How Criminals Trick Employees Into Downloading Ransomware 

A business will fall victim to a ransomware attack every 14 seconds. J.P. Morgan blocks millions of malicious emails at the perimeter every month. They can appear harmless at first but can have a wide and lasting impact on your business and reputation. These attacks can happen to anyone. The attack on Sarbare Brands began when social media profiles were used to target Sarbare employees with IT system access responsibilities. The attacker, Simon, was easily able to gather data on employee roles and skills showcased on public profiles. Posing as a recruiter for an established competitor, Matthew was contacted directly about a new job opportunity, noting he was a great fit. Matthew then provides his work email address to receive the initial application form. Simon’s ploy has gained him an attack opportunity. Matthew didn’t notice the email hadn’t come from the true Losesum company, but from a spoofed email address. Upon receiving his application form, Simon asks Matthew to schedule an interview via a tool. Matthew completes the form to book his interview. Little does he know by clicking the link, malware has begun to download onto his computer and spread throughout Sarbare’s corporate network, encrypting customer data and rendering systems unusable. Simon, continuing to attack the company, initiates a ransomware request, demanding payment to return access to critical files and systems. The story is all over the news, impacting the largest distributers to the smallest family-run shops. J.P. Morgan invests $11 billion annually in leading cyberprotection capabilities and technology and our fully dedicated team operates 24/7, 365 days a year. At J.P. Morgan we protect our clients from threats as they emerge and evolve