Month: July 2016


Ransomware video

Malware Threats can take over your computer

So much ransomware…

I recently had a rash of what appeared to be ransomware emails show up in my inbox.  I ended up collecting 11 of them in one week.  I decided a video was in order to show what ransomware does.  For the video I created two virtual machines, one with Windows 10 Pro and one with Windows 7 Home.  I thought I might be able to show how different anti-virus products fared, but I didn’t get to that.  To show the effects, I placed a Word file, an Excel file, a simple text file, and several photos on the desktop so it would be easy to see when they were encrypted.

To summarize: Windows 10 was SAFE, Windows 7 got ENCRYPTED!!

I ran Windows 10 first, attempting to open all 11 of the files that had come via email.  Windows 10’s built in Defender anti-virus caught each and every one of the attempts and nothing happened.  The Windows 7 installation didn’t have any anti-virus protection because it doesn’t come with the package.  (I did do another run with Windows Security Essentials installed, and it protected my machine.)  I was only able to get one of the files to run and it encrypted the Windows 7 machine.  Most ransomware requires various pieces of software for them to operate.  It’s possible that the others didn’t work simply because I didn’t have the correct combination of software installed.

Does all ransomware show up in emails?

A lot of the current ransomware will show up as Word or Zip files attached to phishing emails; however, it can also show up when you are on the internet.  It works by redirecting you to an infected web page.  This type of ransomware is know as drive-by.  It requires certain plugins (such as Flash) or vulnerable browsers (such as Internet Explorer) to launch, but they can happen simply by browsing the internet.

The takeaway:

Keep your computer patched and up to date.  Make sure you have anti-virus software and keep it up to date.  Don’t open files sent by email unless you know for sure who they are from and what they are.  If you have to, call the individual to be sure they sent you the file in question.  Once your computer gets encrypted, there is a very slim chance you will recover your files without a good disconnected back-up or by paying the ransom.  The ransomware that infected my machine in the video was in the Locky family.  For more information about this type of ransomware, visit this site:

Ready to see how ransomware encrypts a computer?  Here’s my video:


Protecting yourself

Besides having a good anti-virus software installed, I highly recommend having a back-up system.  If you need help setting one up or just an assessment of your current back-up strategy, contact me.  913-893-1123