A study published by cybersecurity firm, Proofpoint, shows an increase in email-based phishing attacks used to deliver ransomware over the last few months.

According to the report, first-stage deployments of ransomware are reportedly on the rise and have mostly been targeting the United States, France, Germany, Greece, and Italy.

The attacks appear to be capitalizing on the influx of people now working from home amid the COVID-19 pandemic. Research additionally indicates that the ransom demands are very low compared to the amounts usually seen in these attacks.

Lower than average ransoms

A ransomware application called “Mr. Robot” has mostly targeted people and companies across the U.S. in the past. Findings suggest that this has changed in recent months, however, with home users becoming the main victims of the attack. To reflect the software’s new use case, ransom amounts have dropped as low as $100 in Bitcoin (BTC).

A ransomware known as Avaddon distributed over one million messages in a single week. It too is known to target U.S. companies and individuals.

“24/7 support” offered by Avaddon’s hackers

The hackers behind Avaddon often demand $800 ransom payments in cryptocurrency such as Bitcoin. Interestingly, this particular team provides a “24/7 support” service to its victims which offers them advice on how to pay the ransom and how cryptocurrencies work.

In recent days, Cybersecurity firm Symantec blocked a ransomware attack directed at 30 U.S.-based firms and Fortune 500 companies.