Protelligent®: Ransomware distribution and examples
The threat is real! In our second video, Fred Groehler, Protelligent Principal Engineer, helps you protect yourself from ransomware, whaling and phishing attacks by showing real-world examples and explaining the different methods of distribution.
Emails containing malicious attachments or embedded links are the most common method of ransomware, phishing and whaling distribution.
Another distribution method is fake websites. For example, attackers will set up a website that looks and feels like Amazon.com in an attempt to steal your information.
Legitimate websites that have been infected or contain infected links are also a method of distribution. Advertising links on any website, even Google or Facebook, can be infected with malicious software.
Lastly, these malicious attacks can also be distributed through software demo websites, both free and paid.
Phishing Examples:
- A text message that appears to be from a bank, but the provided link goes to a fake website.
- An email that appears to be from PayPal but contains a bad sender domain and poor grammar. Hovering over the link will reveal a malicious URL
- An email that appears to be from the IRS, but has a bad sender domain. Hovering over the link within the email will reveal a malicious URL. Also, keep in mind, the IRS doesn’t send emails requesting information.
- Emails that appear to be a security breach notification from an insurance company. Although the email appears to be legitimate, hovering over the link at the bottom will reveal a malicious URL.
- Notifications from Amazon that contain a bad sender domain and poor grammar. Hovering over the buttons or links will reveal a malicious URL.
- Notification from shipping companies. These will have a bad sender domain and the content will often not make sense.
Whaling Examples:
- A wire transfer request from someone with whom you are unfamiliar.
- A wire transfer request that contains a bad sender URL.
Ransomware Examples:
- A fake computer warning making it look like your computer has crashed in the hopes that you will call the number listed, connecting you to the attacker.
- A fake computer warning that makes you think the FBI has locked your system and is demanding a ransom to unlock it
Please click here for the final installment in our video series on what you can do to protect yourself from ransomware and phishing attacks.