Be on guard against ransomware—part two
Donovan Reed, EVP – Chief Lending Officer
What should you do if you’re a victim of a ransomware attack?
• First, don’t panic. Disconnect the affected device from the Internet and isolate it from the network. However, do not turn it off because valuable forensic data could be lost.
• Assess the scope of the problem. Go through your directories and try to determine which of your user files is infected. How do you tell? Some documents may have been given odd extension names. You can try changing them back, because some ransomware uses “fake” encryption that merely changes the file names without actually encrypting them.
• Get tech support, if you can. If you have a paid anti-malware solution, scan your hard drive and contact your vendor’s tech support and help forums. Another resource is NoMoreRansom.org’s Crypto-Sheriff, a collection of resources and free ransomware removal tools from Intel, Interpol and Kaspersky Lab.
• Contact the authorities, including your local law enforcement agency and FBI field office. Report the incident to the FBI’s Internet Crime Complaint Center.
• Contact your financial institution(s), credit card companies, online stores, and any institution with whom you have credit card information on file. Let them know the situation so they can monitor your accounts and look for suspicious activity.
• Suspend the use of all your email addresses. If this is not possible or realistic, then change your email passwords at least once a week for several weeks after being affected by ransomware.