The most widely used method for ransomware delivery in 2022 was via URL or web browsing (75.5%), Palo Alto Networks researchers have found.
In 2021, it was email attachments (i.e., delivery via SMTP, POP3, and IMAP protocols), but in 2022 that particular delivery channel was used only in 12% of attempts.
“Ransomware binaries are often delivered from compromised websites, which should serve as a reminder for site administrators to maintain up-to-date web applications to minimize the impact of known vulnerabilities,” the researchers noted.