Ransomware Is the Most Popular Malicious Email Attachment in Q2 2017

Reports on cybersecurity are always important to follow. Most people are well aware of different dangers lurking in the dark corners of the internet. Most emails delivering a malicious payload contain a ransomware strain. Clearly, global malware distribution is still a booming business and will continue to be one for quite some time to come.

Ransomware-Laden Emails Are Only Getting More Common

Computer users all over the world have many different threats to watch out for. Using lackluster security while surfing the web is no longer a viable option. Even though it never was to begin with, the number of active threats trying to take advantage of user mistakes has never been higher. Ransomware and other types of malware are often successfully distributed when computer users open every random email and download the associated attachments. Educating users on these dangers remains a struggle.

New reports from multiple security vendors indicate the ransomware threat will not go away easily. In fact, it was the most prevalent malware payload delivered via email messages during the second quarter of 2017. With criminals also becoming more crafty in hiding their malicious payloads, there is very little email service providers can do to prevent these messages from getting through.

2017 has seen two major global ransomware outbreaks so far. Firstly, we had the WannaCry attack, which infected hundreds of thousands of machines around the world in less than three days. Secondly, there was the NotPetya outbreak, which claimed many victims as well. Those two are only the most commonly known ransomware types to surface this year, but criminals distributed a handful of other strains successfully over the first six months of the year.

Some other popular ransomware distribution campaigns have included Locky, Jaff, CryptoWall, Cerber, and TorrentLocker. All of those families have made some form of headlines throughout the year, and new variants are still being discovered. At the same time, for every known type of ransomware, there are at least five or six other lesser known copies which can still pose problems for a lot of computer users. The reports do show the main families are still quite popular among cybercriminals, which means new offspring can be expected soon.

The main reason why so many different strains have been delivered successfully is because neither WannaCry nor NotPetya was distributed via email. Instead, they were both part of a major attack originating from Ukraine. Jaff and Locky are two very serious ransomware contenders to keep an eye on, even though the distribution of Jaff has dried up since late April. Locky goes through ebbs and flows of distribution all year round, although it became a bit more prevalent in May and June.

Last but not least, one report showed a spectacular rise in the number of malicious email attachments. They went up by nearly 600% in the first half of 2017, despite the global email spam volume only growing by 3%. Delivering advertisements and pump & dump investment advice is no longer a lucrative business by the looks of things. Anyone in the world can create his or her own ransomware, thanks to the many RaaS services popping up all over the darknet. Rest assured we will see more ransomware for quite some time.