Worrying statistics: most malicious spam emails carry ransomware
We have just recently talked about this year’s sudden increase in spam activity which has reached and already bypassed the highs of 2010. We are no longer surprised by finding tens or hundreds of spam emails in your inboxes every day. The more experienced users have learned to ignore them, but the less informed members of the online community are still at risk of getting themselves involved in some tech support or phishing scams. Moreover, an incautious encounter with spam may also lead to a serious computer infection. At this point, ransomware is the cyber threat that should be feared the most. These programs are vicious: once they infiltrate computers, they lock the files contained on the hard disk and external storage devices if any are plugged in. Then they demand that the victims pay a ransom if they wish to get these files back.
Locky virus was one of the first ransomware which creators adopted the malicious spam campaigns to spread this malicious program around. Though there were instances of this technique being used before, Locky managed to utilize it on a more extensive and never-before-seen scale. Numerous Locky follow-ups such as Zepto and ODIN ransomware used the exact same method to get into their victim’s computers as well. Talking about some more concrete numbers, we should mention Proofpoint’s recently released “Threat Summary” of the 3rd quarter of 2016 which shows that an overwhelming 96,8 percent of malicious emails received worldwide carry Locky or a version of this malware attached to them. Proofpoint also mentions other ransomware, including CryptFile2, MarsJoke and Cerber that may not have been as widespread but were also distributed actively over the last quarter. Overall, the ransomware spread is said to have increased by 10 times since the year 2015. Such numbers are especially worrying and only prove that spam campaigns more active than ever, while a large part of the Internet users is still poorly informed the aspect of cyber security or simply choose to ignore it. Unfortunately, such tendencies only contribute to the further increase of malware-infested spam.
Having all these frightening statistics in mind, you might be wondering if it is even possible to protect yourself from ransomware infection. Let us be honest; malware developers can be very creative in their means of tricking the users into downloading infected email attachments. Legitimate-looking invoices, speeding tickets, purchase confirmations and even official notices may be sent your way, but you should never hurry to download any of the attached files, even if you think you trust the person who sent it. Instead, check back with the sender to make sure the email is really safe and meant for you. Also, it is highly recommended to have a backup of your valuable data and keep it on some external storage device in case of emergency.