When people talk about cybersecurity nowadays, there certainly seems to be a lot of emphasis put on phishing attacks and ransomware. This is for good reason. Not only can either of these attack vectors create significant difficulties for a business, they are often used in tandem. Let’s discuss why these threats are so potent, and why they so often show up together.
First, it will help to briefly review how each attack works.
Imagine if you tried to log into your computer, only to be presented with a message that your entire computer had been encrypted, and that (unless money is transferred to the perpetrator, often through cryptocurrency, within a period of time) the contents of your device will be wiped. This is precisely the experience of someone victimized by a ransomware attack.
Remember those old scams, where the target would receive an email from some nobility or long-lost relative that asked for a sizable loan or investment (all to be paid back with interest, of course)? These are phishing scams, known as such because the scammer responsible simply distributes a message and waits for someone to take the bait. As time has passed, these schemes have become much more effective - and harder to spot.
Cybercriminals have taken to pairing these attacks together to help them take advantage of as many targets as possible. Let’s run through a fairly typical scenario that someone using both may subject you to, and how you can spot these kinds of joint efforts.
Let’s say you open your business email to find a message that appears to come from the Microsoft Support team - which, unnoticed by you, actually reads “Micrrosoft Support” in one or two places. According to the email, there’s a hugely serious security issue affecting systems across the board, which is why Microsoft is supposedly sending out these emails, with the necessary fix bundled in as an attachment.
Trouble is, this isn’t actually a fix to an issue - it’s actually an executable file that installs ransomware when you try to apply the “security fix” and creates a huge problem.
This is exactly why these two distinct attacks combine so well… by incorporating phishing strategies into the distribution of their ransomware, a cybercriminal has the ability to boost how successfully their ransomware can infect the users that are targeted.
There are assorted warning signs that a message is a phishing attempt that you should always keep an eye out for in order to protect your business. For example:
There are many other steps you need to take to protect your business from these insidious threats - from keeping a comprehensive backup to user training to applying spam filtering to your email. DatCom can help you implement them - give us a call at 903-842-2220 to get started.