- Hi, my name is Ying. I'm a commercial graphic designer. And earlier this year I was held to ransom. It was totally unexpected. One minute I was working through emails and the next I had a big red screen telling me all my files had been encrypted and a message asking me to pay $5,000 in Bitcoin to unlock the files. I don't even know how to buy Bitcoin. I honestly started shaking. I was scared and I had no idea what to do. And the threat felt like it was actually in the room with me, but Edwin was very calm though. We turned the computer on and off trying to see if it would make any difference, which it didn't. We read through the instructions on the screen in detail, and then did some research with Edwin's computer to try and work out options. It was a bit confusing to know what to do. To be honest, when you are in a moment, especially I had a deadline to reach and my computer was fully locked down. So I called my manager and let her know what was happening so someone else could pick up the project. And she got me in touch with the IT team. Finally, they were able to access my profile on the cloud, which was backed up regularly. And then they also investigated what had happened and taught me that the ransomware was put in my computer by an email from federal government with the new COVID-19 restrictions. They said it was a fake and not really from the government but it really did look real. So thankfully the company I worked for does back ups to the cloud. And so almost all of my works was being able to be retrieved and no one had to pay the ransom. But if we didn't have the backups I think that would be a very big problem. It's surreal. I mean, looking back, that one little email could have caused such a big problem. The fact that I had heard about ransomware before but never really thought that will be something that would happen to me.

- Unfortunately, Ying's story is one we hear all too often. Every day in Australia, criminals are targeting business to steal credentials and money. So it pays to make sure you have the right defences in place. A few tips that NAB recommends. Firstly, know how to spot suspicious messages. Second, have your data backed up on a cloud or an external device. Third, make sure your software and antivirus software is up to date. Fourth, create an incident management plan in case you do have an issue, Do you and your team know how to spot the red flags? Cyber safety is not just an IT problem, cybersecurity is a team effort. To help make your business a hard target for criminals, visit nab.com.au/security for more information.