More than four in five organisations (82%) were manipulated via ransomware attacks in 2022, a type of malware which allows criminals to hold information at ransom. 

Cybercriminals successfully infected 62% of these organisations. However, only 33% were able to get their data back after paying a ransom. Cybersecurity experts’ VPN Overview reveal the ways in which ransomware can infect your computer and how to avoid it.  

Five ransomware scams 

1 Phishing and email impersonations

Phishing – sending emails with the purpose of obtaining personal information – is the most common form of cybercrime in 2023.  

The UK had the highest number of people falling victim to phishing in 2022, averaging at 4783 for every million internet users, a 40% rise from 2020.  These cyber criminals may impersonate legitimate companies, such as the cryptocurrency app Bitcoin, before issuing a security alert in an attempt to lure you to a fraudulent site. Once you have entered your security and account credentials, they will inject ransomware into your computer or network, gaining illicit access to your personal information.  

2 Malicious advertising 

Cybercriminals can also spread ransomware through malicious online advertisements, a process otherwise known as malvertising.   

In fact, there were 1251 potential malware advertisements reported between 1 March 2021 to 25 March 2022. It’s important to note that malvertising does not require the user to take any action. You can unknowingly connect to malicious servers while you’re browsing on a trusted website. These malicious servers record information about your device and location. Once malware is sent to your computer, for example, your personal information can then be held at ransom.  

3 Exploiting vulnerabilities 

Exploit kits – toolkits which use codes to exploit vulnerabilities in a system – are often used by cybercriminals. 

These kits work by identifying security gaps and distributing malware. In turn, your personal information can be held at ransom. There are multiple ways exploit kits can infect your computer, including redirecting you to compromised webpages or prompting you to download malicious content. 

4 Social engineering 

Cybercriminals can also obtain personal information through human interactions. This manipulation tactic is known as social engineering. They are likely to pose as customer services, technical support, new employees and authority figures to gain remote access to devices, passwords or other information.  Once they have access to your personal or business accounts, they can commence with ransomware spreading.

5 Drive-by downloads 

Finally, drive-by downloads are a threat to consumers and businesses. This is when cybercriminals install malware without the users’ knowledge. This often happens when people unknowingly visit a malicious website using an outdated browser. Malware is then automatically downloaded onto their computer.  

How to avoid ransomware scams  

1 Invest in cybersecurity

To get started, download an antivirus programme that will offer effective protection against ransomware attacks, such as Bitdefender, Norton and Intego. Then, run an antivirus scan to ensure your device isn’t infected with any malicious software.  

2 Back up your files 

Antivirus software may offer real-time protection against cyberattacks, but it will not restore any lost files. So it’s always a good idea to back up your files in advance.  

 3 Update operating systems and software 

Make sure you’re regularly updating your operating systems and software. This ensures your computer runs smooths and reduces the risk of security breaches.  

4 Prevent scams by being vigilant 

Last and certainly not least, you can avoid ransomware attacks by being vigilant. Don’t reply to suspicious emails, avoid downloading unknown files, double-check links before clicking on them and regularly change your passwords.  

Workplace Wellbeing Professional is an online magazine featuring news and analysis on a broad range of employee wellbeing topics, focused on a UK based audience.