✓  It starts with infecting a targeted PC through an exploit;
           ✓  This infection enables the attackers to access the victim's PC to encrypt his data;
           ✓  After getting paid the hackers may decrypt the data but usually, they don't do this.
           ✓
























                                             Figure 14 Ransomware infection scenario
       Email Spoofing attacks trick recipients into believing they are speaking with someone they know. For instance, the
       hacker might fake an employee's email address to gain crucial data. Figure 15 shows a spoofing attack scenario where:

           ✓  Maha got infected with malware
           ✓  The malware collects the email addresses of her colleagues.
           ✓  Then the malware sends an email from one account to another asking for private information.






















                                               Figure 15 Spoofing attack scenario


       Exploit kit injection is a toolkit to attack system weaknesses so they can spread malware or carry out other unwanted
       actions. It has a four-stage execution process (figure 16) that begins with:

           ✓  Contact: the attacker typically sends spam emails and uses social engineering techniques to persuade people
               to click on a link to their exploit service kit.
           ✓  Redirecting: the exploit kit generator starts searching for victims with specified criteria.
           ✓  Exploit: once the victims open the page with the exploit kit, it leverages the vulnerabilities then the attack
               starts.
           ✓  Infect: in this step, the attacker can run malware on the victim's computer


          25