Most ransomware is spread via phishing, and in this case "Spear-phishing" a specific target, not via random infections from web sites.
It will usually be received via email, direct message, a trojan download, or as in this case delivered via remote desktop connection.
The criminals responsible watch social media for any help requests.
READ THIS AND DO NOT ASSUME YOU ARE SAFE, JUST BECAUSE YOU ARE CAREFUL WITH YOUR PC.
Most of us in here are listed in breached databases, even if you never signed up for something, many of you will have bought things online.
Many creative people have an Adobe account they used to buy Adobe products, which is available to buy on the criminal-net (not going to miss-use the phrase darkweb).
Most of the USA and huge chunks of EU countries population are in the Equifax breached database.
This type of breach is more important as it contained a whole lot of very personal data, inc. fingerprints and social security data, personal and work addresses and contact numbers.
With this information anyone can call you and convincingly pretend to be from a service you really do use. They will be able to provide personal info that will convince you that they are legitimate.
e.g. the sort of info your insurance company will have about you from medical records.
Unless you have payed for the extra service, no company will call you, not even your bank.
If you do receive any unsolicited call, always hang up and call the regular contact number for that company/service (even if it will cost you money and your sanity sitting listening to some crappy out of licence music).
Grins, you need to relegate that phone number, and change to a new one for all your accounts where it is used.