It seems that the rates of phishing emails getting into your inbox, or hopefully being silently moved to your spam folder, have increased by a whopping 789% over what happened in Q4 2015. And though they weren’t targeted phishing attempts, the majority seem to have included some type of ransomware payload, as that’s starting to become more and more popular.
Ransomware is the attack of choice for phishing emails now
PhishMe says that some 6.3 million people fell victim of the aberrant emails over 612 separate waves of emails sent out from errant mailing servers. As it turns out, the phishing emails themselves tended to towards using Locky or TeslaCrypt contained within Microsoft Office documents. Generally they’re quite easy to notice and dismiss as being illicit, though sometimes the wording is just right depending on the person who’s reading it.
PhishMe was quick to point out that JavaScript based scripts and files were generally compressed and sent, sometimes along with a legitimate Microsoft Office file. Locky, the Powliks click-fraud bot and even Dridex, a very destructive trojan that concentrates on banking information, were the most commonly distributed in this manner.
Resumes, invoices and shipping manifests were the usual disguised files, but the broken English and generally poor grammar are dead giveaways that something is not right. The other important things to notice are where they’re coming from. Even if you’re expecting a file of some type like this, checking the actual email header will reveal, at the very least, a suspicious and false email address.
Fighting against getting a virus or malware-ridden program on your PC is actually easy, just be incredibly careful in how you browse the Internet. Moreover, just don’t click on attachments from emails that you don’t know or aren’t expecting. Even if you’re just “curious”. That curiosity could completely ruin your life.