Skip to Content
Security & privacy

New ransomware strain attacks your cloud email

Ransomware is now one of the biggest software security threats out there. Its meteoric rise as the cybercriminals’ malware of choice was so rapid, the number of ransomware victims increased by 250 percent in 2017, following a shocking 550 percent increase in 2016.

One thing about ransomware that’s so appealing to cybercriminals, aside from its profitability, is its adaptability. It’s constantly evolving, as cybercriminals change their code to suit their needs and to elude security software.

We typically think that ransomware only attacks local computer files like your documents, photos, and email archives. Cloud email services should be immune, right? Think again! This newly developed ransomware strain might change everything you know about this costly threat.

Ransomware that encrypts your Cloud email

A new ransomware strain dubbed as “ransomcloud” has been developed and it can encrypt online email accounts like Office 365 and Gmail in real-time. Why is this significant? Because it means even your online email accounts are now in danger of being locked out by cybercriminals.

The new ransomware strain was reportedly developed by a white hat hacker associate of Kevin Mitnick, Chief Hacking Officer of cybersecurity company KnowBe4.

Similar to other methods of ransomware infections, cybercriminals can trick victims into installing the malicious software with phishing scams loaded with poisoned attachments or links.

In one demonstration, the attackers used a phishing email disguised as a new anti-spam service from Microsoft called “AntiSpam PRO.”

As soon as the victim clicks the link and accepts the “service” by logging into his or her cloud email account and granting the fake app the permissions it needs, it will then encrypt all your online emails and attachments in real-time! Quite scary, indeed.

This attack will likely work with any cloud email service, such as Gmail and Outlook365, that allows third-party apps control over the account via an authorization system called OAuth.

Check out the video below for the demonstration:

Thankfully, this is just a proof of concept attack for now and this scary ransomware strain is still not out in the wild yet. This means that so far, there’s no evidence that the bad guys are publicly exploiting it.

However, KnowBe4 warns that Cloud email attacks like this are now imminent since there’s proof that it can be done. This strain may have been developed and demonstrated by a white hat hacker (the good guys) but this means that black hat hackers (the bad guys) can do it too.

How to protect your cloud email accounts

As you can see, ransomware is constantly evolving and cybercriminals can find new ways to be a step ahead and attack even your online email accounts.

Since the “ransomcloud” demo shows that this strain can be spread via phishing scams, here are basic tips to protect yourself against such attacks:

Be cautious with links – If you get an email or notification that you find suspicious, don’t click on its links. It’s better to type the website’s address directly into a browser. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn’t what the link claims, do not click on it.

Beware of granting permissions – Cybercriminals always abuse our trust in apps. They will always try their best to trick you into granting them access via deception and social engineering tricks. Always review what permissions an app is asking for and always scrutinize

Watch for typos – Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos. Typically, there are signs that give away the fact that an email is fake. Can you spot one? Take our phishing IQ test to find out.

Use multi-level authentication – When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts. Click here to learn more about two-factor authentication.

Dangerous Netflix phishing scam strikes again

It’s not just ransomware that you need to watch out for. The latest Netflix scam is yet another phishing attack. Cybercriminals are sending fraudulent emails claiming to be from Netflix. Click here to learn all about it.

Refer friends, earn rewards

Share your source of digital lifestyle news, tips and advice with friends and family, and you'll be on your way to earning awesome rewards!

Get started