Phishing Attacks and Ransomware, What to look out for

Phishing Attacks & Ransomware -Leap managed IT

Data is all around you and if you don’t secure it your business is prey to the evolving cyber attacks in the digital world. Security is something crucial for a business to maintain its reputation. If you are lethargic about securing your business’s data like confidential information, customer details, security numbers, or any other sensitive information then, you have the greatest chance for a cyber attack.

In this article, we Indianapolis LEAP Managed IT will share all necessary information about phishing and ransomware attacks along with some real-time examples. This will help you find ways to protect your business from malware.

It is estimated that, worldwide, cyber crimes will cost $10.5 trillion annually by 2025.

 

What are Phishing Attacks?

Phishing attack is a type of cyber attack where malicious messages/emails seem to be coming from a reputed source. Here, the goal of the cybercriminals is to manipulate users and make them click any malicious link, share any sensitive information like bank details/credentials, or install any malicious files. It is said to be the most widespread and common cyber security attack.

Users are becoming a target through social media accounts, text messages, and emails in this type of social engineering attack. Odd messaging patterns and unusual requests for sensitive information are indicators of phishing attacks.

Phishing has the involvement of 36% in breaches

 

Threats of Phishing Attacks

Many users and organizations are victims of phishing attacks, which has resulted in irreversible damages.

  • Revealing sensitive information like login credentials and bank details
  • Users click on the malicious link as the attackers disguise themselves to be a reputed source
  • At times, the stolen login credentials could be of an employee, which the cybercriminals can use for advanced attack against the company

Types of Phishing with Examples

Phishing Types Examples
Spear Phishing:
This targets specific organizations or individuals to get their login credentials.
Using spear phishing, an attacker attempted to target a worker of Virgin Media subsidiary NTL World. The attacker stated that a new employee handbook needed to be signed by the victim. This was done to tempt them into clicking a link that would have required them to provide sensitive information.
Vishing:
This is the short form of “Voice Phishing” and the attack happens through a phone call. The cybercriminal steals the information through call
The members of the UK parliament became a target in 2019 with a vishing campaign
Email phishing:
The hacker would send emails that would look legitimate and trick the victim to share the information to steal the data
At Sony, hackers used LinkedIn to get information from the employees by sending phishing emails. In this attack they collected over 100 terabytes of data
HTTPS phishing:
Here, the hacker would send an email with the link to a fake website. Using the fake website, the cyber criminal collects the victim’s private information.
The group “Scarlet Window” will look for employee emails of various companies and target them using HTTPS phishing

Ways to Prevent Phishing Attacks

Ways to Prevent Phishing Attacks - Leap managed IT

What is a Ransomware attack?

Ransomware is a lucrative form of malware attack, where the hacker locks, encrypts the victim’s data/files and then demands for a ransom to decrypt the data. This attack spreads through phishing emails or by visiting websites with malware. This would lead the company to go through heavy financial losses.

Types of Ransomware attack

Crypto Ransomware Locker Ransomware
Crypto ransomware encrypts the victim’s files/data and leaves it unusable. Here, the hacker demands a ransom from the user for the data decryption Locker ransomware doesn’t encrypt the files whereas it locks the victim out of the device. Here, the cybercriminal would demand for a ransom to unlock the device

Few strains of the ransomware attack,

Ransomware is 57x more destructive in 2021

 

Ryuk – Ryuk is responsible for more than one-third of the ransomware attacks that happened in 2020. It was targeting hospitals, companies, and government municipalities with lots of damage. The attack encrypts important files and demands ransom in multi-millions.

Bad Rabbit – Bad Rabbit has affected many organizations in Russian and Eastern Europe. This ransomware attack distribution was through Adobe Flash update on the compromised websites with a demand of 0.5 bitcoins as ransom.

Locky – This distribution of this malware is through email in the disguise of an invoice. When the user opens the email, the invoice will scramble and the victim enables a macro in order to read the document. Hence, Locky starts to encrypt the files using AES encryption.

