SO, WHAT HAPPENS WHEN YOU CLICK ON A LINK THAT YOU SHOULDN’T?

Research by Norton shows that 1 in 3 UK adults clicked on a link last year that they shouldn’t have and we at Reassura are always warning people not to click on links unless you are 100% sure of the sender. However, what happens if you do?


The two big worries about clicking on a link are either inadvertently downloading malicious malware onto your device or being taken to a site where you divulge personal data/passwords etc. Today we are going to look at the former and specifically, ransomware.


Ransomware is effectively a file that will either encrypt everything on your computer, making it all inaccessible and the only the hackers have the code to unlock it or lock your computer. The attackers then contact you and offer to unlock your PC for a fee, hence the name ransomware. A particularly malicious version of this scam has recently surfaced where clicking on the PayPal link to pay takes you to a fake PayPal login page which records your login details and allows the criminals unfettered access to your account.

RANSOMWARE COMES IN 3 LEVELS:

  • Scareware – Suddenly a pop-up message informs you that malware has been discovered on your device and the only way to get rid of is to buy some rogue software. Apart from a lot of repeated pop-ups this isn’t really a threat and can be ignored


  • Locked Screen – Upon turning on your PC the screen is locked and there is a message, sometimes claiming to be from the Police saying illegal activity on your PC has caused them to freeze it until a fine is paid, obviously this is fake. Some of these viruses have scary names like Cryptolocker.


  • Encrypting Ransomware – This one is the nasty one, as described above, it stops you accessing your files and demands payment. Unfortunately, there is no solution, and that includes paying. If you pay there is no guarantee that you will get access back and so the advice is don’t pay!

So, what can you do about it?

  • Disconnect from the Internet – With both locked screen and encrypting ransomware upon discovery immediately disconnect from the internet, just in case the fraudsters are downloading your files.


  • If you know the name of the virus – use another device to find the right solution, different viruses have different solutions.


  • If your computer is still accessible – That is, it still lets you use it, try downloading anti-malware software such as Malwarebytes, (this is a free program). Click on the free download, once installed run a full scan and tick the boxes of all detected infected files, then click on remove selected to clear the files. This is a sensible response to both Scam ware and Locked Screen


  • If your PC is locked – you will need to go into Safe mode. To do this switch-off, then switch -on and while its booting-up press F8, then use arrow keys to choose “Safe Mode with Command Prompt”, then type rstrui.exe, press enter. This will take you to a list of saved times when your PC was backed-up, pick a time before the infection and restore your PC to then. At this stage it is worth doing a full malware scan using either anti-virus software or the Malwarebytes mentioned above


  • Professional help – If the above fails to help or you would rather get someone else to help then find a local, (well-reviewed), PC repair shop and take your PC in to them


  • Still Unsure? – Join Reassura or call 0800 888 6400 and one of our fraud advisor’s will help you to stay safe

If you think that you may have been a victim of Ransomware:

  • Contact ActionFraud to report the crime and get a Crime Reference Number


  • If you have made any payment with your credit card contact your credit card provider’s fraud department


  • If you paid by debit card, contact your bank


  • If you’re worried about identity fraud and would like to protect your identity contact CIFAS