Skip to content
Search
  • There are no suggestions because the search field is empty.
Cancel
Get Started Now

    Security Awareness Training Blog

    How Highly Personalized Ransomware Attacks Are Getting

    RansomwareCyberheistNews Subscriber Stuart Sanders sent me this: "A friend of mine in Melbourne Australia has been whacked by several crypto attacks on his clients in the last week. He supports accountants, just accountants nothing else."

    Here is an example 2-stage attack which shows how highly personalized these ransomware attacks are getting. Note the language is getting better, but is not perfect. 

    STAGE 1

    Hello,

    You have been recommended by a friend as a reliable firm to handle my company and personal financial plans.

     

    Before I visit your office I will like for you to go through my portfolio so that you can go through and make appointment to make things easier as I am a very busy person. You can refer me to the person to go through this for me.

     

    I will appreciate your fast response.  

    Stuart Hazell

    STAGE 2 

    Once the bad guys received a response from a potential victim regarding the first email, they then send a second email with a link to the documents that they want to "share" with the accountant and this is where the attack is happening.

    This is possibly automated, we cannot say for sure if that is the case or not. The documents are in all cases malicious and infected with ransomware. Opening the document and clicking "enable editing" activates macros that will kick off the ransomware code. Here is an example of how that can look:

    Malicious Word Document

    Regularly warn your users that they remember to never open any attachment they did not ask for, especially if it is from a stranger that they have not communicated with before.

     

    Free Phishing Security Test

    Did you know that 91% of successful data breaches started with a spear-phishing attack?

    Cyber-attacks are rapidly getting more sophisticated. We help you train your employees to better manage the urgent IT security problems of social engineering, spear-phishing and ransomware attacks. Take the first step now. Find out what percentage of your employees are Phish-prone with our free test. Did you know that KnowBe4 also supports "Vishing" where you can actually send your users simulated voice mail attacks?

    Get Your Free PST Now

    PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

    https://www.knowbe4.com/phishing-security-test-offer

     

     

    Return To KnowBe4 Security Blog

    Topics: Ransomware

    Stu Sjouwerman

    ABOUT STU SJOUWERMAN

    Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, Inc., which hosts the world’s most popular integrated security awareness training and simulated phishing platform, with over 54,000 organization customers and more than 50 million users. A serial entrepreneur and data security expert with 30 years in the IT industry, Stu was the co-founder of Inc. 500 company Sunbelt Software, a multiple award-winning anti-malware software company that was acquired in 2010.

    Read more from Stu »

    Subscribe to Our Blog


    Security Awareness Training
    Blog RSS Feed
    Comprehensive Anti-Phishing Guide
    All Posts

    Posts by Tag

    See all

    Posts By Topic

    View All

    Get the latest about social engineering

    Subscribe to CyberheistNews