There's been a frightening large increase in the number of incidents and the varieties of ransomware affecting consumers, enterprises, hospitals and governments. It doesn't like it's going away anytime soon, as cybercriminals are seeing tangible returns from victims who can't bear to sacrifice their data.
Ransomware, like malware before it, is being spread via phishing messages typically sent over email that trick users into clicking on links, which take them to malicious websites that download and install malware on victims' computers, or that trick victims into opening malicious attachments.
And you would think that someone like Julian Assange – the super-paranoid founder of the controversial whistleblowing platform WikiLeaks, who has been holed up in the Ecuador Embassy since June 2012 – would be able to tell when spammers and cybercriminals come to call, but it seems not.
On Monday 18 July at 9.24pm BST, the WikiLeaks Twitter account posted a message asking Twitter's official Verified and user support accounts to explain why WikiLeaks had received a direct message on the social media platform with instructions on how to verify the account.
Twitter has a system of providing blue badges containing a tick sign to certain individuals around the world who are key influencers online in terms of politics, religion, music, acting, journalism, media, sports and business, and of course, with a huge following of over three million users, WikiLeaks has been verified for five years.
The direct message received reads: "We at Twitter would like to verifiy your account. Please click this link and follow the instructions. Twitterverifiy.verifiy.ml"
The message is simple, and if not read carefully, could be mistaken for being the real thing. We all imagine that people working in the IT industry and people who champion online privacy and freedom of information understand and wouldn't be tricked by basic cybersecurity scams, but if someone like Assange, who is constantly in contact with whistleblower Edward Snowden, the numero uno online privacy/encryption guru himself, cannot spot a blatant phishing attempt like this, then what hope have the rest of us got?
Learn to spot the signs
There's no guarantee that you will always be able to tell when you are sent a phishing or spoofing email, but there are some signs to help you tell the difference between legitimate communications and fake messages from cybercriminals:
1) Look for spelling and grammar mistakes
For some bizarre reason, spammers always seem to misspell the contents of phishing emails, even when pretending to be an official organisation like a bank or Amazon. Perhaps it's a sort of way out for victims – if you can spot mistakes at 50 paces, then you deserve to win the reward of not being hacked. After all, ransomware messages all seem to be perfectly worded, Nigerian princes are pretty eloquent, and hackers like Anonymous and Lizard Squad all seem to be able to use good grammatical sentence structures.
If you take a close look at the message received by WikiLeaks, the word "verify" has been misspelled in the URL and the message, which is a sure giveaway that something isn't right.
2) Is this typical behaviour of your contact?
Use your common sense. If your bank only ever sends you physical paper letters or phones you when it wants to make changes to your services, then it is unlikely that it will email you and send you a bank statement as an attachment. In fact, no service sends bills as attachments – you always need to log into an online portal to access them, so why would this suddenly change?
In the case of receiving a spam phishing email from a colleague, think about whether this is typical behaviour. Would your colleague usually email the whole company en masse? Or would they send the email without even saying hi or including your name? Spammers often send out emails, even from official sources, that don't include the victim's full name. That's a sure sign that something is suspicious.
3) The URL doesn't match the company's domain
Phishing emails often contain links to the cybercriminal's own server, which is hosting a fake webpage that looks a lot like an official service login page for your bank, Amazon and eBay, or a social media network like Twitter or Facebook.
However, the real service will have a domain name like "facebook.com/login". If the domain name contains a whole string of numbers before the company's name, it is very likely fake. A real domain always has the company's name followed by ".com" or ".co.uk" immediately after it on the left-hand side of the link after http:// or https://.
4) The email demands personal information
Banks and businesses will never demand that you respond via email or on a website with your debit or credit card number and security code for authentication, or ask for your password.
If required, your bank will phone you up and get you to complete an authentication process with an adviser or an automated process, while websites simply won't let you into your account unless you get the service to email your chosen email account with a link to reset your password.
5) The email makes threats to demand action
When something does go wrong, services usually contact users to apologise and advise them to take action. What they don't do is use scare tactics to coerce customers to take action, such as telling users that they will lose all their assets if they don't immediately respond with crucial personal details.
And if your government has a problem with you, as in the case of those pesky federal government agency emails, trust me, you'll know. You'd be far more likely to get a visit from a policeman or a letter from a government agency than to receive email correspondence.