Spam is the primary ransomware distribution method

Spam as ransomware distribution methodThe effects of ransomware

This year has already witnessed a lot of large cyber attacks, including NotPetya/Petya and WannaCry ransomware outbreaks. In addition, recent report by Europol sums up the extent of ransomware – the European Union’s police agency warns that ransom-demanding viruses have become the key threat to the online community. To put it simply, ransomware can be described as one of the most malicious threats out there, with the ability to annihilate your entire work progress and collected files temporarily or permanently. In most cases, criminals do it to present ransom demands and extort people using unprotected computers.

So, what ransomware basically does is sneaking into your computer and encrypting all the files present on your machine. It includes your text files, pictures, movies, zip archives, etc. Another extension is then given to all these records. Consequently, the ransomware displays a message on your screen claiming that all your files have been encrypted and, to retrieve them, you must pay the hackers a definite sum of money.

Usually, crypto-ransomware creators tell their victims to download the Tor browser and access a page on which the victims have to complete the payment. In some cases, criminals do not even bother themselves creating a generator for personal payment pages and just ask the victim to contact them via email. Criminals seek to swindle money from the victim, but the payment cannot be completed using basic bank cards. The ransom has to arrive in Bitcoin so that hackers could retain their anonymity. Fraudsters hardly ever provide any other payment options.

However, it is not guaranteed that the cybercriminals will decrypt your files once they get your money. That is one of the main reasons security experts do not recommend paying money to cyber extortionists. Another fact about these payments is that they simply fund further illegal projects that cause even more damage on a global scale.

How emails are used in spreading data-encrypting malware

The most common way to get infected with ransomware is opening a dangerous spam email attachment. It is very unsettling because these letters often seem to be legitimate. However, there are particular types of emails that may help you distinguish that something is suspicious.

If you see any similar spam email subject lines, you can suspect that the attachment of the letter can be malicious:

  • Security alert
  • Revised Vacation & Sick Time Policy
  • UPS Label Delivery
  • Change of Password Required Immediately
  • Urgent Action Required

The subject line can also contain a clickbait title that includes words “shocking,” “you won’t believe what happened,” “breaking news,” etc. It can also claim that you received an invoice or online order details.

The attachments are usually sent in PDF format. Unfortunately, the file itself is not detected as malicious because the real threat is a document that automatically opens in Word format once the PDF file is launched. If the user selects “enable editing,” the ransomware is launched in full action.

Despite the straightforwardness of the attack, malicious spam as a malware distribution technique is still actively used by Cerber and Locky developers. No matter how hard security experts try to spread the word about common things that help to identify malware-laden phishing emails, computer users still fall for criminals’ tricks.

If you are interested in reading a full-length guide on how to identify an email infected with a virus, consider reading this tutorial by 2-Spyware team.

Protect yourself from ransomware

  • Firstly, to avoid ransomware, you must keep your Windows updated at all times. Hackers tend to look for security holes in the system and create malware accordingly.
  • As you might have guessed, you mustn’t open email attachments that you don’t expect to receive. Remember that they can be made to look legitimate.
  • In order to not lose all your files, create a data backup. You can either use cloud storage or external devices.

Most importantly, don’t forget an anti-malware tool. Some of the better security programs have features to fight ransomware. To choose the most suitable anti-malware software, you can read the reviews of security tools on There you will find not only antivirus reviews and tutorials but also tips and tricks on how to avoid malware in general.

Ugnius Kiguolis