NotPetya – This is not malware instead, it’s a wiper that destroys all the data of the compromised machine instead of demanding ransomware.Petya – Petya encrypts the entire system. It blocks the operating system by overwriting the master boot record.

Threats in Ransomware attacks

When an organization becomes a prey to a ransomware attack, it could experience the following threats,

  • One of the biggest threats would be a financial loss
  • Loss of customer data and confidential information
  • The encrypted files during the attack may go useless
  • Data loss is another big threat
  • Compromising business reputation

Ways to Prevent Ransomware attack

  • Ensure to keep your software up-to-date
  • Train your employees to identify any kind of suspicious emails/messages
  • Ensure to have a secure backup of all your data
  • Secure your system’s network by investing in penetration test
  • Set up firewalls
  • Implement powerful web security solutions

US Based Companies – Who Have Been Attacked in the Recent Months

71.1 million people fall victim to cyber crimes yearly

 

Shields Healthcare Group Breach – June 2022

The Shields Healthcare Group has disclosed that they detected a breach. The stolen records included names, medical records, security numbers and other sensitive information. They couldn’t find any evidence of using the stolen data for any theft. Hence, it has the higher possibility of misusing it in the future.

Capital One Breach – June 2022

A former Amazon employee was convicted in June 2022 for being involved in the Capital One Breach that occurred in 2019. The hacker has stolen the personal information of about 100 million people. Hence, the hacker was sentenced to 45 years in prison. The company Capital One has paid out a fine of $80 million and an additional amount of $190 million in the lawsuit.

Customers of Data Breach Notified by Flagstar Bank – June 2022

The attack occurred during Dec 2021. Flagstar identified the breach by June 2022 and notified the customers of the data breach. The hackers have stolen the social security numbers of nearly around 1.5 million customers. Now, the company has hired a cyber security team to normalize things after notifying law enforcement regarding the breach.

Texas Department of Insurance – May 2022

The state audit after their investigations have revealed that data has been leaked from the Texas Department of Insurance in May 2022. During the breach, data like social security numbers and other sensitive information of nearly 1.8 million has been compromised. Later, the auditors stated that the data hasn’t been used by unauthorized users.

Microsoft Gets Breached by Lapsus$ Group – March 2022

The Lapsus$ group posted a screenshot saying that they have breached Microsoft in their Telegram channel. They took a screenshot inside Azure DevOps, a Microsoft collaboration tool, with the confirmation that Bing, Cortana, and other projects are subjected to the breach.

Later, Microsoft made a confirmation that only one account has been hacked, and the security team was able to stop the attack before the hacker group was able to penetrate deep into the organization.

What You Should Look For – Phishing or Ransomware Attacks?

Whether it is an individual or an organization, the term “Cyber Attack” is vulnerable. It is important to keep your data and business secure to handle any kind of situation. You must ensure to take precautions before the business becomes a target to the cybercriminals but, you must also be preparing to face any worst case scenario. Make sure you have prepared your business and employees to bring back your business even after the impact of a malware attack.

Henceforth, whether it is a phishing or ransomware attack, you must look for ways to fight against it. Implement all necessary steps to bring back your business and as well as to protect it from future attacks. The most crucial steps are to create awareness among your employees and to train your cyber security team to face the situations.

You can also hire a powerful and well-trained cyber security team in Indianapolis from service providers like LEAP Managed IT. We, at LEAP Managed IT, can help you in running your business securely and also provide steps and safeguards to protect your business from any kind of cyber attacks. We can help you with the best solutions by understanding your needs and business.

Also, we handle Managed I.T, phone, Process Automation and more. Like us on Facebook and get more ridiculously helpful tips for your business.

To know more about LEAP Managed IT, check out this video.

Patrycja Thomas

Author: Patrycja Thomas

Fortune 500 sales and marketing veteran dedicated to helping small businesses change the world with technology.