Skip to main content

What to do if you're held to ransom

Icon of a book with an information symbol on it

A guide to identify, remove and protect yourself against ransomware.

This guide has simple steps to follow if you are a victim of ransomware. The first section will teach you how to identify ransomware and stop it from spreading. The second part will help you avoid another ransomware attack.

Never pay a ransom

There is no guarantee you will regain access to your information. You may also be targeted by another attack.

Call the Australian Cyber Security Centre 24/7 Hotline on 1300 CYBER1 (1300 292 371) if you need help.

Identify and remove the ransomware

Start here if you are experiencing a ransomware incident.

Not all ransomware incidents are the same. So, some of the steps in this guide may not apply to your situation. Use the actions that best suit your situation. Consider hiring a professional if the affected systems or files are valuable to you.

Protect yourself against the next attack

Learn how to increase your device and account security so that you are not vulnerable.

Was this information helpful?
Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it