University of Wisconsin–Madison

Are you at risk of a ransomware attack?

93 percent of all phishing emails are now ransomware. This type of malware blocks you from accessing your computer, phone or tablet, by either locking your device or by encrypting your files, until you pay a ransom. Do not pay the ransom!

Here’s what you need to know about ransomware, how to protect yourself, and what to do if your device becomes infected.

What does a ransomware threat look like? There are three types:

  • Ransomware that encrypts your files. You’ll find a text file where your files used to be with instructions for payment.
  • Ransomware that displays a full screen image that blocks all other windows and demands payment. No personal files are encrypted.
  • Ransomware that locks you out of your mobile phone or tablet. Typically, a message appears that your device is locked and instructs you to contact a provided phone number or email address.

How does a device become infected by ransomware? Here are the most common ways:

  • Opening attachments in spam emails. The attachments may look like normal documents or files.
  • Visiting infected websites. These may be websites compromised by hackers or websites set up for the sole purpose of infecting anyone who visits the site.
  • On mobile devices, the main culprits are visiting infected websites or downloading a malicious app.

How can I protect myself from ransomware?

  • Keep all of your antivirus and malware protection up to date. Remember, all UW-Madison faculty, staff, and students can download Symantec antivirus for free and all computers connected to the University’s networks are required to have up-to-date antivirus protection installed.
  • Download and install the latest security upgrades.
  • Read and understand the access rights you are giving to that new app before clicking “agree” and downloading it onto your smartphone.

What do I do if my device becomes infected?

  • Do not pay the ransom. Not only does it fund the hackers and allow them to continue their scam, they often will just take the money and run without unlocking the device.
  • Contact the DoIT Help Desk. They are here to help you.
  • There are many different solutions available for removal. Tools like Norton Power Eraser and Norton Bootable Recovery Tool can help remove many threats.
  • If your files have been encrypted, there may be a tool available to unencrypt them. If there is no tool available, you may have to restore them from a backup.



ComputerworldCSODigital Trends, ForbesSophos Knowledge Base, Symantec Official Blog