Every discussion of how ransomware enters an IT infrastructure seems to begin with email. Email is the life-blood communication vehicle for every corporation worldwide and is also a favored gateway for advanced cyber threats. There are literally billions of emails flying around the internet every second and the likelihood that a significant proportion of them have some form of malicious code imbedded is staggering. For a refresher on the nuisances of ransomware check out our blog titled “Have You Been Held For Cyber Ransom Yet?”
The reality is that email is just one of many data sources that can smuggle in malicious code and more specifically ransomware. Some of the methods you may be ignoring include:
- Voicemail: With the rise of virtual PBX systems and softphones, employees have increasingly been conditioned to expect voicemailthat appears as a media attachment in their inbox. Voicemail inherently carries urgency to the communication as well, further overriding natural caution and prompting an unthinking click.
- Corporate Communications: Whether it’s a request to send a wire transfer, or an apparent failed ACH transaction, cash movement issues are urgent and compelling. The attachment and the embedded “email”link in the message are both likely to result in malware being installed if clicked.
- Invoices: Invoicescan be fraudulent in several ways, but whether an end-user pays a non-existent supplier or simply clicks on any of the links in this email, the results will be cash losses to the company. The attacker wins again.
- Personal Warnings: Whether it’s an immediate alert of potential fraud on your credit card or bank account, or simply a vaguely disturbing or confusing ‘advisory’, don’t ever click the links. Open a browser, proceed to the main web page of your financial institution, and use the contact links on the page - or call the phone number on the back of your physical credit card or ATM.
- Social Phishing: “Perhaps one of the most popular activities on some social networks is playing social games with other users. The games are free, but only until the user wants to really get ahead in the game or obtain special powers upgrades. This is where the payment prompt jumps in, suddenly making it okay to perform financial transactions through a platform like Facebook. What does this mean for the user? It legitimizes using their credit card details on the social networking site. What does this mean for phishers? More ways to phish, more data to steal (alongside all the other personal information already shared by users), more attacks and more successful phishing!”
Detect The Undetected
Identify any malicious or hidden code within incoming data files whether on your network or in a cloud. What you don’t know or cannot see can harm you. Find a solution that can identify malicious code within any data set and you will be preventing the potential for significant harm.
Solebit uses static evaluation, which is faster, more accurate, not OS version dependent and covers 100% of code, with complete visibility. With Solebit every line of code is evaluated, making Sandbox evasion techniques ineffective. On average, Solebit analysis time is between milliseconds up to a few seconds. Network Sandboxes typically take 5-15 minutes to perform the same analysis.
Check out for yourself what Solebit can do to prevent network breaches for your organization. Give us 20 minutes and we can show you how. Register for a demo today.