Ransomware is one of the most dangerous and disruptive threats facing PC users today — and it's on the rise. This type of malware silently encrypts all of your personal files, then demands payment in exchange for the decryption key. Once your files are locked, there's often no way to recover them without either paying the ransom (with no guarantee you'll get your data back) or restoring from a clean backup. The good news is that ransomware protection in Edinburgh — and everywhere else — is largely about having the right habits in place before an attack happens.
What Is Ransomware and How Does It Spread?
Ransomware is a category of malware that encrypts the victim's files and demands a ransom — typically paid in cryptocurrency — for the decryption key. Variants like WannaCry, LockBit, and Ryuk have caused billions of pounds of damage to individuals, businesses, and public sector organisations worldwide, including NHS trusts across the UK.
The most common ways ransomware reaches your PC include:
- Phishing emails — A malicious attachment or link disguised as an invoice, delivery notification, or urgent message.
- Malicious downloads — Infected software, pirated media, or fake browser updates from untrusted websites.
- Remote Desktop Protocol (RDP) attacks — Attackers brute-force access to PCs with remote access enabled and weak passwords.
- Compromised websites — Visiting a hacked or malicious website can trigger a drive-by download without you clicking anything.
- USB drives and external devices — Infected drives plugged into your PC can silently install malware.
1. Keep Windows and Software Up to Date
The single most effective ransomware protection step you can take is keeping Windows fully up to date. Many of the largest ransomware outbreaks — including WannaCry — exploited security vulnerabilities that Microsoft had already patched weeks earlier. Victims who hadn't installed the update were left exposed.
Enable automatic updates for Windows, your browser, and any software you use regularly. If your PC is running an older operating system that no longer receives security updates, it's time to consider upgrading — or at minimum, significantly restricting its use online. If you're unsure how to manage Windows updates, our software troubleshooting service can help.
2. Back Up Your Data — Properly
A reliable backup is your most powerful defence against ransomware. If your files are encrypted, a recent clean backup means you can restore everything without paying a penny. But not all backups are equal — ransomware will often attempt to encrypt connected drives and cloud sync folders too.
Follow the 3-2-1 backup rule:
- Keep 3 copies of your data
- Store them on 2 different types of media (e.g., external hard drive + cloud storage)
- Keep 1 copy offsite or offline — disconnected from your PC
An external hard drive that you disconnect after each backup session is ideal as an offline copy. Our complete guide to backing up your PC data covers the best strategies in detail. Customers across Edinburgh — from Leith to Morningside — regularly bring in their PCs after a ransomware attack only to discover their only backup was a network drive that was also encrypted.
3. Use Reputable Antivirus Software
Windows Defender — the built-in antivirus in Windows 10 and 11 — is capable and constantly improving. For most home users, keeping Defender up to date and active provides a solid baseline of protection. If you'd prefer a third-party solution, reputable options include Malwarebytes Premium, Bitdefender, and ESET.
Critically, ensure your antivirus has real-time protection enabled and that it scans email attachments and downloaded files. Many ransomware infections can be caught at the point of download if your security software is properly configured. If you suspect your antivirus has been disabled or isn't working correctly, our virus and malware removal service can carry out a full system audit.
4. Be Extremely Cautious with Emails
Phishing emails remain the most common delivery method for ransomware. Attackers are sophisticated — messages can look convincingly like emails from Royal Mail, HMRC, your bank, or even a colleague. Before opening any attachment or clicking a link:
- Check the sender's full email address — not just the display name
- Be suspicious of unexpected invoices, password reset requests, or delivery notifications
- Hover over links before clicking to see the actual destination URL
- Never enable macros in Word or Excel documents from unknown senders
- When in doubt, contact the supposed sender through a known, trusted method
5. Limit User Account Privileges
Using a standard (non-administrator) Windows account for day-to-day tasks significantly limits the damage ransomware can do. Many ransomware variants need administrator-level access to encrypt system files and spread across a network. By separating your daily account from your admin account, you add a meaningful barrier.
This is particularly important for businesses in Edinburgh with multiple employees — a ransomware attack on a network where all users have admin rights can encrypt every shared drive and workstation within minutes.
6. Enable Controlled Folder Access
Windows 10 and 11 include a feature called Controlled Folder Access, which blocks unauthorised applications from making changes to protected folders (like Documents, Pictures, and Desktop). It's part of Windows Security and can be enabled in just a few clicks:
- Open Windows Security → Virus & threat protection
- Scroll to Ransomware protection
- Toggle Controlled folder access to On
You may need to whitelist certain trusted applications that get blocked, but the added protection is well worth the minor inconvenience.
What to Do If You've Been Hit by Ransomware
If you suspect your PC has been infected with ransomware:
- Disconnect immediately — Unplug the network cable or turn off Wi-Fi to stop the ransomware spreading to other devices or network shares.
- Do not pay the ransom — Payment doesn't guarantee recovery of your files and funds further criminal activity.
- Do not restart your PC — Some ransomware activates fully on reboot. Leave the machine powered on but disconnected.
- Photograph the ransom note — This may be needed to identify the specific ransomware variant, which can help with recovery.
- Seek professional help immediately — Time matters. A specialist may be able to identify decryption tools or recover files from shadow copies before they're overwritten.
At PC Repair Services Edinburgh, we've helped individuals and businesses across the city recover from ransomware infections. Whether you're in Portobello, Corstorphine, or the city centre, our virus and malware removal service includes a thorough assessment of the infection, attempted file recovery where possible, and a clean reinstall of Windows with proper protection in place going forward.
Stay One Step Ahead
Ransomware attackers rely on people being unprepared. A few sensible precautions — keeping your system updated, maintaining offline backups, and staying alert to phishing — dramatically reduce your risk. If you'd like a professional review of your PC's security setup, or you're concerned about a suspicious file or email, get in touch with us or book a repair online. We're here to help Edinburgh PC users stay safe.