If you see a pop-up window, webpage, or email message warning you that your computer has been locked because of possible illegal activities, you might be a victim of a criminal extortion scam called ransomware.
Ransomware often masquerades as an official-looking warning from a well-known law enforcement agency, such as the US Federal Bureau of Investigation (FBI).
The aim of ransomware is to prevent you from using your computer until you pay a fee (the “ransom”). If you get an email message or a warning like this, do not follow the payment instructions. If you pay the ransom, the criminals probably won’t unlock your computer and might even install more viruses or steal your personal and financial information.
Example of ransomware
What to do if you think you’ve been a victim of ransomware
If you’ve already paid the scammers, you should contact your bank and your local authorities, such as the police. If you paid with a credit card, your bank may be able to block the transaction and return your money.
To detect and remove ransomware and other malicious software that might be installed on your computer, run a full-system scan with an appropriate, up-to-date, security solution. The following Microsoft products can detect and remove this threat:
- Windows Defender (built into Windows 8)
- Microsoft Security Essentials
- Microsoft Safety Scanner
- Windows Defender Offline (Some ransomware will not allow you to use the products listed here, so you might have to start your computer from a Windows Defender Offline disk.)
- What is ransomware?
More information about how to prevent and get rid of ransomware