For the longest time, the number one delivery mechanism for ransomware was a phishing email. As much as 91% of ransomware was delivered that way. And then things changed.
According to an article on ZDNet, “in recent years, attackers have successfully pivoted to using remote ports, insecure public-facing servers and other vulnerabilities in enterprise networks to encrypt entire networks – often demanding hundreds of thousands of dollars in payment to release the data again.”
For a short time, hackers changed the way they deployed ransomware. Nobody really knows why, although it may be due to the increase in the number of people working remotely. But what we do know is that after a short hiatus, hackers are once again returning to their favorite way of delivering ransomware: phishing emails.
From ZDNet, “Ransomware attacks via email are on the rise again, with several new and familiar forms of ransomware recently being distributed with the aid of malicious payloads in phishing messages. In recent weeks, researchers at Proofpoint have seen a rise in the number ransomware attacks being distributed by email – including one from ransomware that hasn’t been active in years – with crooks sending out hundreds of thousands of messages every day. The email attacks use a variety of lures to trick people into opening them, including subject lines related to coronavirus.”
They’re back, but not yet in full force. “While the number of email-based ransomware attacks is still small compared to 2016 and 2017, when the likes of Locky, Cerber and GlobeImposter were being distributed in massive volumes of tens of millions, the recent rise in email attacks demonstrates how flexible cyber criminals can be.” We can expect the numbers to rise from here on.
It was smart to deploy cloud-based email security before to protect against phishing attacks and ransomware and it’s smart once again. If you haven’t already deployed phishing protection software in your organization, now’s the time. And Phishing Protection from DuoCircle is the solution for all cost-conscious companies who want to protect their employees without breaking the bank.
Since it’s cloud-based, Phishing Protection requires no hardware, no software, no maintenance and no upfront costs. It also works with every major email provider, sets up in 10 minutes and comes with real-time link click protection.
If you didn’t get your email security right the first time around, you can make up for it today with Phishing Protection from DuoCircle. Try it free for 60 days.