Skip to main content

Accidentally installing malicious software onto your device is frustrating – there’s no doubt about that. But it’s even more worrying when you’re virtually held to ransom over files that have been encrypted by a virus that you’ve downloaded. The type of software that can do this is called ransomware.

Security firms are now warning that a new form of ransomware called Locky has seen a sudden surge in the past couple of weeks. To make sure you know what to look out for, we’re going to take you through how to avoid this virus.

New form

Traditional ransomware gets installed onto a computer via a phishing email, spam or fake software update. Once a link has been clicked onto or an attachment opened, the virus then sets about encrypting files on the user’s computer or device.

If the user wants to regain access to their files, a fee is then demanded. The ransom amount is often requested in bitcoins – a digital currency that’s harder to trace. The usual request is often for one or two bitcoins, currently equivalent to around £330. A deadline can be set and it’s likely that the ransom will increase if the user doesn’t pay it. Up until this point, ransomware viruses were only found on PCs but a virus has now been discovered on Apple devices for the first time.

A new form of ransomware called Locky has the same procedure of encrypting files on an infected machine and then asking for payment, but the fee is often higher. The current demand seen in cases is 3 bitcoins (£885 at current exchange rates).

Initial versions of the Locky virus saw the malicious attachment come in the form of Microsoft Word but it has now switched to using attachments written in JavaScript. This switch to JavaScript has made it harder for Locky to be spotted by anti-virus software.

Security firm Fortinet revealed that it had caught almost 19 million copies of ransomware emails over the last two weeks. Out of this figure, it’s believed that the latest version of Locky using JavaScript is responsible for 16.5% of this.

Protect yourself

To make sure you do everything to protect yourself from a scam like this, do the following:

• Keep a copy of all of your important files on an external drive and back this up regularly.

• Never open attachments or click on links included in unsolicited emails. Even if you think you know the sender, you should look out for spelling mistakes or unusual wording as this can often be a sign of a computer or email hack. Talk to the sender before you open anything.

• Make sure you have antivirus software installed on your computer and that it’s up-to-date. AVG, Avast (available for Mac users as well as PC customers), Panda Security and Avira all offer free antivirus programmes.

• Only visit sites and download software that you know to be reputable.

• Regularly run a full system scan to detect and remove ransomware and other malicious software on your computer.

If you believe that you have ransomware on your computer, try not to panic. You should never consider paying the ransom as there’s no guarantee that they’ll clear the infection after you pay them – or that they won’t just request more money.

Before you do anything, it would be advisable to get in contact with the police, you should then report the incident to Action Fraud.

Legal Information