Don’t open that! 93 percent of phishing emails are now ransomware

A new report suggests as much as 93 percent of all phishing emails that look to trick users into clicking a nefarious link or open a dangerous attachment, attempt to install ransomware on the user’s system. This suggests that the practice of encrypting files and demanding a ransom proves to be the most profitable way to scam PC users into giving up some coin.

This data comes out of threat management company PhishMe, which noted that phishing attacks riddled with ransomware have gone up from 56 percent of the total attacks in December 2015, to this new height just over six months later. That’s a huge increase, and shows that the malware trend is moving in one very specific direction.

But why? Adware, spyware, and other forms of nasty software have been prevalent for the better part of two decades. Why the sudden switch to this new attack format?

Protect all your hardware with Norton Security Premium

Mainly it’s because ransomware is easy. If a user pays up, you have money instantly. With stolen details they need to be sold, or credit cards used, which could potentially reveal the hacker. Ransomware is safer for them, and faster.

“If you look at the price point of paying the ransom, it is rarely more than 1 or 2 bitcoin, that’s $400 to $800, maybe $1,000 depending on the exchange rate,” said Brendan Griffin, a threat intelligence manager at PhishMe. “That’s a relatively low price point for a small to medium business.”

That’s a key point of this report too, that businesses are being targeted more by ransomware attacks. While there might be more of an emotional tie to documents and data with personal users, there is always a chance that they don’t have the technical know how to acquire the bitcoin usually required for payment. They are also less likely to have the funds to comply.

When it comes to most businesses though, a couple of bitcoins is a drop in the bucket. Ironically, it’s probably cheaper to just pay up (if indeed the files are returned to a working state) than it would be to pay someone to recover them from a back up or other means.

The report also suggests that ransomware is becoming easier to manage and distribute too, with ready-made kits allowing even those with little programming knowledge the chance to send out file-encrypting programs into the wild. Perhaps that’s why we’ve even seen some groups trying to recruit new “affiliates” for their scams.

This ease of use is leading to a more varied use of the nefarious technology too. Those behind it are trying “soft-targeted” phishing scams according to CSOOnline. This involves a blending of direct targeted email, using specific markers for a person such as their name or job title, but without trying too hard to appeal, which would perhaps set off someone more wary.

Unfortunately there aren’t any great methods of dealing with a ransomware attack just yet. Paying up is a bad idea, as it just encourages the practice. Our best suggestion would be to just back up everything important to you several times. It’s the only way to be secure from such an attack.

from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1TLS2UF
Jon Martindale