Ransomware is one of the most damaging kinds of malware — and one of the most preventable. Here’s what it is, how it gets in, and the practical steps that keep your files safe.
What ransomware is
Ransomware is malicious software that locks or encrypts your files and then demands a payment (a “ransom”) to unlock them. Until you pay — or restore from a backup — your photos, documents and data are held hostage. Paying is risky: there’s no guarantee you’ll get your files back, and it funds more attacks.
How ransomware gets onto your device
Most infections come from a few common routes:
- Phishing emails — a fake email tricks you into opening an attachment or clicking a link
- Malicious downloads — cracked software, fake installers, or dodgy file-sharing sites
- Compromised websites — drive-by downloads from hacked or scammy pages
- Weak remote access — exposed, poorly secured remote connections
The pattern is almost always the same: you run something you shouldn’t have.
How to protect yourself (the essentials)
1. Back up your files. This is the single best defence. If your files are safely backed up, ransomware loses its power — you just restore and move on. Keep backups that aren’t permanently connected to your PC (an external drive you unplug, or cloud storage).
2. Use real-time antivirus. A good antivirus blocks most ransomware before it runs. Even the free, built-in options help — see our best free antivirus for Windows 11 guide, or step up to a paid suite with a dedicated ransomware shield.
3. Keep everything updated. Ransomware often exploits old, unpatched software. Turn on automatic updates for your OS and apps.
4. Think before you click. Don’t open unexpected attachments or download cracked software. Most attacks need you to take the bait.
5. Use strong, unique passwords. A password manager stops one breached password from becoming many.
What to do if you’re hit
- Disconnect the device from the internet and network immediately to stop it spreading
- Don’t pay if you can avoid it — restore from your backup instead
- Run a full antivirus scan to remove the malware before restoring
- Seek help from a professional if it’s a work or critical system
FAQ
Should I pay the ransom?
Generally no. There’s no guarantee you’ll get your files back, and it funds criminals. A good backup makes paying unnecessary.
Does antivirus stop ransomware?
Good antivirus blocks most ransomware before it can run, and many paid suites have a dedicated ransomware shield. It’s not 100%, which is why backups matter too.
Can ransomware affect phones?
It’s far more common on Windows PCs, but mobile threats exist. Stick to official app stores and keep your phone updated.
The bottom line
Ransomware is scary but beatable. The winning combination is simple: back up your files, run antivirus, keep software updated, and don’t click suspicious things. Get those right and ransomware becomes a non-event. Start with solid antivirus protection.