A June 2016 Federal Bureau of Investigation (FBI) report revealed that an average of 4,000 ransomware attacks occurred per day in 2016. During 2017, the number of ransomware attacks continues to grow as hackers combine effective phishing scams with malicious code. In fact, by Quarter 3 of 2016, 97.25 percent of phishing scams were embedded with ransomware. Now, in 2017, hackers are beginning to use voice message notification emails as the latest tool for delivery ransomware to unsuspecting victims.
How And Why Are Hackers Using Voice Message Notification Emails To Deliver Ransomware?
Hackers are notorious for discovering new loopholes, “open doors,” and methods for delivering malicious code. Hackers successfully leveraged billing notifications and banking emails during 2016 to gain personal information from unsuspecting Australian bank members. Banks and businesses throughout the world have since become more diligent about alerting their customers to phishing scams, particularly those embedded with ransomware. During 2017, hackers have now turned to voice message notification emails as a way to target an even larger group of individuals. Anybody can receive an email with a voicemail notification, which means that this type of attack poses an even larger threat to both individuals, businesses, and government organizations.
There are currently two main types of ransomware strains that are being used during voice message notification email attacks: Cerber and Zepto.
How Can Businesses Protect Themselves Against The Latest Attacks?
Both Cerber and Zepto are delivered via phishing scam emails. In order to protect their vital data and files from encryption, businesses must educate their employees on cyber security best practices, including how to spot a phishing scam email. The following tips can help employees recognize potentially malicious emails that contain ransomware:
In addition to the above tips, employees should be educated on the type of voicemail files that are delivered via your company’s chosen phone system. In this vein, employees should be trained to recognize the format, text body, naming of attachments, email address, and delivery method of voice message notification emails. You can further safeguard your business data and files simply by teaching your employees how to recognize a legitimate voice message email vs. a phishing attempt. Through the latter efforts, employees are less likely to fall victim to the generic-looking or poorly constructed voicemail phishing attacks that hackers have begun to use.
The Bottom Line: Protect Your Vital Data Today
Businesses that use a phone system with voice message notification emails are at a high risk for the above types of ransomware attacks. The moment that an unsuspecting employee downloads the malicious files, the ransomware is installed and the results can be devastating. To protect yourself and your vital business data, you need to ensure that employees are properly educated on how to detect phishing scams and ransomware attacks, leverage a secure offsite backup of your data, and use the right antivirus software. To further safeguard your business data and files from voice message notification email attacks, contact the cyber security experts at Tektonic located in The Greater Toronto Area via firstname.lastname@example.org or (416) 256-9928.