A few weeks ago, I sent an article (email me if you lost the link and want to read the whole article) about a number of ways of protecting yourself from ransomware.

For those who don’t know, ransomware is a type of small program that gets into your computer, encrypts everything it can find on your computer and every network share it can find, and then sends the decryption keys off to the bad guys over the Internet. It then usually pops up a message telling you that you can no longer access any of your files and that the only way is to pay them their ransom and they’ll give you the keys and decrypt your files.

CryptoLocker used to be the primary form of this, but there’s a new type of ransomware that’s making the rounds these days: Locky.

Locky spreads as an auto-start macro attached to a Word document. Essentially, you receive the Word document via email or a Dropbox link or some other method, and then if you open the document, the macro will run.  It then downloads and installs the main part of the ransomware program, which then sits in the background encrypting everything it can find before finally telling you that you’ve been had and that you have to pay them to get your stuff back.

Not all antivirus software will detect it, and you can expect that versions will change so newer versions may not be detected right away. Once your system is infected, antivirus software may be UNABLE to detect the infection because it is hiding within the operating system itself.

How do you protect yourself?

Well, the main thing is to NEVER open an attachment that you’re not expecting, that you’re not 100% sure of what it is, and where you don’t know the sender. Even if you get a document from someone you know, it might not ACTUALLY be from them, or THEIR system might be infected and spreading it without their knowledge.

So if you get a document in email or via a Dropbox or other link and you don’t know with 100% certainty what it is, don’t open it. Period.  If in doubt, CALL the person (don’t just reply to the email you received!!!) and ask if they sent you something.  If not then, just delete it.

Of course, ALWAYS have a good backup of EVERYTHING on your system stored someplace that no malware can reach it, which means offsite.