According to a recent research by PhishMe, the number of phishing emails containing some form of ransomware grew to 97% in the third quarter of 2016. This is up from 91% in the first quarter of 2016. PhishMe reports that Locky is at the forefront of encryption ransomware because it has been able to resist detection while infecting workstations.

PhishMe noted the three trends below in its findings:

Locky is dominating the ransomware scene. Other encryption ransomware varieties were identified in 2016 but Locky has demonstrated an ability to adapt and is therefore achieving longevity.

The proportion of phishing emails that contained some form of ransomware grew to 97.25% which means only 2.75% of phishing emails are delivering all other forms of malware utilities.

There has been an increase in quiet malware. Quiet malware, such as Trogran’s jRAT, intends to remain on their victims’ networks for a long time.