How to protect Windows 10 and 11 PCs from ransomware

CryptoLocker. WannaCry. DarkSide. Conti. MedusaLocker. Qilin. The ransomware threat has exploded over the past decade, and it isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world.

Ransomware gained in popularity in large part because of the immediate financial payoff for attackers: It works by encrypting the files on your hard disk, then demanding that you pay a ransom, frequently in Bitcoin or other cryptocurrency, to decrypt them. Now many ransomware gangs are switching tactics, stealthily infiltrating enterprise systems, collecting sensitive corporate data over time, and later threatening to expose that data if the organization doesn’t pay up.

Nevertheless, individuals and businesses are still at risk from traditional ransomware attacks. In this article, I’ll show you how to keep yourself safe in Windows 11 — and Windows 10 too, for those who haven’t yet moved to Windows 11 — including how to use an anti-ransomware tool built into both versions of Windows.

(Administrators, see “What IT needs to know about ransomware and Windows” at the end of this article.)

This article assumes that you’re already taking the basic precautions against malware in general, including running anti-malware software and never downloading attachments or clicking links in email from unknown senders and suspicious-looking email. Also note that this article has been updated for Windows 11 25H2 and Windows 10 22H2. If you have an earlier Windows release, some things may be different.