• By Roger Carvosso, Product and Innovation Director

Key differences between phishing attacks and ransomware attacks

Key Differences

The cyber security spotlight has been directed firmly at ransomware in recent times. Yet a recent report in the United Kingdom highlights the fact phishing remains a real headache for businesses, government organisations and not-for-profits. The Cyber Security Breaches Survey 2019, conducted by the Department for Digital Culture, Media and Sport, found nearly one third of businesses (32%) and about one fifth of charities (22%) experienced cyber-security breaches in the previous 12 months. Of these, 80% of businesses and 81% of charities experienced phishing attacks – a considerably higher percentage than those that experienced viruses, spyware or other malware, including ransomware (27% of these businesses and 18% of these charities).

So what are the key differences between phishing attacks and ransomware attacks – and why are phishing attacks a deep concern for businesses? A phishing attack generally involves a malicious person using social engineering techniques to trick a person into supplying sensitive personal or business information, whereas a ransomware attack (that can be delivered through a phishing communication such as an email) aims to extract a ransom from a victim by locking their files and demanding payment for a key to regain access.