RansomwareImagine you’re using your computer on a typical Saturday night, perhaps catching up on email or looking for the perfect movie to download and watch. You click on a seemingly innocent link and the file downloads and installs onto your computer. Suddenly, your entire screen goes black and a warning pops up telling you that your computer’s security has been compromised and the only way to regain access to your files is by calling specific phone number. You try shutting down and restarting your computer, but the same screen shows up each time.

Feeling frightened about the safety of your files, you call the number on the screen and listen as the person on the other line tells you the only way to get back into your computer is to pay a sum of money so it can be fixed. If something about the situation seems off to you, then you’d be correct, because this is just one of the many scenarios in which ransomware — a type of malware — can be used to trick and intimidate people into handing over money to criminals. In order to understand how to avoid falling victim to ransomware, you first need to understand what it is and how it usually behaves when it infects a person’s computer.

What is ransomware?

As stated previously, ransomware is a type of malware that is designed to prevent the affected user from using their computer in some way. It’s¬†generally disguised as legitimate files you download, although there are browser-based ones that can be triggered by clicking on the wrong link. Among the problems these programs cause are file encryption (preventing you from accessing them), stopping apps (like your web browser) from running and preventing you from accessing Windows or your entire system. While some take the tactic used in the scenario above and try to make users think they’re experiencing a computer issue, many claim that you’ve done something illegal with your computer and use FBI or other law enforcement graphics to further confuse and frighten victims.

In order to get your computer back, usually you’ll be prompted to pay a fine or required to take some kind of action like filling out a survey. These fines rarely amount to much more than $500, and there will be instructions to either input a credit card number, banking information or purchase a Green Dot MoneyPak. Sadly, even if you pay up, there is no guarantee you’ll be free of the malware completely. Individual computer users aren’t the only ones who have to worry about ransomware — it has also been known to target entire websites as well as small and large businesses alike. Historically, PC users have been the target of ransomware, so should you worry if you’re not using a PC?

Do I have to worry if I own a Mac?

For a long time, ransomware attacks were limited to PC users, but cybercriminals are always evolving, and just this past week a ransomware program was able to penetrate Apple systems for the first time. In general, Mac users should be more alert when it comes to surfing the Internet and not take for granted the historical low penetration of malware in Apple computers. As more consumers purchase products from Apple, the more lucrative it becomes for hackers and cybercriminals to target them. Fortunately, as cybercrime has gotten smarter, so has the technology designed to stop it — and most of the top-rated Internet security software programs offer Mac versions.

What about mobile devices?

With the increase in people using mobile devices like smartphones and tablets on a day to day basis, it’s only natural that cybercriminals have begun targeting these devices with ransomware as well. According to security firm Blue Coat, there was a significant increase in mobile ransomware attacks in 2015. Most often, it disguises itself as a legitimate app which users then unwittingly download and install. Android devices are more susceptible than iOS, but all mobile device users should be wary. Fortunately, since many mobile devices are designed to back up the majority of their users’ data to cloud-based services, a complete wipe isn’t always absolutely devastating. And, as Panda Security points out, there are ways to get around some ransomware.

How can I protect myself?

Double-check your security settings

This is especially important for those using mobile devices, but also goes for your computer. Make sure you know what your security settings are and that you’ve got your smartphone set not to allow automatic app downloads or installation of apps from a non-official source, like the Apple or Google Play app stores. These stores are designed to resist the upload of malicious code and do their best to prevent anything from slipping through the cracks; you won’t be able to trust third-party websites to offer the same level of security. Enabling protections offered by your browser can help protect you against visiting dangerous websites.

Purchase Internet security software

The Internet security software of today isn’t what it was a decade ago. Nowadays, security suites are designed to fight all the dangers that threaten your connected devices. Gone are the days of purchasing a separate license for each of your computers — now, you can buy affordable security for all of your computers and mobile devices. If you are concerned about ransomware, you’ll want to look for a security software that offers specific rescue tools to help in the event of this kind of attack — such as Norton’s Power Eraser tool.

Backup, backup, backup!

Perhaps the scariest aspect of ransomware is the threat it poses to your treasured and important documents and files. Nobody wants to lose years of hard work on their novel or sensitive company data or even their online bookmarks. Fortunately, you don’t have to. Investing in online backup is one way to ensure that even if your computer or mobile device were to get infected with ransomware that couldn’t be cracked, your files would still be accessible. And after all, it isn’t very threatening if you know you’ve already got copies of everything that’s being “held hostage,” is it?

What should I do if my computer is attacked?

When it was first introduced, ransomware was a huge threat because a system infected with it was potentially unrecoverable. Fortunately, security companies are working to catch up and defeat these previously undefeatable monsters. In June 2014, a free tool to assist victims of the CryptoLocker ransomware was released by FireEye and Fox-IT. If you find yourself faced with ransomware on your PC, Mac or mobile device, it’s important that you don’t give in to the temptation to pay the fine or follow the instructions.

Your options at this point are to take your computer or device to a computer repair shop to see if anything can be done to decrypt your files or remove the ransomware from your computer without causing harm to your system or files or utilize any recovery tools provided by your Internet security software. No matter what, don’t pay the ransom. It’s impossible to guarantee whether or not you’ll actually get access to your files back, and you also might become a target for more malware attacks down the road or even fall victim to identity theft, as the cybercriminal may have gathered personal information from your device.

What if I already paid?

If you or someone you know fell victim to ransomware and paid the fine, you should contact your bank or credit card company immediately to try and get the payment stopped or charges reversed. It’s also a good idea to contact the FTC and file a fraud complaint.

Ransomware is certainly one of the more scary things a user can come across while online, but the most important thing is to keep your head. Remember that it is unlikely, even if you were conducting illegal online activity, that you’d be contacted about it through a pop-up on your computer or that paying a small fine immediately would make it go away. As with all scams, acting with prejudice and suspicion is one of the best ways to protect yourself.