76% of Ransomware Attacks Strike Via Email

[Exterminator]

Email remains the No. 1 threat vector for businesses, with a full 76% of ransomware attacks starting with a malicious message.

According to a survey from Barracuda, phishing—and particularly spear phishing—has become a lucrative art. The attackers also do not discriminate based on company size. Email remains one of the most widely used business communications tools, as well as one of the most commonly targeted threat vectors.

“Whether you are a mid-sized business with limited staff and resources, or a 10,000-employee organization with a dedicated security team and budget—we are all feeling the impact of these attacks,” said Hatem Naguib, senior vice president and general manager for the security business at Barracuda. He noted that criminals are taking the time to personalize the messages, crafting them to be compelling and convincing.

The survey showed that more than half (56%) of those we questioned admitted to being targeted by cyberattacks, with 84% of those admitting their organization felt a significant impact as a result. In fact, on average, organizations had been targeted by cyberattacks five times, with 43% targeted more than five times.

An earlier Barracuda study found that 92% of people surveyed are concerned about ransomware hitting their organization, and nearly half, or 47%, of respondents had been a victim of ransomware already.

The effects of an attack are not limited to the organization itself. More than three in 10 of those we questioned admitted that their customers (35%) and even their employees (32%) had lost faith in their security because of an attack. Perhaps most shocking from a global perspective, around one in five report a temporary closure of business (21%) or a loss of customers altogether (17%).

These figures become even more surprising when assuming that the bigger the company, the larger the security budget.

“Having a sizable security budget isn’t enough to make you immune,” said Naguib. “After all, it doesn’t really matter how much money there is in the budget when the majority of threats are still infiltrating organizations via email. This point brings us back to the very important notion that the most effective security plans include a combination of people and technology.”

Specifically, given that human error is at play, organizations must be prepared with a layered security strategy. That could include spam protection and malware filtering at the gateway, advanced threat protection and sandboxing technologies, and dedicated spear phishing solutions designed to stop highly-personalized attacks.

 

[Dave Russo]

Anyone have any examples of what to watch out for in a infected E-mail?,besides not clicking on them? I mean ones you don't reconise

 

[Nuno]

That's very interesting. I actually wonder what the percentage was before wannacrypt came up. Because before, I had the impression it would be mostly gotten from malicious websites, never even considered emails.

 

[ElectricSheep]

Anyone have any examples of what to watch out for in a infected E-mail?,besides not clicking on them? I mean ones you don't reconise

Mail addy not looking right, hovering over hyperlinks and a strange URL shows up, etc. Plenty of things you can spot if you know what to look for

 

[Winter Soldier]

Anyone have any examples of what to watch out for in a infected E-mail?,besides not clicking on them? I mean ones you don't reconise

@ElectricSheep already said a lot and in addition you can check the attachment's file extension: .js, .exe, .pdf, .doc for example.
Absolutely avoid opening .js and .exe, and you could open .pdf and .doc files by using Sandboxie and offline, to see what happens.

 

[Fritz]

Those e-mails are usually so easy to spot it marvels me they're going through the trouble of sending them out.

It's either an invoice from a company you have no business ties with including some PDF or other file, oftentimes worded a bit funny, clearly showing a non-native writer OR it looks legit, asks you to reset your password or somesuch and links to something like validdomainname.funnydomainname.ltd.

I think their greatest attack vector is my mental health because they irk me to no end. If it wasn't for SpamSieve I'd be in an institution by now.

 

[ElectricSheep]

Those e-mails are usually so easy to spot it marvels me they're going through the trouble of sending them out.

It's either an invoice from a company you have no business ties with including some PDF or other file, oftentimes worded a bit funny, clearly showing a non-native writer OR it looks legit, asks you to reset your password or somesuch and links to something like validdomainname.funnydomainname.ltd.

I think their greatest attack vector is my mental health because they irk me to no end. If it wasn't for SpamSieve I'd be in an institution by now.

Exactly. I get phishing mails from Apple who I have zero connections with - it's an insta-bin job!

 

[soccer97]

In Microsoft Outlook, you can choose to read all mail in text only format. You can also Go into options and choose to turn off many types of extensions in the Attachment/Message Preview window. This includes RTF, PowerPoint, PDF, Mhtml, Excel, name it.

That can help mitigate attacks that are RCE, or for example a Word document that contains malware from displaying in the preview pane. It is in the Options > Trust Center settings.

The other half is all of us trying to stay on top of avoiding social engineering and phishing tricks.

Official Microsoft Support link below.

Preview attachments in Outlook

 

[conceptualclarity]

Anyone have any examples of what to watch out for in a infected E-mail?,besides not clicking on them? I mean ones you don't reconise

You can take the tests...

SonicWall Phishing IQ Test
Test Your Knowledge of Phishing Scams? - washingtonpost.com
Mimecast
Phishing Security Test | KnowBe4

10 Tips on How to Identify a Phishing or Spoofing Email - Return Path
http://lifehacker.com/5873050/how-to-boost-your-phishing-scam-detection-skills
Recognize Identity Theft Scams - Spotting a Phishing Email
Phishing

 

[frogboy]

You can take the tests...

SonicWall Phishing IQ Test
Test Your Knowledge of Phishing Scams? - washingtonpost.com
Mimecast
Phishing Security Test | KnowBe4

10 Tips on How to Identify a Phishing or Spoofing Email - Return Path
http://lifehacker.com/5873050/how-to-boost-your-phishing-scam-detection-skills
Recognize Identity Theft Scams - Spotting a Phishing Email
Phishing

Some good links there. Thanks for that @conceptualclarity

 

[conceptualclarity]

Some good links there. Thanks for that @conceptualclarity

Thanks. I would suggest that people send those links to their friends in an email to further anti-phishing literacy. People will enjoy taking the tests.

I must confess that before I read up on phishing I clicked on a few commercial emails that were probably as phony as could be. Luckily, however, I haven't seen anything come of it. I've passed some online tests indicating I'm not hacked or botted.

 

[cruelsister]

When considering email malware, note that some of this stuff is targeted with much preparation work done before an email is sent out.

For instance, if one would want to infect a certain organization the prep work would include determining either a Vendor and/or Client that would normally correspond via Email with them. Once that is determined the rest is easy, easy. Just type up an email that says something like we are going to sue you, and please open up this RTF document to see the complaint (actually even better is a fake Blackmail email- "I want 10,000USD from you or else I will release THESE naked pictures of your Wife- open the attachment to view them").

Not that I would know anything about this being Kind and Gentle.