[Heads Up] Phishing Attacks Are Now The Top Vector For Ransomware Delivery

Ransomware-Attack-Warning-2022Phishing attacks are now the top vector for ransomware delivery, according to researchers at Digital Defense. Phishing emails can be highly tailored to specific employees in order to trick them into downloading malicious files.

Phishing emails are easy to send and lure the unsuspecting victim in with minimal awareness of an attack,” the researchers state.

“The carefully crafted device of a social engineering scheme, the emails are customized to specific targets and appear to be from legitimate, even familiar, senders.

Faced with unmanageable email volumes, even many once-careful users fail to scrutinize incoming mail and note small changes that would otherwise be suspicious red flags. Once the victim opens an email from their ‘bank’ or ‘internet service provider’ and confirms a few account details – or even just clicks into the malicious fake site – the payload detonates and the work of stealing and/or encrypting sensitive data begins. Once this work is completed, users are locked out and a ransom note appears.”

They stated: "In a recent survey, it was revealed that a staggering 78% of organizations experienced one or more ransomware attacks in 2021, 68% of which stated that the attack originated from a direct email payload, second-stage malware delivery, or similar cause. And, IBM’s Cyber Resilient Organization Study noted the top three causes of ransomware that year as social media (19%), malicious websites (22%), and phishing (45%). "

In addition to emails, attackers are increasingly sending phishing messages via social media. Business-oriented platforms like Slack and Teams are particularly effective, since users often access them from their work devices.

“While popularly exploited on email servers, phishing attacks are not confined to inboxes,” Digital Defense says. “ “One of the rising vectors, as noted by [an] IBM study, is social media. Collaboration tools like Teams and Slack are prime grooming places for establishing trust and exploiting ‘coworkers.’

Online spaces like LinkedIn are particularly vulnerable to facilitating attacks; as platforms built for connecting with strangers, they encourage direct messages which often contain links to shared professional interests. Many of those links are credible – some are not.  Unfortunately, with ransomware one click is all it takes.”

New-school security awareness training enables your employees to make smarter security decisions, so they can avoid falling for social engineering attacks. Digital Defense has the story: https://www.digitaldefense.com/blog/what-the-relationship-between-ransomware-and-phishing/

Ransomware Has Gone Nuclear, How Can You Avoid Becoming The Next Victim?

There is a reason more than half of today’s ransomware victims end up paying the ransom. Cybercriminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.

After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.

GoneNuclear-WEBINARJoin us for this webinar where, Roger Grimes, KnowBe4’s Data-Driven Defense Evangelist, dives into:

  • Why data backups (even offline backups) won’t save you
  • Evolved threats from data-theft, credential leaks, and corporate impersonation
  • Why ransomware isn’t your real problem
  • How your end users can become your best, last line of defense

Watch Now

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe To Our Blog

Free Phishing Security Resource Kit

Get the latest about social engineering

Subscribe to CyberheistNews