Spam Emails Mask Ransomware With A Wink And A Smile
By: Jim Stickley and Tina Davis
August 1, 2022
A new ransomware, Avaddon, is having a bit of fun with its targets as their way to install the malware on devices worldwide. Hackers are sending “innocent” spam emails as a calling card to deploy Avaddon ransomware on data systems. Hoping to catch users off guard, spam emails infiltrate email accounts with a subject line asking the user if they approve of their “new photo” or the photo of the spam sender. What could possibly go wrong when the only email content is an innocuous winking smiley face? The answer to that question is that an Avaddon ransomware attack can happen.
The massive Avaddon attack is actively recruiting bad actors to help add to the ransomware mayhem. The recruitment includes paying hackers a percentage of the ransom extortion payment as compensation for their assistance. Where the new ransomware will show up next, only Avaddon creators know. As with many different types of malware enduring over time, changes and improvements to the ransomware are expected.
Staying safe from Avaddon has a predictable response: Avoid getting ransomware to begin with. Sensitive data is much safer when a staff is regularly educated about the latest cyberthreats and what to do if they find themselves compromised. That also includes how to spot phishing emails before they’re opened and acted upon. Remember, it only takes one wrong click on a phishing email to launch a malware attack. Cyber-education is a great start, but more can be done to bolster ransomware protection.
The FBI and other institutions agree that refusing to pay any ransom is the best deterrent to future attacks. They claim that paying only encourages more ransomware strikes, and there’s no guarantee a hacker will provide the decryption key, as promised, if the ransom is paid. Finally, if data is regularly backed up, the ability to restore what was hijacked entirely avoids the need to pay a ransom demand.