Get All Access for $5/mo

Is 'Ransomware' Terrorizing Your Site Visitors? You need to understand how the new threat targeting businesses works, and what to do about it.

By Chemi Katz Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Ransomware is popping up as an increasingly viable threat for online businesses, but not many people know how it works or how to navigate the threat to protect themselves and their customers.

Related: Do This to Prevent Cybercrime and Save Your Business from Disaster

Yet they should know, because ransomware can be as scary as it sounds. That's why entrepreneurs need to understand how the threat works, to prepare themselves, should an attack hit their company.

In fact, a ransomware attack can happen to any business or customer, but keep in mind that the most prevalent ransomware doesn't actually exist in your website's backend or servers. Instead, it lives in the browsers and devices of your customers, or even those of your staff. It's part of a larger group of malicious software called Client-Side Injected Malware -- malware that individuals unknowingly download into their own systems via bundled apps or otherwise legitimate software.

Your website may be operating perfectly fine, but when a consumer's browser or computer becomes infected with ransomware, the consumer sees malicious links and advertisements overlaid on your website -- and oftentimes these things look innocuous. There may be a fake link, for instance, for "Free Shipping" or "Recommended Products" that looks authentic to the naked eye, but once clicked on, triggers a ransomware attack.

That's what makes this ransomware so dangerous: It completely bypasses your website servers, as it loads after your page renders, so all the protections and safeguards you earlier put into place to secure your website will do nothing to stop ransomware from attacking your site visitors on their own computers. All they have to do is click on one of those fake links in order for it to rear its ugly head.

Once your customer does click, his or her computer immediately locks up and something terrifying like this appears:

In other words, the ransomware itself often looks like a legitimate system message. It can also take the form of popups or windows urging the consumer to contact a customer service center in order to resolve the issue.

No amount of force-quitting the browser or restarting the computer will resolve it. Ransomware is persistent and insidious, and once it's taken over a computer, it's a nightmare to deal with. What's worse is that consumers won't know their computers are infected until an attack occurs.

Related: 4 Ways Your Small Business Can Better Prevent Cyber Crime

If, as in the illustrated example, a consumer calls the phone number on the popup, he or she will be led to a call center offering antivirus and cleaning apps, sometimes at a monthly subscription cost of hundreds of dollars, and with a logmein client that allows the criminals to remotely control the user's computer until they get what they want.

With full access to the computer, the culprits will deny the consumer access to their own systems and files until a hefty ransom is paid. Considering the lifetimes of photos, work and personal content that most people put on their devices, it's no wonder that many in recent months have reported actually paying those ransoms, to regain access to their files.

The worst part? The vast majority of consumers assume that your website, not their own computers, is infected with the malware that has caused this nightmare. You may get frantic customer phone calls, formal complaints from shoppers or inquiries from local media and watchdogs. As a business owner who knows little about this new form of Client-Side Malware, you may assume the problem is coming from your backend.

You'll impulsively place urgent calls to your CTO or IT staff, but the point is, you shouldn't react without considering the problem first.

It's critical that you understand what kind of malware is behind the attack, because oftentimes it will not have come through your backend. It's very possible that Client-Side Malware is the underlying cause. Ransomware is especially destructive because it can ruin an online business' credibility without ever passing through the website itself. So be sure you understand exactly what you're dealing with first. Many site owners will pour thousands (if not hundreds of thousands) of dollars into emergency server protections when the problem isn't stemming from that side of the equation at all. And that's a mistake that can be costly and ineffective.

The takeaway here is that malware developers are coming after online businesses with Client-Side Injected Malware because they know it's far easier to infiltrate a consumer's browser than it is to attack your heavily guarded website servers.

Your customer's front door has become their new back door, and until consumers wake up to the issue, ransomware will continue to grow online. It's your job to understand the new forms of malware your customers are vulnerable to so that when a problem does arise, you'll be able to handle it.

Related: 5 Ways Lax Security Makes Small Businesses Cyber-Morsels for Computer Criminals

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit www.namogoo.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Leadership

Visionaries or Vague Promises? Why Companies Fail Without Leaders Who See Beyond the Bottom Line

Visionary leaders turn bold ideas into lasting impact by building resilience, clarity and future-ready teams.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Science & Technology

5 Automation Strategies Every Small Business Should Follow

It's time we make IT automation work for us: streamline processes, boost efficiency and drive growth with the right tools and strategy.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Green Entrepreneur®

How Global Business Leaders Can Build a Sustainable Supply Chain

Businesses can build sustainable supply chains by leveraging technology to reduce environmental impact, optimize resources and track emissions while balancing operational efficiency and sustainability goals.