Skip to main content

How Ransomware Works

Minich MacGregor Wealth Management Minich MacGregor Wealth Management Minich MacGregor Wealth Management Minich MacGregor Wealth Management Minich MacGregor Wealth Management

How Ransomware Works

Please take a few minutes to read this message, because it’s on a very important topic: cybersecurity.

On Friday, May 12, 2017, well over 100 countries started getting hit by one of the largest cyberattacks ever seen.1  This particular attack all centers around a type of scam known as ransomware. 

You know, of course, what a ransom is.  Someone takes something from you—be it your property, your identity, your secrets, even a loved one—and demands money in exchange for returning it.  That’s exactly how ransomware works.  In this case, cybercriminals essentially take your computer hostage, locking you out of your files until you pay a ransom.

Ransomware isn’t new, but it’s now more rampant than ever.  While the odds of you becoming a ransomware victim are probably low, it’s important that you still take steps to avoid it.  After all, cybersecurity is really just an aspect of overall financial security—and financial security is something no one can afford to ignore.

Here are a few things you need to know:

Ransomware can get onto your computer if you visit a malicious or hacked website.  It is often spread through a form of fraud called phishing, which is defined as:

“The creation of email messages and Web pages that are replicas of existing, legitimate sites and businesses.  These Web sites and emails are used to trick users into submitting personal, financial, or password data.  These emails often ask for information such as credit card numbers, bank account information, social insurance numbers, and passwords that will be used to commit fraud.”2

Often, phishing works because it plays on people’s fears, or because it creates a sense of urgency to act.  For example, imagine you get an email that looks like it came from your bank, saying there has been suspicious activity on your account and that you must click on a specific link to fix the problem.  Clicking on the link could automatically download ransomware onto your computer.

In the case of this current cyberattack, victims received a message on their computer saying their files were encrypted, and that they must pay $300 for the files to be released.

How to Protect Yourself From Ransomware

Fortunately, the best way to protect yourself from this or future ransomware attacks is by simply following good internet “hygiene.”  For example:

  • Make sure your antivirus and antimalware software is up-to-date. Also, install a pop-up blocker in your web browser.
  • Routinely backup your computer files. You can save copies of your files to the Cloud with services like Microsoft OneDrive, Google Drive, and Dropbox, or to an external disc or hard drive.
  • Never click on links, read emails, or open attachments from people you don’t know or companies you don’t do business with.
  • When reading emails and websites, scrutinize them carefully. Often, they will be littered with misspellings, which is a strong sign of fraud.
  • Legitimate banks, retailers, and social media sites should never ask for your personal information via email. If you receive a message from someone asking for this info, assume it’s a scam.
  • Furthermore, as a rule of thumb, do not reply to any message, electronic or otherwise, that requests your personal information.
  • When doing business online, look at each website’s address. Secure websites should have a small symbol of a lock next to their URL, or the letters https (instead of merely http) at the beginning of the address.  Both the lock and the letter “s” indicate that the site has been verified as secure.

What do I do if I’ve already been hit by a ransomware attack?

First off, most experts agree you should never pay the ransom.3  There’s no guarantee the criminals behind the attack will hold up their end of the bargain, and it could open you up to other forms of malware.  Instead, you will need to take steps to manually remove the ransomware, which can be very difficult.  If you need help with this, you can visit Microsoft’s page on the subject at


1Mark Thompson & Jethro Mullen, “World’s biggest cyberattack sends countries into disaster recovery mode.” CNN Money, May 14, 2017.

2“Phishing scams,” Canadian Anti-Fraud Centre, modified March 11, 2015.

3Chris Baraniuk, “Should you pay the WannaCry ransom?” BBC, May 15, 2017.