Ransomware Roundup: Gmail users targeted in massive phishing scam

A phishing email that reached about a million users of Google’s popular email service, Gmail, has finally been halted, according to BBC News. The malicious email was disguised as a notification from Google Docs–a widely-used service that allows people to share and edit documents online. The email alerted potential victims that a contact wanted to share a Google Doc with them and provided a link. Users who were unfortunate enough to click the link risked giving hackers access to their email accounts, enabling them to read and send out anything they like, including more phishing emails. It’s important to always be on the lookout for email scams. Here are some helpful tips on how to identify a phishing email.

Paying the ransom doesn’t always pay
Ransomware is a huge challenge for small and midsize businesses (SMBs) without a secure backup. And this week Spiceworks shared some survey results which reveal that paying the ransom doesn’t always get a business its data back. The survey of 250 IT professionals at SMBs found that:

One in five SMBs was infected with ransomware within the last year.

Of those victims, 38% paid an average ransom of $2,423.

Only 45% of those who paid got their data back.77% of SMBs cite email as the most popular vector of attack.

The Spiceworks survey found that most of the SMBs that got hit with ransomware—65%—successfully mitigated the attack by restoring data from backup

Providence law firm infected with ransomware
A Providence law firm’s data was held captive for three months by ransomware distributors who refused to decrypt the information even after a ransom was paid. The law firm of Moses Afonso Ryan Ltd. met the initial demand by paying a ransom of $25,000 in Bitcoin. But the cybercriminals simply demanded more money. According to the Providence Journal, the firm is suing its insurer, Sentinel Insurance Co., for breach of contract and bad faith after they denied a claim for lost billings during the period when the documents were frozen. The incident is a stark reminder of the importance of having a good backup system. When you have a high-quality backup, there’s not need to negotiate with criminals.