The report provides analysis of the language, visuals and payment types from 76 splash screens, to highlight how key social engineering techniques such as fear, authority, scarcity (or urgency) and humour, are exploited by cyber criminals in ransomware attacks.
From the analysis of the splash screen samples, common trends highlighted include:
Time criticality: in over half the samples (57%), the “ticking clock” device — in which a specific amount of time is given to pay a ransom — was used to create a sense of urgency and to persuade the victim to pay quickly. Deadlines given ranged from 10 hours to more than 96 hours.
Consequences: files would be deleted and the victim would not be able to access them, or publishing the locked files on the Internet, if the ransomware is not paid.
The Customer Service Approach: 51% of splash screens included some aspect of customer service, such as instructions on how to buy Bitcoins (BTC) or presenting frequently asked questions (FAQs).
Imagery: official trademarks or emblems.
Payment: BTC was the preferred mechanism for payment; 75% of ransomware splash screens asked for payment in BTC. The average amount asked for by attackers was 0.47 BTC (USD 1,164).
The study is called „Exploring the Psychological Mechanisms used in Ransomware Splash Screens„ and was conducted by a senior lecturer of cyberpsychology at De Montfort University, London.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now