Story image

Something old, nothing new: Cybercrims still rely on spam

06 Aug 2018

Cybercriminals may be experimenting with new ways to distribute their wares across the internet, but it turns out they still rely on the same techniques they have been using for decades: spam.

Research from security firm F-Secure found that spam remain the most common way of spreading malware, scams, and malicious URLs, even 40 years since the first email spam was sent.

“Email spam is once again the most popular choice for sending out malware,” comments F-Secure threat intelligence researcher Päivi Tynninen.

“Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites.”

Despite new attack methods, spam has actually become more popular – it still relies on mass email sends that can catch a small number of users.

And there’s even psychology behind it. MWR InfoSecurity behavioural science lead Adam Sheehan says that spam is a successful attack vector. Click rates have increased from 13.4% to 14.2% in the space of six months.

Spam also uses specific psychological tactics to snare as many users as possible.

According to F-Secure, the probability of a recipient opening an email increases 12% if the email claims to come from a known individual.

In addition, if a subject line is free from errors, it improves spam’s success rate by 4.5%

A phishing email states that its call to action that is very urgent gets less traction than when the urgency is implied.

While many people are becoming wise to the dangers of opening suspicious emails and clicking on unsolicited attachments, criminals are branching out and using methods other than attachments.

“Rather than just using malicious attachments, the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to site hosting malicious content. The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible,” Päivi says.

“And when attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file.”

 F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. Its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers. The company has also participated in a number of European cybercrime investigations.

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.