Scam medium:

  • Email and text
  • Internet


  • Businesses
  • Individuals

What is ransomware

Ransomware typically involves criminals gaining access to a network or device and encrypting data to make either the system or data inaccessible to users. Cybercriminals demand the payment of ransom in order for victims to be able to decrypt their data or regain access to their networks.

Ransomware can impact a range of devices, from personal mobile devices through malicious applications to entire corporate networks. Ransomware infections can vary in their technical sophistication and level of compromise.

Below are some common types of ransomware:

Cybercriminals may use a combination of threats during their attack to pressure victims into paying. These threats include:

Many ransomware incidents start with an email phishing campaign. The email will contain an attachment which can be an executable file, an archive or an image or a link. Once the attachment is opened or the link is clicked, the malware is then released onto the user's system. The malware can remain dormant for many days or months before files or systems are encrypted or locked.

Other ways networks and devices can be affected are by:

Warning signs and how to protect yourself

Why you should report ransomware to local police and the CAFC

In order for law enforcement to combat fraud and cybercrime, it is essential that those who experience, or fall victim, report it to their local police and the CAFC. Local police are positioned to respond to victims in their jurisdictions and the CAFC supports law enforcement by sharing information collected through these reports to the National Cybercrime Coordination Unit (NC3) and its partners. Learn more about why you should report cybercrime and fraud.

Date modified: