{"id":5659,"date":"2016-11-01T08:33:15","date_gmt":"2016-11-01T12:33:15","guid":{"rendered":"https:\/\/me-en.kaspersky.com\/blog\/?p=5659"},"modified":"2017-09-24T18:29:22","modified_gmt":"2017-09-24T14:29:22","slug":"no-no-ransom","status":"publish","type":"post","link":"https:\/\/me-en.kaspersky.com\/blog\/no-no-ransom\/5659\/","title":{"rendered":"Why you should NOT pay ransom to malware creators"},"content":{"rendered":"<p>Usually when we talk about encryptor ransomware, we recommend that victims do not pay the ransom. To begin with, paying encourages malware creators to continue their operations. It\u2019s simple supply and demand: more people pay, increasing the market volume, leading to the creation of more malware \u2014 and more trouble for all.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter size-full wp-image-5660\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2016\/11\/05111936\/no-no-ransom-ig-en-2.jpg\" alt=\"no-no-ransom-ig-en\" width=\"1280\" height=\"840\"><\/p>\n<p>Also, paying the ransom doesn\u2019t ensure the safe and reliable return of files. Think about it for a minute: These people are criminals who have already fooled you, infecting your computer with very dangerous malware and stealing your files. What are the chances that they are going to be honorable\u00a0<em>after<\/em>\u00a0getting paid?<\/p>\n<p>Does that sound pessimistic? Perhaps, but our\u00a0<a href=\"https:\/\/cdn.press.kaspersky.com\/files\/2016\/10\/B2C_survey_2016_report.pdf\" target=\"_blank\" rel=\"noopener nofollow\">recent research bears it out<\/a>. One out of three victims pays the ransom criminals demand for returning files. But a solid 20% of the people who paid never got their files back.<\/p>\n<p>Andrei Mochola, head of consumer business at Kaspersky Lab, commented: \u201cWe urge all ransomware victims, whether large organizations or single individuals, not to pay the ransom demanded by criminals. If you do, you will be supporting the cybercriminals\u2019 businesses. And, as our study shows, there is no guarantee that paying the ransom will actually give you access to your encrypted data.\u201d<\/p>\n<p>Here is what you should do to protect your files from ransomware or recover them in case you\u2019re already infected.<\/p>\n<p>1. Back up your precious data regularly.<\/p>\n<p>2. Use a reliable security solution. It doesn\u2019t have to be a Kaspersky Lab product, though modesty aside, we can assure you\u00a0<a href=\"https:\/\/www.kaspersky.com\/blog\/effitas-certification\/13213\/\" target=\"_blank\" rel=\"noopener nofollow\">we\u2019re good at this<\/a>.<\/p>\n<p>3. If you are using one of our security solutions, make sure you didn\u2019t switch off System Watcher. This proactive security feature is of great help protecting you from the latest species of malware, and it is especially effective in fighting ransomware. Here\u2019s a video about System Watcher and how it works:<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/iX9Ajl8j1Ls?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p>4. If you were unlucky enough to fall victim to an\u00a0<a href=\"https:\/\/index.kaspersky.com\/cyberthreats.html\" target=\"_blank\" rel=\"noopener nofollow\">encryptor<\/a>, don\u2019t panic. Use a clean system to check our\u00a0<a href=\"https:\/\/www.nomoreransom.org\/\" target=\"_blank\" rel=\"noopener nofollow\">No More Ransom<\/a>\u00a0site; we probably have a decryption tool that can help you get your files back. We won\u2019t charge you a penny for that.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Usually when we talk about encryptor ransomware, we recommend that victims do not pay the ransom. To begin with, paying encourages malware creators to continue their operations. It\u2019s simple supply<\/p>\n","protected":false},"author":421,"featured_media":5660,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1486,9],"tags":[613,1201,1239,1203,433,700,131],"class_list":{"0":"post-5659","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-threats","8":"category-tips","9":"tag-advice-2","10":"tag-cryptors","11":"tag-decryptors","12":"tag-noransom","13":"tag-ransomware","14":"tag-research","15":"tag-tips-2"},"hreflang":[{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/no-no-ransom\/5659\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/no-no-ransom\/7965\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/no-no-ransom\/7897\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/no-no-ransom\/7918\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/no-no-ransom\/9461\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/no-no-ransom\/9276\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/no-no-ransom\/13518\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/no-no-ransom\/2582\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/no-no-ransom\/13364\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/no-no-ransom\/6266\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/no-no-ransom\/6712\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/no-no-ransom\/9136\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/no-no-ransom\/13117\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/no-no-ransom\/13518\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/no-no-ransom\/13364\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/no-no-ransom\/13364\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/me-en.kaspersky.com\/blog\/tag\/ransomware\/","name":"ransomware"},"_links":{"self":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5659","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/users\/421"}],"replies":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/comments?post=5659"}],"version-history":[{"count":1,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5659\/revisions"}],"predecessor-version":[{"id":6346,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/posts\/5659\/revisions\/6346"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media\/5660"}],"wp:attachment":[{"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/media?parent=5659"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/categories?post=5659"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/me-en.kaspersky.com\/blog\/wp-json\/wp\/v2\/tags?post=5659"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}