The Dirty Truth: 93% of all emails now contain ransomware

Ninety-three percent.

According to a report published by PhishMe, that’s the percentage of all emails that contain ransomware. Now 93% may sound a bit farfetched, and it’s easy to write this off as a scare tactic, and just continue opening emails with disregard and abandon. Or should we be paying closer attention to what we receive in our inbox?

On the same report, PhishMe also stated that approximately 6.3 million phishing emails were sent in the first quarter of 2016. That’s a 789% year-over-year increase since 2015. They (PhishMe) believe that this astronomical rise in phishing and ransomware attacks are the result of a perfect-storm scenario, in which several factors culminated to see the rise of attacks in 2016.

The first is the most obvious and has already been touched upon, encrypted ransomware attacks. These attacks are nothing new to the IT security community, but its rise over the years has been exponential. The trends do not look good as there are no signs that encrypted ransomware attacks are going away anytime soon. Most likely this is due to the success of the attacks and the low risk it brings to the cybercriminals.

The second factor is also no secret. When you take a step back and take a look at the amount of downloaders (both legal and illegal) you see a whole lot of people that are just inviting trouble into their lives. Ransomware has been found embedded in everything from videos, music, ebooks, pirated software and the like. Unless the mentality of downloaders change to adopt stricter security protocols, ransomware attackers will never find a shortage in potential victims. This is especially true since million of new downloaders come online for the first time with every passing year.

cryptolocker
Cryptolocker has been a prominent threat.

The third and final piece to this nightmarish puzzle is known as “soft targeting by functional area”. Once upon a time, cybercriminals would spam an entire company with a phishing email in hopes that some wayward soul would open the email, download the attachment an infect their system. However, that delivery model was easy to detect and thus their attack would be filtered out. In this day and age, attackers have stepped up their wit and cunning to engage their target. Attackers now meticulously craft emails to look like official documents, use various tricks to make it seem like the email is coming from a known or internal source and would even go so far as to impersonate someone of authority within the company, all in an attempt to con the victim-employee to download the documents or files which have been loaded with all sorts of malware including ransomware Trojans.

Most recently, PhishMe saw an increase in attackers using Javascript downloads which accompanies phishing emails to get their exploits in play. The harrowing reality is that ransomware and other such attacks are not only here to stay, they are escalating at a rapid pace. We must remain vigilant and ever wary if we want to avoid being the next victim of these cybercriminals. It’s not a scare tactic, it’s just reality.

To find out more about simple steps you can take to enhance your IT and email security, download our free security checklist here.

Share this:

Facebook
Twitter
LinkedIn
WhatsApp
Email
Print