Analysis reveals that almost all phishing attempts now involve ransomware

Shawn Knight

Posts: 13,062   +130
Staff member

During a recent visit to the dentist, I heard a familiar narrative play out between the dentist and his assistant. The dentist was recounting a conversation he had with a fellow dentist in which a “hacker on the Internet” infiltrated the computer system at his friend’s business and locked everything down – a typical ransomware infection.

I casually explained that the Internet is by and large a safe place and that the victim likely opened an e-mail containing a malicious attachment or clicked on a bogus link within a phishing e-mail. Needless to say, my comments fell on deaf ears as the dentist ultimately instructed everyone in his office not to get online.

Ransomware is becoming increasingly more common. In fact, according to a recent report from threat management firm PhishMe, phishing attacks with a ransomware payload have increased from 56 percent in December 2015 to an incredible 93 percent.

Why the sudden jump, you ask? It’s simple – ransomware is much easier to deal with on the attacker’s side.

With malware that steals personal information, an attacker must either use the stolen credentials themselves and risk being caught or sell the data off to someone else. Either way, it takes time to get paid. Ransomware, on the other hand, is quick and easy. The victim pays the ransom – usually via Bitcoin – and the attacker (hopefully) sends over the decryption key.

There’s far less risk of being caught due to the anonymous nature of Bitcoin and there’s not much wasted time between the infection and payment (assuming of course that the victim does decide to pay up).

Image courtesy Kaspersky

Permalink to story.



Posts: 8,645   +3,289
Nobody's immune to a scam but people who fall for anything so blatantly obvious deserves what they get. There is no cure for carelessness & stupidity.


Posts: 16,498   +5,305
Dear God, they phish on the phone here in the states. "The IRS is filing suit against me for back taxes. Call blah, blah, BlahBlahBlah, So I've haven't had taxable income in more than a decade. I keep half-a$$ wanting to call them back, see if I get a human on the phone, and try and break their head. "Well, do you mind if I speak to your supervisor? Can I come to your field office with my lawyer to see if we can work out a deal". (All under an assumed name with a blocked phone number, of course)

The trouble is, the phone number they want you to call is probably $10.00 a minute, and that's the scam. :D.

Raoul Duke

I actually had a call to the CRA (Canada's equivalent to the IRS) intercepted and was given a message that they had a new number and if I pushed the right button on the phone for (I think it was) $4.99 I would get the correct number. I hung up and tried later and I actually had the right number. Whoever is doing this, does it at different times of day and has not been caught yet. Since it was tax time the CRA was getting a lot of calls.
As if white collar crime wasn't enough of a piss off, the rising low level street crime (don't leave a bike outside, now they break into your garage/house and steal it, similar if you have a nice car or a car stereo) the internet scammers and now my wish we had flogging here or something similar.


Posts: 16,498   +5,305
Last edited: