FBI Recommends Gmail and Outlook Users Do This *NOW* to Prevent Data Taken Hostage for Ransom

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning after hundreds of victims have had their data stolen and held hostage for ransom.

Medusa, a "ransomware-as-a-service variant used to conduct ransomware attacks," is using techniques such as "exploiting unpatched software vulnerabilities” across organizations in the medical, education, legal fields and more to steal data.

READ MORE: Did You Know Your iPhone Has a Built-In Scanner?

The agencies warn that anyone who uses webmail services such as Gmail and Microsoft Outlook are vulnerable to having their data taken hostage for ransom.

In an advisory, CISA and the FBI offered suggestions for protecting users against Medusa.

How to Protect Your Data on Gmail and Outlook

If using webmail services such as Gmail and Outlook, CISA and the FBI recommend using multifactor authentication, which sends users a security code via text, email or an app to access their account.

The technique adds a "critical, additional layer of security to protect assets accounts whose credentials have been compromised," the advisory states.

READ MORE: FBI Warns of Sophisticated, AI-Fueled Cyber Attack Phone Calls

The agencies also encourage users to ensure all operating systems and software are up to date.

If an account requires a password for login, CISA and the FBI encourage users to create long, unique passwords featuring special characters (if permitted).

The agencies also suggest storing important information on separate hard drives in a secure location, should the need to recover crucial data arise after an attack.

What to Do if an Email Data Attack Occurs

First and foremost, the agencies do not encourage paying ransoms "as payment does not guarantee victim files will be recovered."

“Furthermore, payment may also embolden adversaries to target additional organizations, encourage other criminal actors to engage in the distribution of ransomware, and/or fund illicit activities,” the advisory continues.

If a user falls victim, they encourage reporting ransomware attacks immediately to CISA and the FBI.