More than four in five organisations (82 percent) were manipulated using ransomware in 2022, a type of malware which allows criminals to hold information at ransom. Cybercriminals successfully infected 62 percent of these organisations. However, only 33 percent were able to get their data back after paying a ransom.
A report from VPN Overview, sent to Digital Journal for review, reveals the ways in which ransomware can infect a computer.
Five ransomware scams
Phishing and email impersonations
Phishing – sending emails with the purpose of obtaining personal information – is the most common form of cybercrime in 2023. Here, cyber criminals may impersonate legitimate companies, such as the cryptocurrency app Bitcoin, before issuing a security alert in an attempt to lure you to a fraudulent site.
Once you have entered your security and account credentials, they will inject ransomware into your computer or network, gaining illicit access to your personal information.
Malicious advertising
Cybercriminals can also spread ransomware through malicious online advertisements, a process otherwise known as malvertising. This technique of malvertising does not require the user to take any action. You can unknowingly connect to malicious servers while you’re browsing on a trusted website.
These malicious servers record information about your device and location. Once malware is sent to your computer, for example, your personal information can then be held at ransom.
Exploiting vulnerabilities
Exploit kits – toolkits which use codes to exploit vulnerabilities in a system – are often used by cybercriminals. These kits work by identifying security gaps and distributing malware. In turn, your personal information can be held at ransom.
There are multiple ways exploit kits can infect your computer, including redirecting you to compromised webpages or prompting you to download malicious content.
Social engineering
Cybercriminals can also obtain personal information through human interactions. This manipulation tactic is known as social engineering. They are likely to pose as customer services, technical support, new employees and authority figures to gain remote access to devices, passwords or other information. Once they have access to your personal or business accounts, they can commence with ransomware spreading.
Drive-by downloads
Finally, drive-by downloads are a threat to consumers and businesses. This is when cybercriminals install malware without the users’ knowledge.
This often happens when people unknowingly visit a malicious website using an outdated browser. Malware is then automatically downloaded onto their computer.