Phishing, Ransomware, Malware: What Are They, and How Can They Harm Your Business?

  • Home
  • Blog
  • Phishing, Ransomware, Malware: What Are They, and How Can They Harm Your Business?

Feel like you’re jumping into the middle? This is the second post in a four-part series. Check out the first post in this series on Cyber Security

Likely no one could have ever imagined a couple of decades ago how vast the reach the internet and technology would be today. Cellphones, tablets and laptops, plus global connectivity are commonplace now. There is an ever-expanding flow of data being created and shared across networks and interconnected digital systems.

And with millions of people depending upon technology, the internet and the constant exchange of information, cybercriminals are seemingly always looking for new and creative ways to hack into systems and steal it for their own gains and purposes.

There are three common ways that they do this, using targeted attacks through phishing, ransomware and malware. Understanding what these are and how they can affect your network security and customers’ private data is exceedingly important in today’s digital climate. These are conversations we at Metis IT have with our clients every day.

First, phishing is a cybercrime which targets emails, text messages or calls by someone posing as a legitimate individual or company to entice the victim to provide personal or private information or money. Often emails are sent with malicious attachments. These attacks are focused on large groups with the hope that at least one victim will be tricked into acting as the attacker wishes. Once the malware attachments are open, cybercriminals can obtain all kinds of information, even potentially stealing the victim’s identity.

Additionally, phishing scams can focus on one or few victims; this is called spear-phishing. Attackers are looking to gain information from specific targets in a strategic way. To target public figures or those with immense wealth or social status is referred to as whaling. Typically, the motive is to extort money from the victim.

The second way cybercriminals target businesses is through malware. This is software developed specifically to damage, disrupt or obtain unauthorized access to a computer system or server.  Delivered via email or by accessing a website, web users may be attacked through virus or spyware designed to infiltrate the network, track the user’s activity, corrupt data or hold devices hostage.

Which brings us to our third way companies may be targeted: ransomware.

Ransomware entails an attacker encrypting data or disabling devices or access to a business’ critical systems or information in exchange for a ransom. This could be extortion for money or a particular action, but the threat is in exposing, sharing, or even selling access to the data or systems if the ransom is not met.

Unfortunately, malware or ransomware may be present in an individual user’s computer or a business network for some time before being noticed. It may lay dormant until directed to activate, or it may only be noticed when the computer begins running slower or experiences frequent crashes.

Having a cyber security defense in place can help prevent these types of nefarious attacks from being successful and potentially halting your business’ productivity. Fortunately, we can discuss with you the options available.  And our friends at Brown & Brown can share information about cyber security insurance and how you can shield your systems, employee-users and data from cybercriminals.

Want to learn more about cyber security and how you can best safeguard your business and its digital presence? Check out our next blog post!

Sources: 2021 Coalition Cybersecurity Guide,,

This post was co-authored with Brown & Brown

Brown & Brown