Phishing emails have continued to grow as an attack vector for ransomware. A crowdsourced service for reporting phishing emails called PhishMe collects reported phishing emails by their users.  The Q1 statistics reported by PhishMe in 2016 show that 92% of phishing emails they collected contained ransomware. Their Q3 statistics showed that number rise to 97.25%. 
With all of the email sent, and ransomware now accounting for 50% of all phishing emails, it is not a matter of IF you will eventually be targeted by these attacks, but WHEN. It is important that we understand the threats about phishing and the dangers they pose.
An example of a typical phishing email is shown below. We will take a look at some key elements of this email, so you don’t get hooked.
*Note: We do not advise anyone to open a spam email
or click any links inside of them.
- First, it looks official. It has the PayPal logo and appears to be a legitimate email. The attackers want you to believe that the email is legitimate, and they will use any means necessary to give you a false sense of security.
- Second, it alerts the user that the account has made recent purchases. These types of tactics are meant to make you react without thinking about what it is you are clicking on. If you see something like this be mindful about what you are clicking on, before it is too late.
- Third, is the transaction id link. If clicked, this would take you to a spoofed login page where you would enter in your login credentials. This would provide your information to the attackers, while you think you are just changing information.
The easiest steps to protect yourself from a phishing attempt are:
- DO NOT CLICK LINKS IN YOUR EMAIL. This may seem like common sense, but as many of us do, we are searching through our emails and not really thinking about what potential harm these emails can cause.
- If you find an email, like the one above, saying that you need to login to update your account information,
- Open up a web browser,
- b. Navigate to the correct website.
- If there is truly something wrong with your account it will be displayed inside the website.
- Check the sender of the email. This will be your first line of defense. Does the sender's email look legitimate? Some common things to look for are a string of random characters in the sender's name (e.g. firstname.lastname@example.org).
- DO NOT DOWNLOAD ANYTHING. Check to see if there are any attachments with the email. You may think that everything is safe, but the attachments could have malicious content attached. If you do have to open an attachment, check it by uploading it to Google Drive and opening it in their platform first. This is a safe environment. Most malicious attachments will not open and Google will give you an error.
- Lastly, you can just delete the email. The safest thing for anyone to do if they don’t recognize an email is to delete it. This will ensure that if there was anything malicious it has been removed and won’t accidently be opened later on.
*If you still have concerns about your account, you can always give the company a call and have them check.
In the example, we use a fraudulent email from PayPal, but they can come in any shape or form.
Source: Symantec 2017 Internet Security Threat Report (ISTR)