Outside of attempting to download free software from torrent sites, one of the most common ways ransomware gains access to your network is through Phishing and Spearphishing. Techrepublic has recently released a free whitepaper, Phishing and Spearphising: An IT Pro’s Guide sharing the three most commonly used strategies to gain access to your employees. They are:
1. Deceptive Linking – this is the most commonly used and reliable strategy. By disguising an infected link as a legitimate source, the attackers coerce recipients into clicking and exposing your network. Things to look out for are misspelled URLs, subdomains, or using subdomains with a very similar domain. For example, the uppercase “i” and lowercase “l” in text look very similar. A hacker could create a domain name of www dot googIe dot com, replacing the l with the uppercase I, and at first glance, you wouldn’t be able to tell the difference.
2. Cloning, forging or covert redirecting – By exploiting vulnerable cross-site scripting, or XSS, these attacks can be used by cyberhackers to insert their malicious content into the actual website of the trusted resource. This can also result in the XSS being used to harvest the username and password fields of the compromised website, again putting your network at risk.
3. Voice or Text phishing – This type of attack is the same as sending the link via email, except the victim is contacting on their phone with a voice message or text message. The infected link is usually buried in texts sent to consumers that their banking account access has been disabled and asking the victim to call or submit information to a phone number or website set up by the hackers, and harvesting their confidential information.