How to protect yourself from ransomware

A white padlock on a dark digital background.
(Image credit:

Ransomware is a nasty kind of malware that locks down files and programs so you can’t open them. In order to get to these files, the ransomware maker requires you to pay money or a ransom. Sometimes the cybercriminal will release your files. Other times they will disappear and keep the files locked.

Protecting yourself from ransomware really isn't that hard, but it does take some time and effort to make sure everything is properly secure. While there isn't a 100% guarantee you'll never be attacked, there are ways to reduce the risk. There are also a few ways you can avoid paying a ransom if your files are ever taken hostage.

Using antivirus software is one of the best ways to protect yourself. But there are a few others worth considering.

Malwarebytes Premium is today's best anti-malware tool
Save 25% on your security:

<a href="" data-link-merchant=""" target="_blank" rel="nofollow">Malwarebytes Premium is today's best anti-malware tool
Save 25% on your security:
Sometimes free software just isn't enough. Malwarebytes Premium is reasonably priced and uses heuristic analysis to identify new strains of malware, cleans up existing infections, helps protect you from phishing scams, and helps stop you downloading further malicious software.

<a href="" data-link-merchant=""" data-link-merchant=""" target="_blank" rel="nofollow">Save 25%| $44.99 $33.74

1. Install an antivirus program

Using antivirus is kind of a given. It's the best and first line of defense for your entire system. Most programs are designed to recognize ransomware and will stop it before it infects your computer, but there are other viruses cybercriminals may use before letting ransomware loose.

Rootkits are a kind of malware that sneak into your computer and give a cybercriminal remote access to it. While this isn't exactly like ransomware, it is a way for someone to sneak through your files and look to see if there is anything worth locking down.

Bots are another dangerous form. Typically downloaded through links sent through email messages, direct messages, and links, once downloaded these too take control of your computer and wreak havoc. They prevent you from opening websites, inundate you with popups, send messages back to the creator, and cause your computer to run really slow.

If you see signs that your computer has malware, make sure you do what you can to get rid of it in order to protect yourself from a more critical attack from ransomware. Using malware removal tools is probably your best bet.

2. Encrypt your files

In addition to antivirus software, all of which recognize and block ransomware, you can use an encryption service to lock down your files yourself in a way that ransomware doesn’t recognize.

Encryption programs scramble your files so it's hard to decipher them if they are captured. This makes it less likely that these files will be held hostage by ransomware because the virus won't recognize them as important. 

On top of encrypting the files, encryption services further lock down individual files or even the whole digital file cabinet with a password or passkey. The only way to gain access is to use the passcode. 

You don't have to share the master code if you're sending these files to someone. Instead, you create and provide a single access code so the receiver can look at one part of the file rather than the entire thing. This further makes it difficult for ransomware to unlock the entire file if somehow it does get access to the shared access code.

Hand increasing the protection level by turning a knob

(Image credit: Shutterstock)

3. Don't open or respond to suspicious messages

Whether it's an email message or a DM (direct message) through social media or even a text, cybercriminals often use this platform to gain your trust, access your computer, or download malware. And they get pretty sneaky with how they do it.

When you get a message, double-check the email address it came from. Cybercriminals create email addresses that look legitimate, but if you look closely, you'll see small differences. For example, 'rnsn' looks really close to MSN's address and can easily be mistaken as legitimate. Facebook knock-offs, like 'facebok', are also commonly used. 

For direct messages through platforms like Facebook Messenger, cybercriminals like to clone profiles for friends and families and then reach out with a message that sounds like it's from someone you know. For these, if you can, find the person's real profile on the social media page and click the Message link and ask if they sent you a message.

4. Back up everything

Probably the most time-consuming part of ransomware protection is also the one that will save you if you become a victim. Backing up your files takes a little effort on your part, but if your files, network, or entire computer become locked down, backed-up files let you bypass paying the ransom and quickly restore everything to pre-attack status.

There are a lot of ways to back up your computer files, but one of the best, easiest, and most secure ways is to use a cloud storage program, like Google Drive, or iDrive. Both have free and paid versions, let you access them from any device, and have added protections to ensure everything saved is well secured until you need them.

If you do find that you're a victim of ransomware, you can scrub your entire system clean (reset to factory settings) then use your backup files to restore everything back to normal. In order for this to be effective, it is important that you back up your files frequently since the last saved backup files will be the ones installed on your system.

5. Invest in ID theft protection

Using an identity theft protection service, like IdentityForce, is another way to protect yourself from a ransomware attack. Cybercriminals don't really use ransomware on personal computers too often. Instead, they target businesses.

If a company that you have worked with becomes a victim of ransomware, you too could become a victim. Cybercriminals in these cases not only lock down critical files but will often swipe client and worker lists that have personal identifying information. These could be bank account numbers, birthdates, social security numbers, and even passwords.

Using an ID theft service helps you keep an eye on the dark web just in case your information is found being sold or used there. The best ID protection services have programs to help you remove your information from criminal selling sites, and restore your identity with credit reporting agencies, the IRS, and more.

Nikki Johnston
Commissioned Editor

Nikki is a commissioned editor for Future Plc covering internet security including antivirus and VPN. With over 18 years of research and writing experience, and 11 years of testing and reviewing internet security solutions, Nikki knows how to dive deep to get the information consumers need to make better buying decisions. She is also a mom to 10 children, and personally uses many of the products she reviews to ensure the safety of her own family.