Mid-2018 trend: Ransomware giving way to phishing attacks
Adrien Gendre
—June 28, 2018
—3 min read
After a year riddled by ransomware attacks such as Jaff, Locky, Wannacry and Petrwarp in 2017, 2018 is giving way to phishing attacks.
If 2017 was the year of ransomware, then 2018 will be the year of phishing.
Whereas in 2017, cyber attacks exploited software vulnerabilities, today they are based on the vulnerabilities of your employees’ cyber vigilance. It’s becoming more and more complicated for employees (whether they’re warned and aware of cyber attacks or not) to succeed in detecting a phishing attack when they see one in their inbox.
The media’s attention to ransomware has raised awareness of it and reduced its impact on companies.
Hackers, for their part, are well aware that the nearly daily coverage of ransomware in the media has led to new vigilance in companies. The latter have begun to implement protection measures both by equipping themselves with appropriate solutions (whether in terms of email protection or data backup systems, for example) and by alerting their employees to the detection of threats. They have understood that email security requires the use of a predictive email filtering solution but also (and one goes hand in hand with the other), employee awareness and the use of best practices.
So today, employees think twice before clicking on an attachment (“Think before you click!”) and companies are making the choice to restore a backup earlier instead of paying a ransom.
These new behaviors make life more difficult for hackers, so they’re looking for other, harder to detect ways to commit their crimes, hence the upsurge in phishing attacks.
New phishing attacks are breaking through our vigilance barriers.
As we have seen since the beginning of 2018, phishing attacks are clearly on the rise. In February alone, we blocked three times more phishing attacks than we did during the biggest waves of attacks identified in all of 2017.
These new attacks succeed by posing as the brands and services we use every day (such as Netflix, Amazon, Alibaba, Whole Foods, Verizon and many more), and exploit our obligations as citizens (creating fake tax forms to fill out) and our activity at work (unpaid invoice, domain name renewal, etc.) Unfortunately, they spare no one and affect every type of industry and every size of company.
Less well known than ransomware attacks, they are becoming increasingly sophisticated, more and more realistic and harder to identify. They slip past employees’ vigilance and circumvent the traditional protections put in place on the email system.
If you have any doubt about it, knock yourself out by putting your ability to detect a phishing email to the test. We’ve developed a game, the Phishing IQ Test, using a series of phishing emails taken from the isitphishing.ai detection engine, which asks the question, “Is this email a phishing email?” Access the test and rate your knowledge level about this kind of attack.
Is switching your email system to a Cloud solution the answer?
It is estimated that 90% of companies will migrate their email systems to a cloud-based solution in 2018.
This massive shift meets several needs:
- Providing a collaborative framework for all employees.
- Does away with the need to deal with email server management and updates.
- Easy integration of third-party solutions.
Switching to a cloud-based email system provides a better guaranty of protection, especially because regular updates limit the risks of security breaches – at first. But in practice, the very success of cloud-based email systems has made them the target of choice for hackers.
So the counterpart to this massive migration lies in the surge of attacks targeting the Office 365 and G Suite environments in particular. The theft of login credentials on these collaborative platforms opens the door to all company applications and data. A jackpot for the hackers!
Moreover, according to our statistics from our site isitphishing.ai, over the first half of 2018 Microsoft has become the brand most used by hackers to execute their phishing attacks.
Attacks using encoding mechanisms like "Punycode", "Zerofont" or "Hexadecimal Escape Characters" are now common on these different platforms.
To enhance their email security, companies need to opt for an additional layer of security that can detect these new sophisticated attacks, including those on Office 365. This is also what Gartner recommends. They estimate that by 2020, 50% of Office 365 clients will be relying on third-party applications to enhance the security of their email.
A specialized solution such as Vade for Office 365 is fully aligned with this strategy and lets you add a complementary layer of security to Office 365 to protect your email system, especially against all these phishing attacks.