GF 07 720x478 2x

Prevent Malware and Ransomware Attacks

Stop the malicious malware that infects your computers and leads to breaches.

76%

percentage of ransomware attacks delivered through email

Source: Barracuda Networks Research

11 Seconds

is the interval between global ransomware attacks

Source: 2017 Cisco Annual Cybersecurity Report

37%

percentage of organizations impacted by ransomware

Source: Sophos, State of Ransomware 2021

Stopping the Most Malicious Attacks

Ransomware is the most malicious type of malware and employs encryption to hold information at ransom. When delivered through email, ransomware can establish its presence on an endpoint and then drop malicious binary on the system. This binary then searches for and encrypts valuable files, only releasing them after the ransom is paid. Making matters worse, in some cases these files are never released, even after paying the ransom. In these attacks, the threat actor ...

1.

Buys or creates a malware program, typically one that launches upon click.

2.

Targets an organization with an email spam campaign.

3.

Waits while the malware executes malicious binary and encrypts valuable files.

4.

Prompts the victim or organization to pay a ransom to decrypt the files.

08 MR 01 email Malware Ransomware 2x

Recognizing a Malware or Ransomware Attack

This email passed legacy controls because it comes from a legitimate email address and because the link leads to a legitimate document.

However, this email is the start of a malware attack:

  • The language contains urgent language with a link the user would be compelled to click
  • The link is a Google Doc—a common cybercrime tactic since these links are used daily for legitimate business purposes
  • The link leads to the download of a Microsoft Excel file with macros that could let attackers gain control and download ransomware

Based on this information, combined with the fact that this send has never before emailed the victim, Abnormal can determine that this is a malware attack.

Prevent Malware From Holding You Ransom

Malware Ransomware 01 2x

Detect Suspicious Correspondence Patterns

This email about a new required documentation appears to be sent from Printers and More, but the email address is actually one created to look similar to the real domain.

The email exhibits suspicious sending behavior and the sender uses language that is attempting to engage with Jim, but the email address does not match the display name—a common pattern in impersonation attempts.

Malware Ransomware 02 2x

Block Malicious Links and Attachments

Abnormal finds that even though the link looks legitimate, it redirects to a suspicious site upon click.

The URL displayed within the email matches the company name that Jim would expect. If he were to see the email, he would have certainly clicked on the link.

Abnormal safely inspects links and attachments to ensure that they are safe, and finds that the link actually redirects to a Wordpress site that attempts to initiate a download of emotet—a sophisticated trojan that is a direct cause of advanced ransomware attacks.

Malware Ransomware 03 2x

Provide Forensics To Security Teams

Abnormal protected Jim from this socially engineered ransomware attack. The security team is aware of it.

Abnormal automatically prepares a detailed analysis of the attack, and makes it available for the security team to review.

In addition to information on the unusual sender, the content and tone of the email, and the nature of the request, the team is also able to review the contents of the attachments and the links targets in preview mode.

Trusted by Global Enterprises

HOMEPAGE DEMO 630 X480

See an Abnormal Product Demo