Email Security Blog

Ransomware – Exploring the Top Phishing Attacks of 2016

Nikki Tyson June 9, 2016 Cybercrime
Fallback Featured Image

On both the enterprise and consumer side, ransomware is a rapidly growing form of malware that effectively holds a user’s device or files at electronic gunpoint.

Ransomware infects a machine and renders it unusable until a ransom is paid to either unlock the computer or decrypt the data. Levels of attacks can vary and often it uses scare tactics, deadlines and intimidation to trick victims into paying up.

In recent months, most ransomware has been distributed via attachments in emails. Though ransomware threats can be advanced, its efficiency hinges on two factors: tricking people into clicking on malicious content and banking on them not having advanced threat protection.

  • University of Calgary announced this week that they had paid a ransom of $20,000 CDN, a week after an initial attack which targeted staff and faculty emails.
  • The Hollywood Presbyterian Medical Center, a Los Angeles-based hospital, had its computers taken hostage by a piece of ransomware called Locky. After being offline for a week, officials eventually had to pay $17,000 in Bitcoin to regain access to patient records. MedStar Health and a hospital in Kentucky were recently hit with similar attacks.
  • Lansing Board of Water & Light, an American public utility, recently became the first example of a utility being successfully compromised by ransomware which took the company’s internal computer systems offline. The attack took place when one of the company’s employees opened a malicious email attachment.

Ransomware Countermeasures
The best defense against this increasingly popular cyber crime is a good offense. Operating systems, firmware, software and applications need to be patched and remain up-to-date to limit the vulnerabilities that are available for criminals to exploit.

In addition, organizations should prepare for the worst by backing-up systems regularly and investing in cyber insurance so that the business can make a full recovery in the event of a ransomware incident.

Download Agari’s executive brief on the Top Phishing Attacks of 2016 to learn more about best practices to stopping phishing attacks.

You can also check out the other posts in the Top Phishing Scams series:

Leave a Reply

Your email will not be published. All fields are required.

Agari Blog Image

July 10, 2019 Ronnie Tokazowski

‘Til Death Do Us Part… Romance Scams and the BEC Game

When we think of business email compromise (BEC), the first thing that comes to mind…

Agari Blog Image

June 5, 2019 Crane Hassold

From One to Many: Scattered Canary Evolves from One-Man Startup to BEC Enterprise

There is no denying that business email compromise (BEC) is big business, with losses exceeding…

Agari Blog Image

April 25, 2019 Crane Hassold

Bitcoin: The Next Evolution in BEC Cash Out Methods?

Historically, business email compromise (BEC) threat actors have used wire transfers as a means to…

Agari Blog Image

April 18, 2019 Ronnie Tokazowski

Do You Know Where Your W-2 Is? Probably Where You Left It

It’s like clockwork. Every year around tax time security vendors (even us!) push out warnings…

Agari Blog Image

April 4, 2019 Crane Hassold

Evolving Tactics: London Blue Starts Spoofing Target Domains

In December, the Agari Cyber Intelligence Division (ACID) published a report on a business email…

mobile image