If some of your data suddenly appears to be held hostage until you pay a fee, it’s likely that you’ve found yourself a victim of ransomware. This can be a frightening experience that seems to warrant an extreme reaction, but don’t buy into it just yet- there are some things you should know first.

How did I get ransomware?

Did you click on an attached pdf? Did you click on a link from someone that looked like a legitimate contact? Some ransomware can infect your computer by phishing this information by disguising themselves as companies you trust. Though, it’s completely possible you simply visited a website that downloaded the ransomware without your consent as well.

What do I do now?

There are many things you should do, but paying the ransom is not one of them, frequently the ransom-payers still don’t get their data back. Turn off your computer, all connected devices, and any bluetooth devices you have (ransomware can spread). Home computer users should contact their local FBI or local secret services offices, but organizations and offices should contact their designated IT professional immediately. In both cases, you must change all existing passwords once your data is safe. There often is no way to un-encrypt the data and the best recourse is to restore from a backup.

How can I protect myself in the future?

The best defense against ransomware is a good backup. Also make sure that both your operating system and anti-virus is up to date. As specialists learn to identify and block modern ransomware threats, new ones are already developing. This isn’t meant to scare you, but to encourage regular education for those who have access to important data. To the untrained eye, some of these scams appear to be trustworthy websites, emails, and links. But those who’ve been forewarned are more likely to identify this suspicious content.