While WannaCry rampaged through more than 100 countries over the weekend, security researchers identified a "kill switch" within the ransomware that slowed the expansion. New versions of the malware are already emerging that could revitalize the cybercrime wave, however.
Phishing attacks, in which hackers send bogus emails to gain passwords or data, are the "delivery model of choice for ransomware," Evercore analyst Ken Talanian noted in a weekend report on the outbreak.
Attackers are also seeking more money, according to Symantec (SYMC) . The average ransomware demand jumped from $294 in 2015 to $1,077 last year, the security company noted in its annual global report on cyber attacks in April.
The risk may be closer than most email subscribers realize. Symantec found that 1 in 131 emails contained a malicious link or attachment last year.
Shares of Symantec gained 3.8% to $32.20 on Monday morning.