There are thousands of different ransomware examples. In each, individuals clicked on a malicious link or opened an infected attachment, enabling ransomware to take over their devices.
Before ransomware came into its own, it was simplistic. “Click on the image to see the cute cat” or “Look what tricks my doggy can do” were typical ransomware examples, preying on a victim´s curiosity. As awareness of ransomware increased, so did the sophistication of ransomware attacks and the psychology behind them.
Examples of Ransomware Psychology
Ransomware examples evolved to trigger other emotions—urgency, sympathy, fear and greed. Victims now received phishing emails appearing to be from technical support departments, charitable organizations and law enforcement agencies demanding action, or from bogus lottery companies with “click to win” offers.
Social engineering became the next development in ransomware psychology. Cybercriminals used freely available personal information to make emails look like they came from a legitimate source. In these ransomware examples, victims believed they were replying to an email from their bank or medical provider. Or, in a business environment, somebody from their own company.
Psychology of Ransomware Demands
Ransomware distributors know how to use psychology in their ransom demands as well. In many successful ransomware attacks, there are examples of urgency (“Pay within 72 hours or the ransom doubles”), and fear (“Pay within 72 hours or the recovery key will be destroyed and your data will remain encrypted forever”). Other ransomware examples of psychological manipulation include fake FBI warnings and fake accusations that the target has been viewing pornography.
Ransomware examples even extend to sympathy—or purport to. One variant of the CtyptoWall4 ransomware distributed in 2016 promised to forward ransoms to a children’s charity. Just in case victims debated whether the promise was genuine, they were only given twenty-four hours to make their “donation” before the five Bitcoin ransom was doubled.
Google Docs Scam Breaks the Mold of Ransomware Examples
Past ransomware examples can help prepare against future attacks. However, be aware of events that don’t follow previous patterns, such as the recent Google Docs scam. Targets received an email from a source known to them, claiming they were sharing a Google Docs.
The email contained what appeared to be a link to the Google Doc file. When recipients clicked on it, they were taken to a legitimate Google.com page. On the page, the mystery attacker had uploaded a rogue web app asking the recipient to allow “Google Docs” to access their Gmail account. When permission was granted, the app gained control over the webmail account and sent the same spam message to the recipients´ contacts (explaining why the emails appeared to have come from a known source).
Google acted quickly to prevent the email spreading and, according to the email provider, less than 0.1% of Gmail users were affected. Unfortunately, as Google has more than one billion active users, that means the contact lists of more than one million email accounts were compromised. What’s concerning about this scam: there was no apparent negative outcome. Somebody, somewhere, is sitting on the contact lists of more than one million email accounts, with the potential to launch a sizeable, socially engineered ransomware attack.
How to Prepare against Future Ransomware Threats
Nobody knows if, when or how the email data extracted from the Google Docs scam will be used to deliver ransomware, but it’s very likely to happen. The phishing email will appear to come from somebody known to the recipient (and therefore bypass spam filters), will likely involve an uncomplicated action (like sharing a Google Doc) and will have a psychological hook (urgency, sympathy, fear or greed).
The best way to prepare against the threat of a ransomware attack is to raise the awareness of your last line of defense—employees. And the best way to do that is to use past ransomware examples as part of a comprehensive phishing awareness course. This is exactly how Cofense operates, providing simulation exercises based on real examples of ransomware attacks. We can reduce employee susceptibility to phishing emails by up to 95%.
To learn from ransomware examples through phishing simulation, get in touch with Cofense now and request a free demonstration. Our intelligence-driven solution is proven to protect businesses from ransomware threats. Our team will be glad to provide you with examples of ransomware attacks prevented by raising employees awareness of ransomware psychology.