---
title: "The Problems With Paying a Phishing Ransom | Phish Protection"
description: "If you haven"
image: "https://phishprotection.com/og/blog/the-problems-with-paying-a-phishing-ransom.png"
canonical: "https://phishprotection.com/blog/the-problems-with-paying-a-phishing-ransom/"
---

Quick Answer

If you haven't been paying attention, a lot of organizations have been hit by ransomware lately, \_almost all of which are triggered by a phishing email\_. Hackers use all types of exploits to extract money from their victims too. Their favorite, by far, is to \_encrypt the victim's hard drive with a promise to decrypt it if the ransom is paid\_, usually in something untraceable like Bitcoin.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-problems-with-paying-a-phishing-ransom%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=The%20Problems%20With%20Paying%20a%20Phishing%20Ransom&url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-problems-with-paying-a-phishing-ransom%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-problems-with-paying-a-phishing-ransom%2F "Share on Facebook") [ ](https://reddit.com/submit?url=https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-problems-with-paying-a-phishing-ransom%2F&title=The%20Problems%20With%20Paying%20a%20Phishing%20Ransom "Share on Reddit") [ ](mailto:?subject=The%20Problems%20With%20Paying%20a%20Phishing%20Ransom&body=Check out this article: https%3A%2F%2Fphishprotection.com%2Fblog%2Fthe-problems-with-paying-a-phishing-ransom%2F "Share via Email") 

![Phish Protection blog post image](https://media.mailhop.org/phishprotection/images/2019/06/phishing-prevention-tips-1475.jpg) 

If you haven’t been paying attention, a lot of organizations have been hit by ransomware lately, _almost all of which are triggered by a phishing email_. Hackers use all types of exploits to extract money from their victims too. Their favorite, by far, is to _encrypt the victim’s hard drive with a promise to decrypt it if the ransom is paid_, usually in something untraceable like Bitcoin.

Local governments seem to be particularly vulnerable to this type of attack.[ Riviera Beach, FL](https://www.securityweek.com/florida-city-pays-600000-ransom-save-computer-records) was hit with a $600,000 ransom recently and[ Jackson County, GA](https://www.scmagazine.com/home/security-news/data-breach/jackson-county-geogia-pays-400000-ransom-to-release-files/) was asked to pay $400,000\. As[ Scott Simon of NPR](https://www.npr.org/2019/06/22/735005802/hackers-use-ransomware-to-attack-cities) put it, “American cities are being taken hostage, not by bandits in ski masks, but _cybercriminals who use so-called ransomware to shut down critical systems until the cities pay up_.”

These are not isolated incidents. According to an[ article on JD Supra](https://www.jdsupra.com/legalnews/ransomware-attacks-targeting-cities-and-60139/), “Recent studies show that over 170 **ransomware attacks** have hit U.S. cities and local governments in the past six years. In 2018 alone, over 50 ransomware attacks have targeted local governments, and at least 21 similar incidents have already occurred this year.”

The scary thing is,[ it’s going to get worse](https://news.vice.com/en%5Fus/article/vb9p5b/us-cities-are-under-attack-from-ransomware-and-its-going-to-get-much-worse).

![Phishing prevention tips](https://media.mailhop.org/phishprotection/images/2019/06/phishing-prevention-tips-1475.jpg) 

If you do get hit by ransomware, you have two choices: pay it or don’t pay it. The city of[ Baltimore, MD was hit with a ransomware attack](https://arstechnica.com/information-technology/2019/06/a-tale-of-two-cities-why-ransomware-will-just-get-worse/) in which the attackers requested $76,000 worth of Bitcoin. But Baltimore refused to pay. To date, the city has paid an estimated $18 million to try and recover their systems.

Perhaps you think paying the ransom is the way to go. Maybe. That’s the choice Riviera Beach made. But there’s two gigantic problems with paying the ransom. First, there’s no guarantee paying the ransom will actually get you your data back. Afterall, getting your data back requires less-than-honorable folks to do something honorable and keep their word. You may be just throwing your money away.

There’s an even bigger problem to paying the ransom though. Hackers now know you’ll pay up, which means you more likely to get hit again. And sooner rather than later.

What to do? It will take time just to get your old systems up and running and now you have to worry about new attacks. What you need is a quick, inexpensive way to protect your entire organization from the “second wave” of **phishing attacks**. Something that will keep your employees safe without waiting for the old systems to come back up. Something that doesn’t require you to purchase any hardware or software. And something that only requires about 10 minutes of your IT staff’s time, because they’re really busy. Does such a thing exist? Yes!

