diff --git a/docs/content/reference/ransomware.md b/docs/content/reference/ransomware.md
index a8d9b265e..a8f7273ea 100644
--- a/docs/content/reference/ransomware.md
+++ b/docs/content/reference/ransomware.md
@@ -24,7 +24,7 @@ Files are "encrypted" in place with a simple bit flip. Encrypted files are renam
 
 This is a safe way to simulate encryption since it is easy to "decrypt" your files. You can simply perform a bit flip on the files again and rename them to remove the appended `.m0nk3y` extension.
 
-This is sufficient to mock a ransomware attack on your network as your files are left unusuable and are renamed with a different extension, similar to the way that many ransomwares act. As this is a simulation, your security solutions should be triggered to notify and prevent these changes from taking place.
+This is sufficient to mock a ransomware attack on your network as the data in your files has been manipulated (temporarily leaving them unusuable) and are renamed with a different extension, similar to the way that many ransomwares act. As this is a simulation, your security solutions should be triggered to notify and prevent these changes from taking place.
 
 
 ## Which files are encrypted?