Get All Access for $5/mo

Is 'Ransomware' Terrorizing Your Site Visitors? You need to understand how the new threat targeting businesses works, and what to do about it.

By Chemi Katz Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Ransomware is popping up as an increasingly viable threat for online businesses, but not many people know how it works or how to navigate the threat to protect themselves and their customers.

Related: Do This to Prevent Cybercrime and Save Your Business from Disaster

Yet they should know, because ransomware can be as scary as it sounds. That's why entrepreneurs need to understand how the threat works, to prepare themselves, should an attack hit their company.

In fact, a ransomware attack can happen to any business or customer, but keep in mind that the most prevalent ransomware doesn't actually exist in your website's backend or servers. Instead, it lives in the browsers and devices of your customers, or even those of your staff. It's part of a larger group of malicious software called Client-Side Injected Malware -- malware that individuals unknowingly download into their own systems via bundled apps or otherwise legitimate software.

Your website may be operating perfectly fine, but when a consumer's browser or computer becomes infected with ransomware, the consumer sees malicious links and advertisements overlaid on your website -- and oftentimes these things look innocuous. There may be a fake link, for instance, for "Free Shipping" or "Recommended Products" that looks authentic to the naked eye, but once clicked on, triggers a ransomware attack.

That's what makes this ransomware so dangerous: It completely bypasses your website servers, as it loads after your page renders, so all the protections and safeguards you earlier put into place to secure your website will do nothing to stop ransomware from attacking your site visitors on their own computers. All they have to do is click on one of those fake links in order for it to rear its ugly head.

Once your customer does click, his or her computer immediately locks up and something terrifying like this appears:

In other words, the ransomware itself often looks like a legitimate system message. It can also take the form of popups or windows urging the consumer to contact a customer service center in order to resolve the issue.

No amount of force-quitting the browser or restarting the computer will resolve it. Ransomware is persistent and insidious, and once it's taken over a computer, it's a nightmare to deal with. What's worse is that consumers won't know their computers are infected until an attack occurs.

Related: 4 Ways Your Small Business Can Better Prevent Cyber Crime

If, as in the illustrated example, a consumer calls the phone number on the popup, he or she will be led to a call center offering antivirus and cleaning apps, sometimes at a monthly subscription cost of hundreds of dollars, and with a logmein client that allows the criminals to remotely control the user's computer until they get what they want.

With full access to the computer, the culprits will deny the consumer access to their own systems and files until a hefty ransom is paid. Considering the lifetimes of photos, work and personal content that most people put on their devices, it's no wonder that many in recent months have reported actually paying those ransoms, to regain access to their files.

The worst part? The vast majority of consumers assume that your website, not their own computers, is infected with the malware that has caused this nightmare. You may get frantic customer phone calls, formal complaints from shoppers or inquiries from local media and watchdogs. As a business owner who knows little about this new form of Client-Side Malware, you may assume the problem is coming from your backend.

You'll impulsively place urgent calls to your CTO or IT staff, but the point is, you shouldn't react without considering the problem first.

It's critical that you understand what kind of malware is behind the attack, because oftentimes it will not have come through your backend. It's very possible that Client-Side Malware is the underlying cause. Ransomware is especially destructive because it can ruin an online business' credibility without ever passing through the website itself. So be sure you understand exactly what you're dealing with first. Many site owners will pour thousands (if not hundreds of thousands) of dollars into emergency server protections when the problem isn't stemming from that side of the equation at all. And that's a mistake that can be costly and ineffective.

The takeaway here is that malware developers are coming after online businesses with Client-Side Injected Malware because they know it's far easier to infiltrate a consumer's browser than it is to attack your heavily guarded website servers.

Your customer's front door has become their new back door, and until consumers wake up to the issue, ransomware will continue to grow online. It's your job to understand the new forms of malware your customers are vulnerable to so that when a problem does arise, you'll be able to handle it.

Related: 5 Ways Lax Security Makes Small Businesses Cyber-Morsels for Computer Criminals

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit www.namogoo.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Side Hustle

This 20-Year-Old Student Started a Side Hustle With $400 — and It Earned $150,000 Over the Summer

Jacob Shaidle launched his barbecue cleaning business Shaidle Cleaning in 2021 when he was just 15.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Meta Says Its New Movie Gen AI Is an Industry First — But a Demo Shows It Isn't Perfect

Movie Gen is too expensive to be released to the public yet, according to Meta's chief product officer.

Business News

Mark Zuckerberg Is Now the World's Second Richest Person, Behind Elon Musk

Meta's CEO jumped ahead of Jeff Bezos in Bloomberg's rankings this week.

Marketing

Ad Fatigue is Real — Why Trust and Influencers Are Shaping the Future of Cybersecurity Marketing

With the rapid evolution of cyber threats, businesses are becoming increasingly careful when choosing cybersecurity providers. Therefore, cybersecurity companies must center their marketing strategies around trust, not ads.