A form of malicious software called ransomware restricts or stops users from using their computer, either by locking the computer’s screen or encrypting the users’ files until a ransom is paid. Modern ransomware families, commonly known as crypto-ransomware, encrypt particular file types on infected systems and demand that users pay a ransom using specific internet payment methods in order to receive a decryption key.
There are several ways in which users could come upon this hazard. Users who unknowingly browse fraudulent or compromised websites risk downloading ransomware onto their computers. Alternatively, it might be delivered as a payload that other malware drops or downloads. Some ransomware is distributed as email attachments via spam, downloaded from malicious websites via malicious advertisements, or dropped by exploit kits onto weak systems.
When ransomware is installed on a computer system, it can either lock the screen or, in the instance of crypto-ransomware, encrypt certain files. In the first case, an infected system’s screen displays a full-screen graphic or notification that stops the user from using it. The ransom payment instructions are also included in this notification. In the second case, ransomware blocks access to potentially important or priceless assets like spreadsheets and papers.