What To Do If You Get A Ransomware Email

    Mimecast is proud to serve enterprises with email security services that protect your organization against ransomware attacks.

    What does a ransomware email look like?

    Ransomware emails can camouflage themselves as legitimate emails better than many expect. You might see an email that appears to come from your organization’s CEO with a hyperlink that claims to be for a gift card purchase, a training course, or even a meeting invitation, but the link is actually malware.

    Among the most obvious signs of ransomware are

    • Suspicious or unrecognized sender email
    • Obvious grammar or spelling errors
    • Abrupt and/or unusual requests to purchase gift cards
    • Inconsistent company logo or email signature




    Ransomware email examples

    Phishing scams

    A phishing scam tricks victims into clicking on malicious links and/or revealing confidential information, such as a password. Phishing emails typically disguise themselves as coming from someone within the victim’s organization.


    Ryuk is a type of ransomware that is usually deployed in phishing scams. Once cyberattackers gain access to the target organization’s network, they encrypt important files, demanding a ransom to decrypt the files.

    Learn more about Ryuk.


    Maze was one of the first RaaS (Ransomware as a Service) models which even had its own “customer service” page that helped victims of its ransomware attacks figure out how to pay ransom and regain access to their files.

    Maze was commonly deployed via phishing attacks, but there were also many instances where Maze preyed on weak passwords and successfully infiltrated organizations using brute-force attacks.

    Learn more about Maze.

    The evolving threat of email ransomware

    Though ransomware variants like Maze and Ryuk are relatively well-understood, and Maze allegedly shut down in 2020, there are plenty of emerging threats that have been emerging suddenly to extort all kinds of organizations. New ransomware threats are often based on previous ransomware models, and sometimes operated by the same cyber criminal affiliates—often under different names.

    As ransomware continues to evolve, so too does cybersecurity. Mimecast will always be there to help protect your organization protect against ransomware attacks and keep you informed about new potential threats. Enter your email to receive updates on the latest trends in cybersecurity and how you can keep your organization in the loop.


    Should you pay ransom for ransomware emails?

    No, it is generally advisable to never pay ransom, as this will not guarantee access to your files and could encourage cyberattackers to extort your organization again.

    Instead, it’s better to partner with law enforcement and cybersecurity experts to help recover your data and bring cybercriminals to justice.


    How to report ransomware emails

    In many cases, reporting ransomware emails to law enforcement is required by law. Gather as much information as you can and submit your report to the FBI (Federal Bureau of Investigation) if you are a victim of cybersecurity attack be sure to contact your local FBI field office, or submit a tip online.


    Ransomware email prevention

    Email ransomware is an ever-evolving threat to organizations and businesses of all sizes, but there are ways to protect yourself against becoming the next victim of a ransomware attack.

    Mimecast is proud to serve enterprises with email security services that protect your organization without compromising efficiency of communication or managing data. With cloud-based servers and unique security awareness training, Mimecast makes it possible for your organization to conveniently and safely manage your data while also empowering everyone in your organization to respond appropriately to cyberattacks.

    Try on Mimecast for your organization by getting a customized plan and quote.

    Haut de la page