Email is one of the most common methods by which cybercriminals gather information or commit crimes. Phishing and ransomware attacks are both prevalent and potentially devastating. The information that could be exposed could enable a criminal to access bank accounts, intercept purchases and hold valuable and confidential files hostage.
It’s a common situation experienced by many: you open an email from a friend containing a short message about an attractive offer that seems too good to be true. Or a trusted company tells you your account is at risk. Emails that arrive unexpectedly and prompt urgent action are often actually phishing emails, messages designed to make you reveal personal information, such as passwords and credit card numbers. There were 1,220,523 phishing attacks in 2016, a 65% increase over 2015.ii By some estimates, phishing and social engineering constitute 90% of all cyberattacks.2
Fortunately, most phishing attacks can be easily identified and resisted through the use of reasonable caution and a healthy dose of skepticism. Above are some warning signs and best practices to follow.Be wary of communications that make an unrealistically attractive offer or ask for personal information.
Some fraudulent emails contain attachments or links that enable the cybercriminal to install ransomware—malicious software enabling them to hold your files or system “hostage” until you pay a sum in ransom.
The advice outlined above for phishing will also help protect you from ransomware attacks. Scrutinize any email sent with an attachment, especially if the message was unsolicited or urges you to take immediate action. Never open an attachment from someone you do not know.
In May 2017, a famous, wide-spread malware attack known as “WannaCry” affected approximately 200,000 computers throughout 150 countries.3 Watch the video below from The Washington Post to learn more about ransomware and WannaCry.
1 Source: APWG | 2 Source: Rubica | 3 Source: Cisco