Story image

Something old, nothing new: Cybercrims still rely on spam

06 Aug 18

Cybercriminals may be experimenting with new ways to distribute their wares across the internet, but it turns out they still rely on the same techniques they have been using for decades: spam.

Research from security firm F-Secure found that spam remain the most common way of spreading malware, scams, and malicious URLs, even 40 years since the first email spam was sent.

“Email spam is once again the most popular choice for sending out malware,” comments F-Secure threat intelligence researcher Päivi Tynninen.

“Of the spam samples we’ve seen over spring of 2018, 46% are dating scams, 23% are emails with malicious attachments, and 31% contain links to malicious websites.”

Despite new attack methods, spam has actually become more popular – it still relies on mass email sends that can catch a small number of users.

And there’s even psychology behind it. MWR InfoSecurity behavioural science lead Adam Sheehan says that spam is a successful attack vector. Click rates have increased from 13.4% to 14.2% in the space of six months.

Spam also uses specific psychological tactics to snare as many users as possible.

According to F-Secure, the probability of a recipient opening an email increases 12% if the email claims to come from a known individual.

In addition, if a subject line is free from errors, it improves spam’s success rate by 4.5%

A phishing email states that its call to action that is very urgent gets less traction than when the urgency is implied.

While many people are becoming wise to the dangers of opening suspicious emails and clicking on unsolicited attachments, criminals are branching out and using methods other than attachments.

“Rather than just using malicious attachments, the spam we’re seeing often features a URL that directs you to a harmless site, which then redirects you to site hosting malicious content. The extra hop is an analysis evasion method for keeping the malicious content hosted for as long as possible,” Päivi says.

“And when attachments are used, the criminals often attempt to avoid automatic analysis by asking the user to enter a password featured in the body of the email to open the file.”

 F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. Its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers. The company has also participated in a number of European cybercrime investigations.

AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.