Prevention is the best cure when fighting against one of the fasting growing cybercrimes.

Malicious software that seeks to extort money from victims by ­locking their data – so-called ­ransomware – is a relatively new but ever-growing threat. Here’s what you need to know.

How does ransomware work?

Trojan viruses, also known as crypto-trojans, are malware ­hiding in apparently harmless files such as e-mail attachments or software downloads. They can also be found in the advertising banners of untrustworthy websites.

Once activated, they begin encrypting the data on the user’s PC. The criminals then demand payment to decrypt the data.

How can you protect yourself?

“Up-to-date antivirus software is vital. It recognises most of the ­malware immediately,” says Chris Wojzechowski from the Institute for Internet Security in Germany.

He advises caution before ­opening any e-mail attachments: Do I know the person who sent me the file? Am I expecting an invoice from this shop?

Also, software should only be downloaded directly from its developer and not from third-party vendors.

Particular caution is needed around download portals which sometimes offer expensive ­software extremely cheaply or even for free – these supposed offers are often a trap.

The experts also advise regularly backing up your data to external drives – these can be used to restore any data that gets encrypted by the ransomware.

However, you have to make sure these drives are kept separate from the computer so that they don’t become infected too.

If attacked, what can you do?

If ransomware attacks your computer, you’ll soon know about it – a message will appear from the criminals demanding payment.

At that point you should turn off your computer immediately so that no more files can be encrypted.

You can start up your PC from its boot CD or a boot stick after that, provided that you change the BIOS settings so that these devices are selected as the drive for the boot process, rather than the infected hard drive. In that way you can determine how much damage the ransomware has done.

You can also back up the encrypted file, which usually has a file extension such as .fun or .porno.

The website id-ransomware.malwarehunterteam.com offers a tool that can determine which species of ransomware you’ve been attacked by – this is useful in case it’s one that there’s already a solution for.

What if there’s no remedy for this malware?

If they can’t decrypt their data, some people might consider ­paying the criminals. But the experts strongly advise against this, as it just emboldens the attackers.

Also, “in many cases, the ­necessary decryption keys aren’t given after payment. The data remained encrypted,” says Dennis Schirrmacher from German firm Heise Security.

Then all you can do is inform the police and hope for a solution to be offered in the near future to that particular piece of malware.

If you have a backup, all is not lost. – dpa