As many as 93% of all phishing emails now contain ransomware, according to a new report by PhishMe.
The figure would represent a staggering rise, as the same report notes that ransomware was found in just 56% of phishing emails as recently as December 2015, and less than 10% in every other month of last year.
Several reasons have been cited for the growth, ranging from how simple it is for cybercriminals to carry out, to how fast they can make a financial gain.
While other phishing attacks take more work to monetize, CSO Online notes that ransomware victims tend to pay up quickly and send money or Bitcoin directly to the criminals.
In other types of attack, such as data theft, the stolen credentials must be sold on for the criminal to make a profit.
“If you look at the price point of paying the ransom, it is rarely more than 1 or 2 Bitcoin, that’s $400 to $800, maybe $1000 depending on the exchange rate,” said Brendan Griffin, Threat Intelligence Manager at PhishMe. “That’s a relatively low price point for a small to medium business.”
According to Digital Trends, it’s businesses specifically that are finding themselves the target of ransomware attacks, more likely to have the funds and technical knowhow to acquire Bitcion usually required for the payment.
Ransomware or not, the PhishMe report found that the number of phishing emails climbed to 6.3 million in Q1 2016, a 789% increase over Q4 2015.
This backs up the findings of the Anti-Phising Working Group, which recently stated there had been more phishing attacks in Q1 2016 than “at any other time in history.”
As previously reported by We Live Security, there was a huge spike in phishing activity between October 2015 and March 2016.