Is 'Ransomware' Terrorizing Your Site Visitors? You need to understand how the new threat targeting businesses works, and what to do about it.

By Chemi Katz

Opinions expressed by Entrepreneur contributors are their own.

Ransomware is popping up as an increasingly viable threat for online businesses, but not many people know how it works or how to navigate the threat to protect themselves and their customers.

Related: Do This to Prevent Cybercrime and Save Your Business from Disaster

Yet they should know, because ransomware can be as scary as it sounds. That's why entrepreneurs need to understand how the threat works, to prepare themselves, should an attack hit their company.

In fact, a ransomware attack can happen to any business or customer, but keep in mind that the most prevalent ransomware doesn't actually exist in your website's backend or servers. Instead, it lives in the browsers and devices of your customers, or even those of your staff. It's part of a larger group of malicious software called Client-Side Injected Malware -- malware that individuals unknowingly download into their own systems via bundled apps or otherwise legitimate software.

Your website may be operating perfectly fine, but when a consumer's browser or computer becomes infected with ransomware, the consumer sees malicious links and advertisements overlaid on your website -- and oftentimes these things look innocuous. There may be a fake link, for instance, for "Free Shipping" or "Recommended Products" that looks authentic to the naked eye, but once clicked on, triggers a ransomware attack.

That's what makes this ransomware so dangerous: It completely bypasses your website servers, as it loads after your page renders, so all the protections and safeguards you earlier put into place to secure your website will do nothing to stop ransomware from attacking your site visitors on their own computers. All they have to do is click on one of those fake links in order for it to rear its ugly head.

Once your customer does click, his or her computer immediately locks up and something terrifying like this appears:

In other words, the ransomware itself often looks like a legitimate system message. It can also take the form of popups or windows urging the consumer to contact a customer service center in order to resolve the issue.

No amount of force-quitting the browser or restarting the computer will resolve it. Ransomware is persistent and insidious, and once it's taken over a computer, it's a nightmare to deal with. What's worse is that consumers won't know their computers are infected until an attack occurs.

Related: 4 Ways Your Small Business Can Better Prevent Cyber Crime

If, as in the illustrated example, a consumer calls the phone number on the popup, he or she will be led to a call center offering antivirus and cleaning apps, sometimes at a monthly subscription cost of hundreds of dollars, and with a logmein client that allows the criminals to remotely control the user's computer until they get what they want.

With full access to the computer, the culprits will deny the consumer access to their own systems and files until a hefty ransom is paid. Considering the lifetimes of photos, work and personal content that most people put on their devices, it's no wonder that many in recent months have reported actually paying those ransoms, to regain access to their files.

The worst part? The vast majority of consumers assume that your website, not their own computers, is infected with the malware that has caused this nightmare. You may get frantic customer phone calls, formal complaints from shoppers or inquiries from local media and watchdogs. As a business owner who knows little about this new form of Client-Side Malware, you may assume the problem is coming from your backend.

You'll impulsively place urgent calls to your CTO or IT staff, but the point is, you shouldn't react without considering the problem first.

It's critical that you understand what kind of malware is behind the attack, because oftentimes it will not have come through your backend. It's very possible that Client-Side Malware is the underlying cause. Ransomware is especially destructive because it can ruin an online business' credibility without ever passing through the website itself. So be sure you understand exactly what you're dealing with first. Many site owners will pour thousands (if not hundreds of thousands) of dollars into emergency server protections when the problem isn't stemming from that side of the equation at all. And that's a mistake that can be costly and ineffective.

The takeaway here is that malware developers are coming after online businesses with Client-Side Injected Malware because they know it's far easier to infiltrate a consumer's browser than it is to attack your heavily guarded website servers.

Your customer's front door has become their new back door, and until consumers wake up to the issue, ransomware will continue to grow online. It's your job to understand the new forms of malware your customers are vulnerable to so that when a problem does arise, you'll be able to handle it.

Related: 5 Ways Lax Security Makes Small Businesses Cyber-Morsels for Computer Criminals

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit

Editor's Pick

Related Topics


How This Leader Disrupted and Innovated the Massive Travel Market

Inspirato co-founder and CEO Brent Handler shares the 10 most important leadership lessons he's picked up over the course of his career.

Business News

Man Unexpectedly Wins $4 Million Lottery — On a Ticket He Almost Didn't Buy

A Michigan resident stumbled upon a life-changing $4 million lottery jackpot when his preferred game was unavailable.

Business News

Woman Trapped Under Driverless Car in San Francisco Suffers Life-Threatening Injuries

"There was no driver and no passenger in the car to be able to tell us what happened," San Francisco Fire Department spokesperson Justin Schorr said of the scene.


How to Create A Video-Based Employee Onboarding Program To Maximize New Hire Productivity

This article covers how startups CEOs and hiring managers can create a flexible, video-based onboarding process to maximize new hire ramp and productivity.

Business News

JPMorgan CEO Jamie Dimon Says AI 'Is Real' and Will Eliminate the 5-Day Work Week. Here's How His Company's Going All In.

The financial services firm advertised for thousands of AI-related roles earlier this year.


How to Improve Work-Life Balance and Productivity While Working Remotely

How to maintain a proper work-life balance and increase productivity while working from home.