About » Sections » Cyber Investigative Group

Ransomware

Font Size: + -
Share & Bookmark, Press Enter to show all options, press Tab go to next option
Print

Ransomware is a type of malicious software, or malware, that prevents you from accessing your computer files, systems, or networks and demands you pay a ransom for their return. Ransomware attacks can cause costly disruptions to operations and the loss of critical information and data. You can unknowingly download ransomware onto a computer by opening an email attachment, clicking an ad, following a link, or even visiting a website that's embedded with malware.

How to Report

If you or your company fall victim to a ransomware scam, it's important to act quickly:

What We Need From You

  • Copy of ransom note (.hta , .info).
  • Copy of encrypted files under 1MB each (.docx, .pdf, .txt, .jpg).
  • Bitcoin wallet address.
  • Ransomware email address (if provided).

Best Practices

The FBI does not recommend paying ransoms. Payment does not guarantee files will be recovered and may embolden malicious cyber actors to target additional organizations, encourage other criminal actors to engage in the distribution of malware, and/or may fund illicit activities.

Maintain offline, encrypted backups of data. Test those backups regularly.

Create, maintain, and exercise a basic cyber incident response plan that includes procedures for response and notification in a ransomware incident.