10 ominous subject phrases foreshadowing ransomware attack

Looking for new hacking techniques

Spam emails might be much more menacing than you think

Observing the trends of hacking techniques, spam email campaign remains to be the most dominant of them. Certainly, cyber criminals have other tricks up their sleeves: exploit kits, RDP attacks, system vulnerabilities, malvertising, etc.

However, most threatening crypto-malware such as Cerber or Locky are able to wreak havoc depending on a minor detail – whether the targeted victim opens an infected email attachment. It turns out that by paying a closer look at the new incoming email, you can escape a great cyber issue.

The world of ransomware keeps expanding at alarming rate

According to the Cisco 2017 Annual Cybersecurity Report, the number of ransomware rockets by 350% each year. [1] However, it is not surprising since cyber criminals employ every possible tool and target even smallest system vulnerability to occupy systems.

In such manner, we have seen how WannaCry and Petya reverberated throughout the world. Ironically, in the former case, the authors succeeded in their plan because of the hacking tool devised by the very National Security Agency. Speaking of Petya/NotPetya[2], it captured the world in its grip after delivering the corrupted update via the M.E.Doc company network.

Despite these cases, spam and phishing emails reign as the top infection vector. KnowBe4, the provider of popular security and malware awareness campaigns, has discovered that 82% of 10 000 email servers[3] contain evident vulnerabilities which enable hackers to foist corrupted spam emails into traffic.

Menacing subject lines

Furthermore, malware specialists have identified the most popular subject lines and topics which persuade users into opening the corrupted attachment. Here are the ten most prevalent of them.[3] The percent rate indicates their popularity:

  • Security Alert – 21%
  • Revised Vacation & Sick Time Policy – 14%
  • UPS Label Delivery 1ZBE312TNY00015011 – 10%
  • BREAKING: United Airlines Passenger Dies from Brain Hemorrhage – VIDEO – 10%
  • A Delivery Attempt was made – 10%
  • All Employees: Update your Healthcare Info – 9%
  • Change of Password Required Immediately – 8%
  • Password Check Required Immediately – 7%
  • Unusual sign-in activity – 6%
  • Urgent Action Required – 6%

Other threats such as Cerber often tend to use names instead of subject lines. Our another article explicitly elaborates on ways to recognize a phishing email with a corrupted email attachment.

As you can see from the above lines, cyber villains exert psychological pressure not to leave enough time for victims to make the right decision. However, if you get a similar email message, behave in the opposite way. Carefully inspect the email and verify the sender.

Besides fortifying your cyber security with anti-virus tools, share these tips with your colleagues. Knowledge might be the key to the safety of your entire company.

About the author
Lucia Danes
Lucia Danes - Virus researcher

Lucia is a News Editor for 2spyware. She has a long experience working in malware and technology fields.

Contact Lucia Danes
About the company Esolutions