Ransomware Attacks 2017: Fishing for the Right Security Against Email Fraud

Email is one of the most essential and widely used communication tools in business. It is also one of the most vulnerable to cybercrime and a major contributor to malware. Hackers are increasingly using email to access private company information.

Email is one of the most vulnerable vectors to cybercrime.


According to Global Threat Intelligence Center’s 2017 Quarterly Threat Intelligence Report, the vector for 67% of the malware reported was email. Most of this malware was ransomware—which is particularly problematic for SMBs.

Phishing and Spear-Phishing

According to IBM’s most recent threat intelligence index, the volume of spam emails increase 4x in 2016 and it additional reports confirm that phishing rates have increased across all organization sizes and industries.

Ransomware + Spear-Phishing = Deadly Combination

Successful phishing and spear-phishing attacks provided the social engineering to enable several significant ransomware attacks this year. In fact, this lethal combination is becoming ever-more common.

93% of phishing emails contain or lead to ransomware according to a recent study by PhishMe.

Thousands fell victim to a Google Docs phishing scam in May that tricked users into opening a fake shared document that sought permission to access personal accounts. Those that provided authorization gave free access to their account, password, contact and email information.

In May, a phishing expedition attacked the email accounts of personnel within the Human Resources department at media company Gannet, compromising personal data of more than 18,000 current and former employee accounts. The breach was discovered by Gannett’s finance team when a compromised account attempted to make a fraudulent corporate wire transfer.

DocuSign, a digital transaction management platform used by more than 300,000 companies and over 200 million users to sign, send, and manage documents, found its customers victim to an email phishing scam this year. When opening a Word document requesting a signature, recipients inadvertently installed malicious software. While the company did not disclose the number of affected customers, they did state that their document verification service remained untouched so customer documents were safe.

All of these attacks could have been prevented if organization had a robust predictive email security solution in place.

Watch Out for Locky, Cerber and Jaff Ransomware

Several ransomwares dominate the market:

  • Locky: malicious macros are attached to Word docs delivered by spam emails. An email masquerades as an invoice for payment on a product or service.
  • Cerber: delivers ransomware through malicious links in spam email. In its Q1 2017 Cyber Tactics and Techniques report, Malwarebytes noted that Cerber is largely distributed via spam.
  • Jaff: this Locky variant, engineered to get past email spam filters, uses a.docm file embedded in a pdf file to download a malicious macro

Regular Office 365 Security Protection is Just Not Enough To Prevent Today’s Phishing Attacks.

According to the Symantec 2017 Internet Security Threat Report, 357 million new malware variants were discovered in 2016. The number of ransomware variants is increasing exponentially every year. As a result, traditional blacklists and signature-based systems can’t keep up.

VadeSecure takes a predictive defense approach to email security by unearthing and neutralizing different strains of ransomware variations, even those currently unknown. Using a multi-layer approach, VadeSecure analyzes and secures every email before it hits your user’s inboxes.

At the core of this predictive solution is an artificial intelligence (AI) system that assesses millions of emails daily for ransomware, malware, and phishing URLs in real-time using 10,000+ heuristic algorithms. VadeSecure scans 70 million attachments and 2.6 million URLs,to discover 120K+ malware incidents every day.

VadeSecure has a 100% success rate in isolating every variant of Locky (and that’s a lot!). Machine learning systems also conduct continuous learning and pattern recognition to detect future threats.

We have successfully isolated and blocked 100% of Locky Variants


VadeSecure offers a proactive solution to cybercrime security that protects against that protects against:

Yesterday’s packaged software can’t keep pace with tomorrow’s malware attacks. Vade Secure fights email threats with a predictive defense to keep corporate inboxes safe from perpetrators. To find out more about how to get better malware protection, visit Vade Secure today.