![Phishing prevention best practices](https://media.mailhop.org/phishprotection/images/2019/06/phishing-prevention-best-practices-5176.jpg) 

What you need is cloud-based, [email security service](/) with **real-time link click protection**. What you need is[ Phish Protection](/). Nothing to buy. Nothing to configure. Up and running in 10 minutes. Works with most email services include [Office 365 security](/office-365-phishing-protection/) and G Suite.

What’s included with Phish Protection? How about:

- Smart quarantine
- Real-time click protection
- Display name spoofing protection
- Domain name spoofing protection
- Malicious attachment blocking
- Works on all devices
- And much more

Protect your employees for less than 30₵/day. Seems cheap compared to paying a ransom. What are you waiting for?[ Try it here free for 30 days](/pricing/). No credit card required.

## Topics

[ Phishing ](/tags/phishing/) 

![Brad Slavin](https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg) 

[ Brad Slavin ](/authors/brad-slavin/) 

General Manager

Founder and General Manager of DuoCircle. Product strategy and commercial lead across DuoCircle's 2,000+ customer base.

[LinkedIn Profile →](https://www.linkedin.com/in/bradslavin) 

## Protect your inbox from phishing attacks

Real-time email security with 60-day free trial. No credit card required.

[Start Free Trial](https://portal.duocircle.com/cart.php?a=add&pid=101&brand=phishprotection) [View Pricing](/pricing/) 

## Related Articles

[  Foundational 5m  0ktapus, Okta Breach Helps Attackers Launch Sophisticated Supply Chain Attacks  Sep 5, 2022 ](/blog/0ktapus-okta-breach-helps-attackers-launch-sophisticated-supply-chain-attacks/)[  Foundational 4m  13 Spear Phishing Attacks Examples To Justify Investment For Phishing Prevention Solutions In Your Organization  Aug 1, 2019 ](/blog/13-spear-phishing-attacks-examples-to-justify-investment-for-phishing-prevention-solutions-in-your-organization/)[  Foundational 4m  All 14 centers of Kettering Health were affected by a massive ransomware attack, Major outage in the Ohio medical center  May 23, 2025 ](/blog/14-centers-of-kettering-health-were-affected-by-massive-ransomware-attack-in-ohio-medical-center/)[  Foundational 4m  2021 Phishing Trends You Need To Be Wary Of  Aug 2, 2021 ](/blog/2021-phishing-trends-to-be-wary-of/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"Phish Protection","url":"https://phishprotection.com","description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"The Problems With Paying a Phishing Ransom","description":"If you haven't been paying attention, a lot of organizations have been hit by ransomware lately, almost all of which are triggered by a phishing email.","url":"https://phishprotection.com/blog/the-problems-with-paying-a-phishing-ransom/","datePublished":"2019-06-26T12:41:02.000Z","dateModified":"2026-04-17T15:43:10.000Z","dateCreated":"2019-06-26T12:41:02.000Z","author":{"@type":"Person","@id":"https://phishprotection.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://phishprotection.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin is the founder and General Manager of DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. He founded DuoCircle in 2014 and has led the company's growth to 2,000+ customers across its email security product family. Brad's focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/phishprotection/images/authors/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"Phish Protection","url":"https://phishprotection.com","logo":{"@type":"ImageObject","url":"https://phishprotection.com/images/phishprotection-logo.png"},"description":"Advanced phishing protection and email security for businesses. Real-time threat defense, time-of-click protection, and seamless Office 365 integration.","parentOrganization":{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138883901","name":"DuoCircle LLC","url":"https://www.duocircle.com","sameAs":["https://www.wikidata.org/wiki/Q138883901","https://www.crunchbase.com/organization/duocircle-llc","https://www.linkedin.com/company/duocircle","https://github.com/duocircle"],"subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://github.com/duocircle"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://phishprotection.com/contact/"},"knowsAbout":["Phishing Protection","Email Security","Anti-Phishing","Business Email Compromise","Ransomware Protection","Time of Click Protection","Office 365 Email Security","Advanced Threat Defense"]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://phishprotection.com/blog/the-problems-with-paying-a-phishing-ransom/"},"articleSection":"foundational","keywords":"Phishing","wordCount":567,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/phishprotection/images/2019/06/phishing-prevention-tips-1475.jpg","caption":"Phish Protection blog post image","width":1200,"height":630},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://phishprotection.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://phishprotection.com/blog/"},{"@type":"ListItem","position":3,"name":"Foundational","item":"https://phishprotection.com/foundational/"},{"@type":"ListItem","position":4,"name":"The Problems With Paying a Phishing Ransom","item":"https://phishprotection.com/blog/the-problems-with-paying-a-phishing-ransom/"}]}
```