Marc Saltzman

Special for USA TODAY

In case you weren't aware, the extortion racket has hit cyberspace.

As the name suggests, "ransomware" is a malicious attempt to hold hostage a computer — or rather, the data that resides on it.

Cybercriminals then demand an immediate payment for its release.

These scams are not only prevalent but they're growing significantly, and spreading to mobile devices, too, says security expert Symantec. In fact, news broke this past week of iPhone owners in Australia faced with demands to hand over money to have their phones remotely unlocked

Ransomware was discussed in detail in the recently published Symantec Internet Security Threat Report 2014, Vol. 19. The report found all targeted attacks (including ransomware) have grown by 91 percent compared to 2013 – 30 percent of which were aimed specifically at small-to-midsized businesses.

HOW 'RANSOMWARE' WORKS

Quite simply, thieves try to extort money from you to unlock your Internet-connected computer, usually via credit card payment or some form of money transfer.

While you might think there's a live person on the other end, ransomware is usually a Trojan virus written by a tech-savvy scam artist at an earlier time – but the threat is just as serious.

Ransomware can be spread in several different ways, be it spam that led to a "phishing" attack or via a so-called "drive-by download," where a browser's vulnerability is exploited should you visit specific malicious websites.

Even if you pay the ransom to un-freeze the computer, there's no guarantee the thieves won't do it again. Thieves are netting between $60 and $200 to unlock a computer, on average, says Symantec. Increasingly, attackers are holding data hostage through high-end encryption and threatening to delete the information forever if the fee isn't paid within a specified time limit.

If you get an extortion message, never pay the criminals to release your computer — even though Symantec says a small percentage of victims do end up paying ransoms (nearly 3 percent, according to a 2013 report).

Instead, try to restore your Windows computer to a prior state using "System Restore" (type System Restore in the search window). If this doesn't work, restart your computer in "Safe Mode" (usually by pressing F8 when booting up) and then run Internet security software to remove the threat.

HOW TO FIGHT IT

You can protect yourself from ransomware in a few ways:

— Back up your important files on a regular basis. You can use an external hard drive, online ("cloud") service, USB flash drive or recordable media (such as a disc).

— Use computer security software that protects your PC (and wallet) against viruses and spyware attacks, and be sure to update the definitions quite often — if it's not set up to do this automatically (which is recommended). Also be sure to keep your operating system updated with the latest version.

— Delete suspicious emails from your bank, ISP, credit card company, and so on, instead of clicking on the link that takes you to a phony site asking you for personal information. Never click on attachments you're not expecting. Same goes for your mobile phone, perhaps with a text message from a seemingly legitimate source, but in fact it's a "smishing" attempt (SMS phishing scam).

— When browsing the web, think before clicking on links and banners. Authors of ransomware also like to use pop-up windows that warn you of some kind of malware on your machine. Don't click on the window — instead, close it with a keyboard command or by right-mouse clicking on your taskbar.

— You might even get a phone call from a live person who says they've been contacted by your Internet Service Provider to fix a problem (which doesn't exist). After you follow their instructions they'll likely be in control of your computer (via remote desktop software) and will then try to extort money from you for them to release your files.

— Don't install programs from untrusted sources. Only download and install apps and software from verified sources like official websites and app stores.

Because of its open-source nature, Android phones might be more vulnerable, so users might consider anti-malware software to protect the mobile device — but as we saw in the news this past week, iOS users aren't immune to ransomware attacks either.

— Be cautious about using free Wi-Fi hotspots (such as at a coffee shop) or public computers (such as in an airport lounge). You never know what nearby cybercrooks are scheming to get a hold of your information.

Surf Report readers, have you ever received a ransomware threat? How did you handle it?

Follow Marc on Twitter: @marc_saltzman. E-mail him at techcomments@usatoday.com.

