In a 2016 survey on ransomware, 43% of North American consumers said they did not know what ransomware is. That's despite the fact that ransomware activity had increased 300% during the same time period. Toward the end of 2016, ransomware attacks against businesses were taking place every 40 seconds. For individuals, that number increases to once every ten seconds.
The number of people unaware of ransomware attacks is surely smaller now. With global attacks and prime-time ransomware-centered TV shows, ransomware is creeping its way into the minds of computer users and savvy consumers everywhere. Businesses are creating ransom and cyberattack budgets, stockpiling bitcoin, and detailing procedures and thresholds on when to pay.
It looks like spear phishing is taking the same convoluted path through the consciousness of the public. In a recent survey of IT decision makers, only 25% felt confident that users would identify a phishing attempt, though in another survey, 54% of respondents were able to identify phishing emails. Meanwhile, the number of spear phishing attacks continue to increase, and the criminals are getting better at research and impersonation.
So is spear phishing the new ransomware? Let's take a look at a few similarities: