Ending Soon! Save 33% on All Access

Is 'Ransomware' Terrorizing Your Site Visitors? You need to understand how the new threat targeting businesses works, and what to do about it.

By Chemi Katz Edited by Dan Bova

Opinions expressed by Entrepreneur contributors are their own.

Ransomware is popping up as an increasingly viable threat for online businesses, but not many people know how it works or how to navigate the threat to protect themselves and their customers.

Related: Do This to Prevent Cybercrime and Save Your Business from Disaster

Yet they should know, because ransomware can be as scary as it sounds. That's why entrepreneurs need to understand how the threat works, to prepare themselves, should an attack hit their company.

In fact, a ransomware attack can happen to any business or customer, but keep in mind that the most prevalent ransomware doesn't actually exist in your website's backend or servers. Instead, it lives in the browsers and devices of your customers, or even those of your staff. It's part of a larger group of malicious software called Client-Side Injected Malware -- malware that individuals unknowingly download into their own systems via bundled apps or otherwise legitimate software.

Your website may be operating perfectly fine, but when a consumer's browser or computer becomes infected with ransomware, the consumer sees malicious links and advertisements overlaid on your website -- and oftentimes these things look innocuous. There may be a fake link, for instance, for "Free Shipping" or "Recommended Products" that looks authentic to the naked eye, but once clicked on, triggers a ransomware attack.

That's what makes this ransomware so dangerous: It completely bypasses your website servers, as it loads after your page renders, so all the protections and safeguards you earlier put into place to secure your website will do nothing to stop ransomware from attacking your site visitors on their own computers. All they have to do is click on one of those fake links in order for it to rear its ugly head.

Once your customer does click, his or her computer immediately locks up and something terrifying like this appears:

In other words, the ransomware itself often looks like a legitimate system message. It can also take the form of popups or windows urging the consumer to contact a customer service center in order to resolve the issue.

No amount of force-quitting the browser or restarting the computer will resolve it. Ransomware is persistent and insidious, and once it's taken over a computer, it's a nightmare to deal with. What's worse is that consumers won't know their computers are infected until an attack occurs.

Related: 4 Ways Your Small Business Can Better Prevent Cyber Crime

If, as in the illustrated example, a consumer calls the phone number on the popup, he or she will be led to a call center offering antivirus and cleaning apps, sometimes at a monthly subscription cost of hundreds of dollars, and with a logmein client that allows the criminals to remotely control the user's computer until they get what they want.

With full access to the computer, the culprits will deny the consumer access to their own systems and files until a hefty ransom is paid. Considering the lifetimes of photos, work and personal content that most people put on their devices, it's no wonder that many in recent months have reported actually paying those ransoms, to regain access to their files.

The worst part? The vast majority of consumers assume that your website, not their own computers, is infected with the malware that has caused this nightmare. You may get frantic customer phone calls, formal complaints from shoppers or inquiries from local media and watchdogs. As a business owner who knows little about this new form of Client-Side Malware, you may assume the problem is coming from your backend.

You'll impulsively place urgent calls to your CTO or IT staff, but the point is, you shouldn't react without considering the problem first.

It's critical that you understand what kind of malware is behind the attack, because oftentimes it will not have come through your backend. It's very possible that Client-Side Malware is the underlying cause. Ransomware is especially destructive because it can ruin an online business' credibility without ever passing through the website itself. So be sure you understand exactly what you're dealing with first. Many site owners will pour thousands (if not hundreds of thousands) of dollars into emergency server protections when the problem isn't stemming from that side of the equation at all. And that's a mistake that can be costly and ineffective.

The takeaway here is that malware developers are coming after online businesses with Client-Side Injected Malware because they know it's far easier to infiltrate a consumer's browser than it is to attack your heavily guarded website servers.

Your customer's front door has become their new back door, and until consumers wake up to the issue, ransomware will continue to grow online. It's your job to understand the new forms of malware your customers are vulnerable to so that when a problem does arise, you'll be able to handle it.

Related: 5 Ways Lax Security Makes Small Businesses Cyber-Morsels for Computer Criminals

Chemi Katz

Co-founder and CEO of Namogoo

Namogoo is the Digital Journey Continuity platform — clearing the path to purchase and driving journeys forward. Digital Journey Continuity blocks all competitors' injected ads and delivers the exact personalized promotion each customer needs to continue their journey. By incorporating hundreds of business and behavioral data points, Namogoo autonomously adapts every journey to each individual customer. Over 250 leading global ecommerce brands trust Namogoo to keep their digital journeys moving forward in full force and their business on the path to growth. To learn more, visit www.namogoo.com.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

Apple Is Reportedly Saving the Most Anticipated Siri AI Upgrades For Next Year

AI is still due to debut on iPhones later this year, but it will be a longer wait for some other highly-anticipated features.

Business News

How Much Does It Cost to Develop AI? The CEO of an $18 Billion AI Startup Reveals the Current Price.

There's a sky-high bar to creating AI, and an expert says it will get even more expensive.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Growing a Business

Why I Choose to Publicly Share My Startup's Business Data on LinkedIn — And Why You Should Do the Same.

Here's why I'm sharing my startup's business data on LinkedIn, what data specifically, and how it has benefited my startup – and could benefit your company, too.

Business News

Disney World Guest Services Is Going Viral For a 'Touchingly Human' Approach

Balloons aren't permitted inside Disney World's Animal Kingdom. But try taking one away from a toddler.

Business News

Sam's Club Is Removing a Beloved Free Perk and Members Are Not Happy: 'No Benefits for the Cost'

Disgruntled Sam's Club members are complaining on social media about the new change, effective August 19.