Almost 800 per cent jump in phishing emails with ransomware

PhishMe, a security company providing anti-phishing solutions, released today a new report, analysing the state of phishing attacks worldwide, and the numbers are staggering, even though expected.

The first quarter of 2016, compared to the last quarter of 2015, has seen an incredible 789 per cent jump in the number of phishing emails containing malicious code, mostly ransomware.

The company said there has been a “6.3 million increase in raw numbers”.

The Q1 2016 Malware Review says three key trends have been spotted:

  • Encryption Ransomware
  • Soft Targeting by Functional Area
  • Downloader/Ransomware: the one-two combination

“Thus far in 2016, we have recorded an unprecedented rise in encryption ransomware attacks, and we see no signs of this trend abating. Individuals, small- and medium-sized businesses, hospitals, and global enterprises are all faced with the reality that this is now one of the most favoured cyber-criminal enterprises,” explains Rohyt Belani, CEO and Co-Founder of PhishMe.

One of the company’s previous predictions came true – JavaScript download applications are the main carriers of ransomware, surpassing even Microsoft Office documents containing macro scripts.

“During the first quarter, JavaScript applications even surpassed Office documents with macro scripts to become the most common malicious file type accompanying phishing emails. JSDropper applications were present in nearly one third of all phishing email analyses performed by PhishMe.”

Ransomware is the type of malware that encrypts all the data on a computer or a network, and then requests payment from the victim in order for the files to be released.

Payment is usually made in Bitcoin, but does not guarantee the files will be returned safely.