This past summer, while on vacation in western Canada, I opened up my trustee 13" MBP circa 2012, to find out that I was the victim of ransomware or some other malevolent piece of software. I try to run a tight ship, but this email that was addressed specifically to me at my email address, mentioned several of my old, but active passwords, stating that they had gained access to my computer and I should comply with their demands or else. It certainly caught my attention. The message rambled on telling when and where to pay them the sum of 900 bit coins (worth about USD$11,000 at that time), or all of my confidential info would be exposed to the open internet. This was about the time when a lot of small US towns were having their municipal computer systems hacked and ransomed had to be paid or else. I quickly phoned my local police department back home and filed a police report regarding this attempted extortion, and got a case number. After alerting some of my critical financial accounts, I contacted a buddy who does electronic security work for a very big aerospace company, asking him for advice. He said that I may have gotten hacked by one of those funky internet ads that seem to always be popping up in my spam file. I did recall several weeks before that I had gotten a rather strange message from Microslop wanting me to do something with my outlook email program. I thought it a bit odd, but responded to the message. I have had this old hotmail account for years and still use it. Anyway thinking back, I think that was the hack-in. My buddy told me that I basically had only a couple of choices, and paying the ransom was not on the short list. He said I could take my MBP to a computer shop and they could try to selectively scan the data SSD and maybe snag the malware (likely, pretty speedy), or I could wait until I got home, pick up a new SSD and quarantine the old SSD. Do a clean install of the OS on the new SSD and start from scratch. He further suggested that I install a good anti-virus program, I went with Kaspersky, and start using a VPN, I went with Nord VPN. Then he suggested that I change all of my passwords for my accounts, programs, sites, routers, modem, etc, making them all strong passwords, i.e., upper/lower case letters, numbers and special characters. The password changing took some time, I now have over two pages of strong passwords that I change (shift) monthly. After getting my system back up and running, I then turned off the wi-fi and put the quarantined SSD in an external enclosure and ran a full scan of the drive. The virus software quarantined three areas where there was a trojan infestation. I removed the trojan infestation and slowly went back periodically to salvage some data, after scanning again. It was during this period, that I received another email message from the ransomers claiming that they still had control of my system (which they did not). This time they were using old passwords that I had long since changed. At this juncture, I decided to file a report with the FBI Cybercrime Complaint Center. I additionally instituted two-step verification processes with as many of my financial and online accounts as I could. Finally, I started using the VPN. Since then, I have had no further intrusions, though I believe that I had one attempt to infiltrate my browser, during the middle of the night, but the attempt was thwarted by the two-step verification process. Now, I make sure to turn off anything with a CPU before I go to bed, including my phone. Finally, I am more vigilant about what plops into my in-box, and tend to reject most of it....if I don't recognize it, it gets tossed.
YMMV.