How does phishing lead to ransomware attacks?

by Egress
Published on 18th Nov 2021

Ransomware attacks are becoming more sophisticated, even to the point where backups alone won't be enough to keep you safe. An employee accidentally clicking a phishing link can cause ransomware to sneak into your network and quietly harvest data until a cybercriminal is ready to encrypt your device and make its demands.

The key with ransomware is prevention, as once it has struck your options are limited to paying the ransom in exchange for decryption keys or rebuilding your entire IT system from scratch. Many businesses choose to cough up the money, but this doesn't guarantee that their data is safe. Cybercriminals will often exfiltrate data for further blackmail – and gangs frequently hit the same targets more than once. Avoiding large ransom sums, regulatory fines, loss of reputation, and even legal action involves looking at how ransomware is delivered.

Most ransomware is delivered by email phishing 

It's estimated that 90% of all ransomware is delivered through phishing scams where attackers trick employees into clicking on a link or divulging credentials.

Targeting a business through phishing is much easier than trying to hack an IT system. Phishing attacks rely less on the technical skill of the criminal and more on being able to successfully trick an employee into clicking a link. Because of this, these scams are becoming highly popular among new cybercriminals with limited hacking skills.

It's easy to buy phishing kits and ransomware online

Even non-skilled cybercriminals can get their hands on the tools needed to run a ransomware campaign. You can find phishing kits available on the dark web that allow criminals to gain the resources needed to launch a ransomware attack on a business. That means more malicious actors are able to target businesses — even when they don't have the specific hacking skills needed to create the ransomware or email campaign themselves.

Killing the kill chain: stop phishing and you'll stop ransomware

Once criminals successfully get their phishing email past an organization's defences, they hope an employee will pick up the task from there. That means it's crucial to have the right software installed to prevent dangerous phishing emails from slipping through the net. Here are some ways you can stop ransomware attacks by killing the kill chain. 

Intelligent email security

Intelligent solutions such as Egress Defend use a combination of technology including machine learning and natural language processing to stop this vital step in the kill chain from happening. The best anti-phishing solutions look at the context, relationships, and message content of all emails for signs of ransomware delivery. 

Real-time teachable moments

Because phishing emails prey on human nature in order to install malware on a system, your employees are your biggest security risk. However, no amount of employee training can prevent human error, so it's critical to use technology as a backup.

With the right technology led approach, it's possible to turn them into a strategic defence against these kinds of attacks. Egress Defend explains why an email was deemed risky — empowering people with real-time teachable moments. 

Data backup and recovery

While simply recovering a machine might not stop a ransomware attack, it's crucial to have your data backed up in multiple places. If your business does fall foul of an attack, this can help minimize downtime and mitigate the loss of any important systems.

Don't leave your business open to ransomware risk

With global damages from ransomware predicted to top an annual sum of $265bn by 2031, it's never been more crucial to protect businesses. Phishing emails are the primary delivery system for malware, so it’s vital you have the right technology in place to protect against these threats. That, on top of employee security training, will help you avoid the dangers of ransomware.

Concerned about ransomware? Learn how to stop it being delivered into your organization by email. 

You might also be interested in ...

What's the goal of business email compromise (BEC)?

Learn what makes business email compromise such a lucrative form of phishing for cybercriminals. 

Been phished? Here’s what to do right now

Fallen for an attack? Don't panic - follow these ten steps to mitigate the damage. 

How to identify a phishing website

20% of all employees are likely to click on phishing email links and, of those, 67% go on to enter their details on a phishing website.