Common evasive phishing tactics that cybercriminals opt to spread ransomware
There has been a steep rise in ransomware attacks against multiple government organizations, and cities across the globe. Hackers are frequently creating campaigns designed to take advantage of local employees and steal their credentials to break into computer networks.
Once inside, the bad actors effectively lock down the systems and hold the data as a hostage until a ransom amount is not paid. For a successful injection, cybercriminals have now shifted their focus to social engineering through various types of digital communications. But the most common way of a ransomware infection is through phishing.
Common evasive phishing tactics
Here are some evasive phishing tactics that organizations and cities of all sizes should be aware of in order to defend themselves against future ransomware attacks.
- HTML Character Encoding - In this an email’s HTML code is displayed properly in web browsers. However, it ignores certain words that most email security systems flag.
- Content Encryption - The content of the email is encrypted along with the attachments. This prevents detection by security solutions.
- Inspection Blocking - Here a blocklist is used to prevent connections from specific IP addresses and hosts that are associated with certain security providers.
- Phishing URLs in attachments -By hiding the phishing URLs in attachments instead of the email itself, detection becomes more difficult. Usually, documents used in such phishing schemes are used to target rival embassies, governmental offices, and agencies.
- Content Injection - Phisher include links to legitimate but vulnerable webpages or apps that redirect users to phishing sites.
Phishing attacks have seen an impressive 250% increase in 2018 and will continue to grow this year, according to Microsoft. This staggering rise in percentage indicates more threats due to ransomware.
Threat actors will carry forward aggressive ransomware attacks as long as cities and organizations continue to pay the demanded ransoms. Hence, it is very necessary for officials to put their strategic focus on mitigating threats by protecting employees through frequent user training and better real-time security systems.