2. Ransomware is a form of
malware that takes over your
computer, denying access to
your data, and demanding a
ransom payment in exchange
for its recovery.
The most common delivery
methods for this attack are
hyperlinks and attachments,
usually found in phishing
emails.
3. 1. Check Email Addresses
The display name might look authentic, but
email addresses are much harder to falsify.
With many companies purchasing their own
domain names, attackers often have to alter
the spelling slightly – in our example you can
see that the letter L in the Apple domain has
been replaced, instead showing ‘appie’.
4. 2. Suspicious Attachments
If an email from a supposed service
provider includes an attachment be
wary – this is not common practice,
with most companies offering
important information in the message
itself or on a web page.
5. 3. Inspect Before Clicking
If an email from an unknown
source includes a hyperlink, it is
best to avoid clicking it all
together. However, if you think
the message may be legitimate,
just hover over the link before
clicking it to reveal the URL it
directs to.
Most fraudulent URLs will just be
a random collection of letters and
symbols, or – like our example –
will try to alter the spelling of the
genuine website slightly.
6. 4. Scare-tactics
Ransowmare often hides within
phishing emails, which typically
use fear to manipulate their
targets, as opposed to other
attacks which may offer a
reward or service.
The constructed narrative will
usually involve an account
breach, or – like our example –
an unapproved transaction or
fine.
7. For more topics and training material visit the Boxphish website.