Ransomware: Do's and Don'ts

What the University and School is doing to help prevent phishing and ransomware attacks?


Using a layered approach to Cyber Security.

The University utilizes antivirus and anti-malware software, firewalls, web, and e-mail filtering to make it more difficult for ransomware to infiltrate our systems.

Systems are updated on a regular basis.

All our systems are updated on a regular basis to prevent security vulnerabilities.

We keep privileges at a minimum.

We only have a select few end-users with administrator privileges. Most ransomware can only infect at the level of privilege held by the infected user. If that user does not have privileges to change files on the network, the ransomware infection is much more likely to stay contained within that one user’s machine, preventing a much bigger problem.

What can you do to protect yourself from ransomware?


Keep your critical files on Box or OneDrive.

Backing up your data is the single most effective way of combating ransomware infection. Both Box and OneDrive have versioning features that can be useful to recover affected files.

Do not click on any attachments or links from people you do not know.

One of the most important rules when protecting yourself from ransomware is making sure that you do not click on any attachments or links from people you do not know. If you do not recognize the email address, you should never click on any sort of attachment.

Always double-check if you receive an email from someone you know but you were not expecting.

You may receive an email from someone you know, encouraging you to open an attachment or click on a link. However, the email may be a bit of a surprise, i.e., something that you were not expecting. If this is the case, do not click on anything yet!

Make sure you get in touch with the person who sent it to ensure that they meant to. It could be that someone has hacked into their email and sent you ransomware this way.

Always double-check the email address

Hackers are sophisticated these days. They know how to make emails appear as they have come from someone else. They will often copy the structure, logo, font, and other common elements used by establishments such as banks and other well-known organizations, making it appear like the emails are genuine. However, one thing they cannot fake is the email address, so always double-check this.

Be careful, though, as they can put the company’s email address within the email’s subject line to try and trick you, so this is something else to look out for!

Never use your work or school email address to sign up or register for anything online.

Unless it is work-related, do not use your work email address to sign-up for anything online. You should always use your personal account.

Never give out your personal information.

If you receive an email, text, or call from someone you do not know, do not give any of your personal information. Remember, we will never ask for your password in full or part over an e-mail or phone!

Do not download anything from an untrusted website.

Do not download media files or software from unknown websites. Only use trusted and verified sites if you are downloading something. There should be markers of trust, for example, HTTPS in the URL bar instead of HTTP.

Never use unknown USB sticks.

Never connect USB sticks or other storage media to your computer if you do not know where they came from. Cybercriminals may have infected the storage medium and placed it in a public place to entice somebody into using it.

What to do if you believe your system has been infected with ransomware?


Disconnect From Networks

  • Unplug Ethernet cables and disable Wi-Fi or any other network adapters.
  • Turn off Wi-Fi and Bluetooth.
  • This can aid in preventing the spread of the ransomware to shared network resources such as file shares

Disconnect External Devices

  • USB drives or memory sticks.
  • Attached phones or cameras.
  • External hard drives.
  • Or any other devices that could also become compromised

Report the Incident

It is important that incidents are reported as early as possible so that campus can limit the damage and cost of recovery.

If you have access to the internet on another system e-mail us at sphhelp@tulane.edu or call us at 504-988-2685.