Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here
Leaving Website

You are now leaving and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.


It’s a nightmare scenario: You’re doing work, answering emails or browsing the web when, suddenly, your computer or mobile device stops working. A taunting message takes over your screen, informing you that some faceless internet villain has seized control of the machine and all of your data. To get it back, the message claims, you’ll have to fork over a payment.

Ransomware is a particularly devious type of malicious software, or malware. You can inadvertently download ransomware onto your computer or device by clicking on an online ad or email link, opening an attachment or, in some cases, simply going to a website where it has been planted (a form of attack called a drive-by download).

spinner image Image Alt Attribute

AARP Membership— $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine. Find out how much you could save in a year with a membership. Learn more.

Join Now

Once the program installs itself, it will lock up your computer and communicate the demand for payment, usually in a cryptocurrency such as Bitcoin, Ethereum or Ripple (although ransomware crooks have been known to demand gift cards). More vicious strains of malware will encrypt the files and folders on your machine, external drives you have plugged into it, and other computers on your home or office network.

That last threat — hackers’ ability to infect large computer networks after gaining a single point of entry — has made ransomware increasingly lucrative for international criminal gangs that target government agencies, health care systems and large corporations, including Colonial Pipeline, the gas carrier that was infamously shut down by cybercrooks for several days in May 2021.

The FBI's Internet Crime Complaint Center received 3,474 reports of ransomware attacks in 2021, up 50 percent from the year before. Reported losses jumped from $29.2 million to $49.2 million.

And while attacks on big fish like Colonial Pipeline grab the headlines, small and medium-sized businesses are also in the line of fire. Nearly 44 percent of ransomware attacks in the fourth quarter of 2021 targeted companies with 100 or fewer employees, according to cybersecurity firm Coveware, which helps businesses deal with extortion threats.  

Whatever the target, the price can be steep. Coveware’s tracking puts the median ransom payment at more than $117,000. The true cost of recovering from ransomware can be much higher, as the FBI notes, including lost staff time, computer equipment and files, and the expense of hiring tech help to restore machines and networks.

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.

Warning signs

  • You get an email or instant message that looks phishy. Phishing is the most common method hackers use to spread ransomware, so be wary of messages that appear to come from a trusted source, such as a friend, a coworker or your bank, but seem off in some way (for example, the grammar is suspiciously bad or the sender’s address looks wrong).
  • A pop-up on your computer or mobile device warns of viruses, promises a prize or redirects you automatically to another site.
  • An email with a Microsoft Word document attached asks you to “enable macros” or “enable content.” Opening the attachment or following the enable instructions allows the file to download ransomware or other malicious software onto your computer.
See more Health & Wellness offers >

How to protect yourself from this scam

  • Do set your computer operating system, web browser and security software to update automatically so you’re always protected against the latest threats.
  • Do back up all of your important data. You can do so to a portable drive, but also consider signing up for a cloud-based service that automatically backs up your files and saves previous versions so can get them back unencrypted.
  • Do unplug portable drives from your computer when not in use, to lessen the chances that they, too, will be encrypted in a ransomware attack.
  • Do use an ad-blocker program or browser extension, to help protect your device from malware planted in web ads.
  • Do disconnect an infected computer from your home or office network, to prevent ransomware from spreading to other devices.
  • Do be especially vigilant if you’re working from home. Home computers and networks may have more security vulnerabilities than company systems directly managed by IT staff.
  • Don’t click links in emails without first checking them out. Hover your cursor over the link, so you can see if the internet address, or URL, looks suspicious.
  • Don’t open an email attachment unless you’re expecting a file from someone and you know it’s safe.
  • Don’t click on pop-up ads offering free software products that remove malware from your computer. Some ransomware developers use pop-ups to transfer their programs.
  • Don’t go to websites that contain pornography, pirated movies or other unsavory stuff. Crooks often plant malware in those places.
  • Don’t pay a ransom to online crooks if your computer is attacked. They may just up the price, then destroy your data or leave it encrypted.

More Resources

Discover AARP Members Only Access

Join AARP to Continue

Already a Member?

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.