How Does Ransomware Spread?

Ransomware is a type of malware. While many forms of malware remain hidden to the user, ransomware makes itself known and threatens to encrypt your files unless you pay a ransom. Hackers use many techniques to spread ransomware. These include:

Email Phishing 

These phony emails are designed to get people to click on a link or open an attachment. Emails often look like they come from a reliable source or attempt to scare people into acting impulsively. For example, email attachments can appear to be legitimate correspondence from reputable companies such as banks or FedEx. Hackers use subject lines referring order confirmations, complaints, or business communications that entice the victim to open the email.

Social Media

Social media posts can be used to entice users to click a link or open an image with a built-in ransomware downloader.

Malicious Websites

Hackers try to lure users to sites with downloads that contain ransomware malware. Free software is an example of an “enticing” download.

Malvertising Campaign

Here cybercriminals use online advertising to distribute malware with little to no user interaction required.

Drive-By Downloads and Exploit Kits

Malware can infect your computer simply by visiting a website that is running malicious code. Often these are legitimate websites that have been compromised to redirect you to another site controlled by the hackers. Hackers use malware packaged in an “exploit kit” that can find a vulnerability in your operating system, web browser or PDF reader. Malware is then installed on to your computer.

Infected USB Drives

Hackers can hack USB drives or even drop ransomware-contaminated drives in a company’s parking lot.

Network propagation

Ransomware can spread from computer to computer over a network when ransomware scans for file shares or computers on which it has access privileges.