The Dirty Truth: 93% of all emails now contain ransomware


The Dirty Truth: 93% of all emails now contain ransomware

Ninety-three percent.

According to a report published by PhishMe, that’s the percentage of all emails that contain ransomware. Now 93% may sound a bit farfetched, and it’s easy to write this off as a scare tactic, and just continue opening emails with disregard and abandon. Or should we be paying closer attention to what we receive in our inbox?

On the same report, PhishMe also stated that approximately 6.3 million phishing emails were sent in the first quarter of 2016. That’s a 789% year-over-year increase since 2015. They (PhishMe) believe that this astronomical rise in phishing and ransomware attacks are the result of a perfect-storm scenario, in which several factors culminated to see the rise of attacks in 2016.

The first is the most obvious and has already been touched upon, encrypted ransomware attacks. These attacks are nothing new to the IT security community, but its rise over the years has been exponential. The trends do not look good as there are no signs that encrypted ransomware attacks are going away anytime soon. Most likely this is due to the success of the attacks and the low risk it brings to the cybercriminals.

The second factor is also no secret. When you take a step back and take a look at the amount of downloaders (both legal and illegal) you see a whole lot of people that are just inviting trouble into their lives. Ransomware has been found embedded in everything from videos, music, ebooks, pirated software and the like. Unless the mentality of downloaders change to adopt stricter security protocols, ransomware attackers will never find a shortage in potential victims. This is especially true since million of new downloaders come online for the first time with every passing year.


Cryptolocker has been a prominent threat.

The third and final piece to this nightmarish puzzle is known as “soft targeting by functional area”. Once upon a time, cybercriminals would spam an entire company with a phishing email in hopes that some wayward soul would open the email, download the attachment an infect their system. However, that delivery model was easy to detect and thus their attack would be filtered out. In this day and age, attackers have stepped up their wit and cunning to engage their target. Attackers now meticulously craft emails to look like official documents, use various tricks to make it seem like the email is coming from a known or internal source and would even go so far as to impersonate someone of authority within the company, all in an attempt to con the victim-employee to download the documents or files which have been loaded with all sorts of malware including ransomware Trojans.

Most recently, PhishMe saw an increase in attackers using Javascript downloads which accompanies phishing emails to get their exploits in play. The harrowing reality is that ransomware and other such attacks are not only here to stay, they are escalating at a rapid pace. We must remain vigilant and ever wary if we want to avoid being the next victim of these cybercriminals. It’s not a scare tactic, it’s just reality.

To find out more about simple steps you can take to enhance your IT and email security, download our free security checklist here.

The following two tabs change content below.
David has held positions as Operations Director and Head of IT in legal and professional firms for more than 10 years. He is a Director and co-owner of Amazing Support, a Microsoft Silver & Cyber Essentials accredited specialist Managed IT Support and Cyber Security company. David actively helps SME businesses receive better Managed IT Support and Cyber Security Services in the London and Hertfordshire areas. He also assists overseas companies who are looking to expand their business operations into the UK and helps with their inward investment IT process. A member of The Chartered Institute for IT (BCS), UK Council for Child Internet Safety (UKCCIS) and an event speaker promoting business start-ups and technology awareness. Married with a son, you will often see him riding his bicycle around the Hertfordshire towns! David participates in charity bike rides and is a keen Krav Maga practioner.