How to protect yourself from online scams including ransomware and more
- 16 July, 2019 20:00
Protecting yourself from online scams is a fact of life now. According to the FBI’s 2018 Internet Crime Report, Internet scams from 2014 through 2018 cost consumers $7.45 billion. Scams include online shopping/non-delivery of products ordered, identity theft, credit card fraud, and denial of service/DDoS attacks. Other threats include various flavors of ransomware, malware, scareware, and viruses, along with a few dozen other categories of crime.
I got hit with ransomware—twice—and learned a lot from the remedies I tried, as well as the experiences of friends who were hit. Read on to see what I did, and be sure to check PCWorld’s thorough guide to removing malware and our follow-on story about how to rescue your Windows PC from ransomware for more information. We wrap up with a checklist that will help you fend off online scams of all kinds.
My online scam experience: Ransomware
Ransomware is scary—a strange window that pops up in the middle of your screen that says, “Your Computer is Locked,” or “All Your Files Are Now Encrypted.” The only way to get them back, you’re told, is to pay a fine or purchase some special software program, which may not even work.
Should you pay the ransom? Probably not. If the dollar amount is relatively small, you may be tempted to pay the money and hope for the best. Chances are the perpetrators have no intention of sending you an encryption code or a software program to get your files back, however. Even if they do follow through, you risk being added to the “suckers” list, which could bring more hackers to your door.
The story of what happened to the city of Atlanta, Georgia, shows the challenges of responding to ransomware attacks. The city’s computer systems were infected with the SamSam ransomware. The hackers asked for about $50,000 in bitcoin payment, but the payment portal became inaccessible, leaving the city to its own devices. A total cost for recovery is unknown, but apparently the city was prepared to pay up to $17 million, based on information obtained by the Atlanta Journal-Constitution news outlet. Cybersecurity software & services company Symantec noted that 67 different organizations were infected by SamSam malware.
How I removed ransomware
The first time I received ransomware, which demanded payment of $300, I tried to fix it myself.
I took my PC offline, then cleared my browser history and deleted all my cookies. I went to Control Panel > Programs > Uninstall a Program, sorted the programs by installation date, then deleted any programs that had been installed that entire week.
Next I used Norton Utilities to clean up my system, scan for viruses, and remove all threatening and unnecessary files. Finally, I rebooted my system, and my files were intact.
The second time I received a ransomware message, they wanted $400. I tried the same procedures as before, but nothing worked.
I decided to try a system restore, an established Windows feature that lets you walk your system back to an earlier point in time. This can be a handy feature if you run into a software installation or other issue that hangs up your PC. Here’s how it works:
1. From the Control Panel search box, type recovery.
2. Select Recovery, then click the Open System Restore button.
3. Click Next in the Restore system files and setting box.
4. Select a restore point/date from the list of results. If only one date appears, click the checkbox beside the prompt Show More Restore Points, then select the one you want.
5. Next, select the Scan for Affected Programs button, and Windows begins scanning your system. If Windows finds any affected programs, they’re listed in the panels below.
6. Once the scan is complete, click Next, and Windows asks: Confirm Your Restore Point.
7. If you’re certain you want Windows to reset your system to the Restore Point/Date displayed in this dialog box, click the Finish button. The System Restore will not delete your pictures, music, movies, or documents, but it removes the files that were installed since the restoration point/date.
This process worked for me, this time, but most security professionals discourage using System Restore to remove ransomware. Instead, they recommend reformatting or wiping the hard drive completely and reinstalling everything from scratch.
A friend of mine received the “FBI Pornography” ransomware and tried everything in his arsenal to remove it because he did not have any of the accused files on his system. He failed and ended up paying a technical support group to fix the problem. They successfully retrieved all his files, but then wiped his system and reinstalled everything.
How to protect yourself from online scams
Prevention is the best way to defeat all manner of online scams. Here’s what I do now to prevent future attacks:
1. Back up files daily. PCWorld has recommendations for online backup and Windows backup, the latter of which should be done to an independent drive that’s not on your network. Portable hard drives are very economical now—I just purchased an 8TB external, portable hard drive for $139. It has enough space to hold backups from two desktops, a laptop, and a tablet with room to spare.
2. Never access the Internet without anti-virus and anti-malware software on your system. As PCWorld’s roundup of the best antivirus software shows, you don’t have to spend a fortune to protect your data. Many of these programs are free, shareware, or subscription-based for very reasonable prices. Norton Utilities is as low as $19.99 a year for multiple PCs, and if you have Comcast, it’s free. In fact, many Internet Service Providers now provide free anti-virus software.
3. Always install the security updates for both your operating system and software programs.
4. Use obscure passwords that are not related to special dates, family and pet names, or favorite things.
5. Limit sharing and administrative rights, and restrict write permissions.