The Federal Trade Commission (FTC) has posted a blog with tips for preventing ransomware infections at businesses. The blog begins with an overview of ransomware, reminding its readers that attacks aren’t just directed at large corporations and adding, “every company is a potential target.” After going through a list of steps to take to protect against ransomware, the blog addresses the potentially tricky question of whether to pay. On this, it notes that, for one thing, paying the ransom doesn’t guarantee the victim will get their data back. On top of that, ransoms reward attackers and may further fund criminal enterprises in violation of the law. For instance, the U.S. Treasury recently issued a warning to all businesses that paying a ransom may violate regulations that prohibit financial support of sanctioned countries or regions. That means they could be fined for paying the ransom. The blog concludes by asserting that the best defense against ransomware is an alert staff trained to spot the preliminary signs of a ransomware attack, offering tips for elements of an effective training program. Read the blog at the FTC.