Protect pc from Ransomware

Ransomware can be a threat to your computer

Security Windows 7 Windows 8 Windows 10
The ransomware malware encrypts files and prevents you from using your computer. Ransomware can spread to other computers and storage devices if your computer is connected to a network.

  • Ransomware can be used to infect your computer.
  • Visit unsafe, suspicious or fake websites
  • You may open file attachments you didn’t expect or that were sent by people you don’t know.
  • Infecting other people’s email accounts, Facebook, Twitter, and instant messenger chats with bad or malicious links.
  • Fake email addresses and websites are easy to recognize. Be aware of unusual spellings in company names, such as “PayPal” instead of “PayPal”, or unusual symbols, punctuation, or spaces (such as “iTunes customer Service”) instead of “iTunes Customer Service”.
  • Ransomware can attack any computer–home computers, servers on an enterprise network, or servers used by government agencies–and it can even target them all.

What can I do to help my computer stay safe?

  • Check that your computer is running the most recent version of Windows. Learn more about Windows Update.
  • Be sure Windows Security is turned on to help protect you from viruses and malware (or Windows Defender Security Center in previous versions of Windows 10).
  • In Windows 10 turn on Controlled Folder Access to protect your important local folders from unauthorized programs like ransomware or other malware.
  • Get ransomware detection and recovery with Microsoft 365 advanced protection.
  • If File History has not been turned on by the manufacturer of your computer, you can back up your files using File History. Learn more about File History.
  • Microsoft OneDrive allows you to store important files. OneDrive includes built-in ransomware detection and recovery as well as file versioning so you can restore a previous version of a file. OneDrive also allows you to edit Microsoft Office files. Your work is automatically saved when you move.
  • Use a secure, modern, browser such as Microsoft Edge.
  • Your computer should be restarted at least once per week. This will ensure that your operating system and applications are current and help your computer run more efficiently.

Note If you are a small business owner, consider Microsoft 365 Business Premium. This includes Microsoft Defender Advanced Threat Protection to protect your business from online threats.

Learn more about Microsoft 365 Business Premium Security

If you suspect that you have been infected,

Antimalware programs such as Windows Security are recommended whenever your computer is infected. If you see new malware in the media or notice unusual behavior on your computer, you can use Windows Security to scan it. See Virus & threat protection in Windows Security for how to scan your device.

If you do get ransomware,

Ransomware infections are usually not visible until you see a notification. This could be in the form of an app or a full-screen message asking for money to unlock your files or PC. After encrypting your files, these messages are often displayed.

Try fully cleaning your PC with Windows Security. This is a must before you attempt to recover files. Also, see Backup and Restore in Windows 10 for help on backing up and recovering files for your version of Windows.

Do not pay ransom to retrieve your files. You can’t guarantee you will get access to your files or PC if you pay the ransom.

What to do if your payment is already made

Contact your bank immediately if you have already paid the ransom. Your bank might be able to block transactions made with credit cards and refund your money.

The following websites can be contacted for information about government fraud and scams:

In Australia, go to the SCAMwatch website.

  • In Canada, go to the Canadian Anti-Fraud Centre.
  • In France, go to the Agence nationale de la securite des systemes d’information website.
  • In Germany, go to the Bundesamt fur Sicherheit in der Informationstechnik website.
  • In Ireland, go to the An Garda Siochana website.
  • In New Zealand, go to the Consumer Affairs Scams website.
  • In the United Kingdom, go to the Action Fraud website.
  • In the United States, go to the On Guard Online website.

Microsoft recommends that your region be contacted by the federal police of communications authority in your area if it isn’t already.

For an illustrated overview about ransomware and what you can do to help protect yourself, see The 5Ws and 1H of ransomware.

If you’re in an enterprise, see the Microsoft Malware Protection Center for in-depth information about ransomware.