015 volume by 172%. With ransomware attacks becoming more and more sophisticated and prevalent, we believe that the threat will potentially cause more damage going into the second half of the year.
This post is meant to tell you exactly what we think you should do if you’re looking at a ransomware screen. Most importantly, here’s what you shouldn’t do …. pay the ransom. I can’t emphasize that enough: don’t pay the ransom. Remember, you’re dealing with criminals. There’s no guarantee you’ll actually get all your files back. Even if you do, you’re only helping ransomware continue to be a problem by rewarding the criminals.
If you’re able to, you should go ahead and turn off your computer as soon as possible and disconnect any network or wifi connections. There’s a chance you may be able to stop the attack before it’s complete.
Next see if you can restore from a recent backup. Backups are an important thing in general and very important in ransomware situations to recover copies of the files you’ve lost.
If you don’t have a backup that you can use then you should go to our ransomware resource webpage here. On this page you’re going to find two key resources we’re providing:
- A special, dedicated Trend Micro Ransomware Hotlinefor FREE ransomware tech support at 1-877-558-7363 (5:00 AM – 8:00 PM PST, Monday through Friday). This hotline will put you in touch with our support experts who will help you (or whoever is helping you) work to recover from this infection.
- Our special Trend Micro Ransomware Support Center which has steps and tools you can use.
Once you recover from this situation, you should take some time and take steps to prevent future ransomware infections. Unfortunately, ransomware isn’t guaranteed to be a one-time occurrence. If you’ve been infected once, you could be infected again (sometimes by the same attacker).